From c22354e2f59f48f665262cb2941704ac3afbce83 Mon Sep 17 00:00:00 2001 From: gojimmypi Date: Fri, 5 Sep 2025 17:08:04 -0700 Subject: [PATCH] Exclude wolfssl certs_test.h from Espressif user_settings.h --- .../wolfssl/include/user_settings.h | 25 ++++--------------- .../wolfssl/include/user_settings.h | 25 ++++--------------- .../wolfssl/include/user_settings.h | 25 ++++--------------- .../wolfssl_client/main/include/client-tls.h | 19 ++++++++++++-- .../wolfssl/include/user_settings.h | 25 ++++--------------- .../wolfssl_server/main/include/server-tls.h | 18 +++++++++++++ .../wolfssl/include/user_settings.h | 25 ++++--------------- 7 files changed, 60 insertions(+), 102 deletions(-) diff --git a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h index a51634417..9c14dc9df 100644 --- a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h @@ -30,7 +30,7 @@ /* This user_settings.h is for Espressif ESP-IDF * - * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1 + * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.8.2-1 certs * * Do not include any wolfssl headers here. * @@ -257,11 +257,6 @@ #define WOLFSSL_AES_DIRECT #endif -/* Pick a cert buffer size: */ -/* #define USE_CERT_BUFFERS_2048 */ -/* #define USE_CERT_BUFFERS_1024 */ -#define USE_CERT_BUFFERS_2048 - /* The Espressif sdkconfig will have chipset info. ** ** Some possible values: @@ -377,10 +372,6 @@ /* #define DEBUG_WOLFSSL */ #define DEBUG_WOLFSSL_MALLOC -/* See test.c that sets cert buffers; we'll set them here: */ -#define USE_CERT_BUFFERS_256 -#define USE_CERT_BUFFERS_2048 - /* RSA_LOW_MEM: Half as much memory but twice as slow. */ #define RSA_LOW_MEM @@ -678,9 +669,6 @@ #undef HAVE_AESGCM #define HAVE_AESGCM -#else - /* default settings */ - #define USE_CERT_BUFFERS_2048 #endif /* Chipset detection from sdkconfig.h @@ -1058,10 +1046,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_1024 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_2048 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1085,10 +1072,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_2048 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_1024 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1108,7 +1094,6 @@ Turn on timer debugging (used when CPU cycles not available) #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 #else /* Optionally define custom cert arrays, sizes, and types here */ - #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024" #endif #endif /* Conditional key and cert constant names */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h index a51634417..9c14dc9df 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h @@ -30,7 +30,7 @@ /* This user_settings.h is for Espressif ESP-IDF * - * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1 + * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.8.2-1 certs * * Do not include any wolfssl headers here. * @@ -257,11 +257,6 @@ #define WOLFSSL_AES_DIRECT #endif -/* Pick a cert buffer size: */ -/* #define USE_CERT_BUFFERS_2048 */ -/* #define USE_CERT_BUFFERS_1024 */ -#define USE_CERT_BUFFERS_2048 - /* The Espressif sdkconfig will have chipset info. ** ** Some possible values: @@ -377,10 +372,6 @@ /* #define DEBUG_WOLFSSL */ #define DEBUG_WOLFSSL_MALLOC -/* See test.c that sets cert buffers; we'll set them here: */ -#define USE_CERT_BUFFERS_256 -#define USE_CERT_BUFFERS_2048 - /* RSA_LOW_MEM: Half as much memory but twice as slow. */ #define RSA_LOW_MEM @@ -678,9 +669,6 @@ #undef HAVE_AESGCM #define HAVE_AESGCM -#else - /* default settings */ - #define USE_CERT_BUFFERS_2048 #endif /* Chipset detection from sdkconfig.h @@ -1058,10 +1046,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_1024 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_2048 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1085,10 +1072,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_2048 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_1024 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1108,7 +1094,6 @@ Turn on timer debugging (used when CPU cycles not available) #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 #else /* Optionally define custom cert arrays, sizes, and types here */ - #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024" #endif #endif /* Conditional key and cert constant names */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h index a51634417..9c14dc9df 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h @@ -30,7 +30,7 @@ /* This user_settings.h is for Espressif ESP-IDF * - * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1 + * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.8.2-1 certs * * Do not include any wolfssl headers here. * @@ -257,11 +257,6 @@ #define WOLFSSL_AES_DIRECT #endif -/* Pick a cert buffer size: */ -/* #define USE_CERT_BUFFERS_2048 */ -/* #define USE_CERT_BUFFERS_1024 */ -#define USE_CERT_BUFFERS_2048 - /* The Espressif sdkconfig will have chipset info. ** ** Some possible values: @@ -377,10 +372,6 @@ /* #define DEBUG_WOLFSSL */ #define DEBUG_WOLFSSL_MALLOC -/* See test.c that sets cert buffers; we'll set them here: */ -#define USE_CERT_BUFFERS_256 -#define USE_CERT_BUFFERS_2048 - /* RSA_LOW_MEM: Half as much memory but twice as slow. */ #define RSA_LOW_MEM @@ -678,9 +669,6 @@ #undef HAVE_AESGCM #define HAVE_AESGCM -#else - /* default settings */ - #define USE_CERT_BUFFERS_2048 #endif /* Chipset detection from sdkconfig.h @@ -1058,10 +1046,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_1024 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_2048 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1085,10 +1072,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_2048 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_1024 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1108,7 +1094,6 @@ Turn on timer debugging (used when CPU cycles not available) #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 #else /* Optionally define custom cert arrays, sizes, and types here */ - #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024" #endif #endif /* Conditional key and cert constant names */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h index a38145fb9..b39e88782 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h @@ -21,8 +21,23 @@ #ifndef _CLIENT_TLS_H_ #define _CLIENT_TLS_H_ -/* Local project, auto-generated configuration */ -#include "sdkconfig.h" +/* This example uses wolfssl test certificates */ +#if 1 + /* See wolfssl/certs_test.h */ + #if defined(CONFIG_IDF_TARGET_ESP32C2) || \ + defined(CONFIG_IDF_TARGET_ESP8684) || \ + defined(CONFIG_IDF_TARGET_ESP8266) + /* Use smaller certs for low-memory devices */ + #define USE_CERT_BUFFERS_1024 + #else + #define USE_CERT_BUFFERS_2048 + #endif + + /* always include smallest testing 32 byte RSA/ECC keys */ + #define USE_CERT_BUFFERS_256 +#else + /* define your own certificate macros; see user_settings.h */ +#endif #include #include diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h index a51634417..9c14dc9df 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h @@ -30,7 +30,7 @@ /* This user_settings.h is for Espressif ESP-IDF * - * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1 + * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.8.2-1 certs * * Do not include any wolfssl headers here. * @@ -257,11 +257,6 @@ #define WOLFSSL_AES_DIRECT #endif -/* Pick a cert buffer size: */ -/* #define USE_CERT_BUFFERS_2048 */ -/* #define USE_CERT_BUFFERS_1024 */ -#define USE_CERT_BUFFERS_2048 - /* The Espressif sdkconfig will have chipset info. ** ** Some possible values: @@ -377,10 +372,6 @@ /* #define DEBUG_WOLFSSL */ #define DEBUG_WOLFSSL_MALLOC -/* See test.c that sets cert buffers; we'll set them here: */ -#define USE_CERT_BUFFERS_256 -#define USE_CERT_BUFFERS_2048 - /* RSA_LOW_MEM: Half as much memory but twice as slow. */ #define RSA_LOW_MEM @@ -678,9 +669,6 @@ #undef HAVE_AESGCM #define HAVE_AESGCM -#else - /* default settings */ - #define USE_CERT_BUFFERS_2048 #endif /* Chipset detection from sdkconfig.h @@ -1058,10 +1046,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_1024 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_2048 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1085,10 +1072,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_2048 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_1024 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1108,7 +1094,6 @@ Turn on timer debugging (used when CPU cycles not available) #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 #else /* Optionally define custom cert arrays, sizes, and types here */ - #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024" #endif #endif /* Conditional key and cert constant names */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h index 03781b2bd..a1d12ad2c 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h @@ -21,6 +21,24 @@ #ifndef _SERVER_TLS_ #define _SERVER_TLS_ +/* This example uses wolfssl test certificates */ +#if 1 + /* See wolfssl/certs_test.h */ + #if defined(CONFIG_IDF_TARGET_ESP32C2) || \ + defined(CONFIG_IDF_TARGET_ESP8684) || \ + defined(CONFIG_IDF_TARGET_ESP8266) + /* Use smaller certs for low-memory devices */ + #define USE_CERT_BUFFERS_1024 + #else + #define USE_CERT_BUFFERS_2048 + #endif + + /* always include smallest testing 32 byte RSA/ECC keys */ + #define USE_CERT_BUFFERS_256 +#else + /* define your own certificate macros; see user_settings.h */ +#endif + #include /* includes wolfSSL user-settings.h */ #include #include "sdkconfig.h" diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h index a51634417..9c14dc9df 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h @@ -30,7 +30,7 @@ /* This user_settings.h is for Espressif ESP-IDF * - * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1 + * Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.8.2-1 certs * * Do not include any wolfssl headers here. * @@ -257,11 +257,6 @@ #define WOLFSSL_AES_DIRECT #endif -/* Pick a cert buffer size: */ -/* #define USE_CERT_BUFFERS_2048 */ -/* #define USE_CERT_BUFFERS_1024 */ -#define USE_CERT_BUFFERS_2048 - /* The Espressif sdkconfig will have chipset info. ** ** Some possible values: @@ -377,10 +372,6 @@ /* #define DEBUG_WOLFSSL */ #define DEBUG_WOLFSSL_MALLOC -/* See test.c that sets cert buffers; we'll set them here: */ -#define USE_CERT_BUFFERS_256 -#define USE_CERT_BUFFERS_2048 - /* RSA_LOW_MEM: Half as much memory but twice as slow. */ #define RSA_LOW_MEM @@ -678,9 +669,6 @@ #undef HAVE_AESGCM #define HAVE_AESGCM -#else - /* default settings */ - #define USE_CERT_BUFFERS_2048 #endif /* Chipset detection from sdkconfig.h @@ -1058,10 +1046,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_1024 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_2048 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1085,10 +1072,9 @@ Turn on timer debugging (used when CPU cycles not available) #error "USE_CERT_BUFFERS_2048 is already defined. Pick one." #endif - /* Be sure to include in app when using example certs: */ - #include + /* Be sure to include in app, not here, when using example certs: */ + /* #include */ - #define USE_CERT_BUFFERS_256 #define CTX_CA_CERT ca_cert_der_1024 #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024 #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 @@ -1108,7 +1094,6 @@ Turn on timer debugging (used when CPU cycles not available) #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 #else /* Optionally define custom cert arrays, sizes, and types here */ - #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024" #endif #endif /* Conditional key and cert constant names */