From 68fb183fa622b9655efa2300cb785a5996991145 Mon Sep 17 00:00:00 2001 From: gojimmypi Date: Tue, 13 Feb 2024 03:01:40 -0800 Subject: [PATCH] Update TLS client example for Espressif ESP8266 --- .../ESP-IDF/examples/wolfssl_client/Makefile | 128 +++++++- .../ESP-IDF/examples/wolfssl_client/README.md | 122 +++++++- .../VisualGDB/wolfssl_client_IDF_v5_ESP32.sln | 5 + .../components/wolfssl/CMakeLists.txt | 4 +- .../components/wolfssl/component.mk | 284 ++++++++++++++--- .../wolfssl/include/user_settings.h | 199 +++++++++--- .../examples/wolfssl_client/main/client-tls.c | 122 ++++---- .../examples/wolfssl_client/main/component.mk | 6 +- .../wolfssl_client/main/include/client-tls.h | 26 +- .../wolfssl_client/main/include/main.h | 4 +- .../wolfssl_client/main/include/time_helper.h | 15 +- .../main/include/wifi_connect.h | 58 +++- .../examples/wolfssl_client/main/main.c | 114 ++++--- .../wolfssl_client/main/time_helper.c | 162 ++++++---- .../wolfssl_client/main/wifi_connect.c | 136 +++++++- .../wolfssl_client/sdkconfig.defaults | 29 +- .../wolfssl_client_ESP8266.vgdbproj | 292 ++++++++++++++++++ IDE/Espressif/README.md | 43 ++- IDE/Espressif/include.am | 1 + wolfcrypt/benchmark/benchmark.c | 2 +- wolfcrypt/src/port/Espressif/esp32_mp.c | 10 +- wolfcrypt/src/port/Espressif/esp32_sha.c | 5 +- wolfcrypt/src/port/Espressif/esp32_util.c | 10 +- wolfcrypt/src/sha256.c | 2 +- wolfcrypt/src/sha512.c | 5 +- .../wolfcrypt/port/Espressif/esp32-crypt.h | 9 + 26 files changed, 1467 insertions(+), 326 deletions(-) create mode 100644 IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile index f3854ff18d..45d4b1d264 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile @@ -1,12 +1,134 @@ +# ESP8266 Project Makefile for wolfssl_client # -# This is a project Makefile. It is assumed the directory this Makefile resides in is a -# project subdirectory. +# Copyright (C) 2006-2024 wolfSSL Inc. +# +# This file is part of wolfSSL. +# +# wolfSSL is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# wolfSSL is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA # +# +# This is a project Makefile. +# It is assumed the directory this Makefile resides in is a +# project subdirectory containing an entire project. +# +# Optional private config headers. Define environment variables +# to include various default header files that are typically +# not in a git path, and thus excluded from being checked in. +# +# Environment Variable Name | Header file name included +# ---------------------------------- | --------------------------------------- +# MY_PRIVATE_CONFIG (files detected / selected in header) +# USE_MY_PRIVATE_WSL_CONFIG /mnt/c/workspace/my_private_config.h +# USE_MY_PRIVATE_MAC_CONFIG ~/Documents/my_private_config.h +# USE_MY_PRIVATE_LINUX_CONFIG ~/workspace/my_private_config.h +# USE_MY_PRIVATE_WINDOWS_CONFIG /workspace/my_private_config.h +# +# PROJECT_NAME := wolfssl_client +MY_PRIVATE_CONFIG ?= n +USE_MY_PRIVATE_WSL_CONFIG ?= n +USE_MY_PRIVATE_MAC_CONFIG ?= n +USE_MY_PRIVATE_LINUX_CONFIG ?= n +USE_MY_PRIVATE_WINDOWS_CONFIG ?= n + +# Calling shell causes unintuitive error in Windows: +# OS := $(shell uname -s) +# +# But OS, or MY_PRIVATE_CONFIG should already be defined: +$(info ************* wolfssl_client *************) + +ifeq ($(MY_PRIVATE_CONFIG),y) + CFLAGS += -DMY_PRIVATE_CONFIG + $(info Enabled MY_PRIVATE_CONFIG") +endif + +# Check for Windows environment variable: USE_MY_PRIVATE_WINDOWS_CONFIG +ifeq ($(USE_MY_PRIVATE_WINDOWS_CONFIG),y) + # This hard coded MY_CONFIG_FILE value must match that in the header file. + MY_CONFIG_FILE := /workspace/my_private_config.h + ifeq ($(wildcard $(MY_CONFIG_FILE)),) + $(info File does not exist: $(MY_CONFIG_FILE)) + else + CFLAGS += -DUSE_MY_PRIVATE_WINDOWS_CONFIG + $(info Using private config file for: Windows) + endif +endif + +# Check for WSL environment variable: USE_MY_PRIVATE_WSL_CONFIG +ifeq ($(USE_MY_PRIVATE_WSL_CONFIG),y) + # This hard coded MY_CONFIG_FILE value must match that in the header file. + MY_CONFIG_FILE := /mnt/c/workspace/my_private_config.h + ifeq ($(wildcard $(MY_CONFIG_FILE)),) + $(info File does not exist: $(MY_CONFIG_FILE)) + else + CFLAGS += -DUSE_MY_PRIVATE_WSL_CONFIG + $(info Using private config file for: WSL) + endif +endif + +# Check for Linux environment variable: USE_MY_PRIVATE_LINUX_CONFIG +ifeq ($(USE_MY_PRIVATE_LINUX_CONFIG),y) + # This hard coded MY_CONFIG_FILE value must match that in the header file. + MY_CONFIG_FILE := ~/workspace/my_private_config.h + ifeq ($(wildcard $(MY_CONFIG_FILE)),) + $(info File does not exist: $(MY_CONFIG_FILE)) + else + CFLAGS += -DUSE_MY_PRIVATE_LINUX_CONFIG + $(info Using private config file for: Linux) + endif +endif + +# Check for Mac environment variable: USE_MY_PRIVATE_MAC_CONFIG +ifeq ($(USE_MY_PRIVATE_MAC_CONFIG),y) + # This hard coded MY_CONFIG_FILE value must match that in the header file. + MY_CONFIG_FILE := ~/Documents/my_private_config.h + ifeq ($(wildcard $(MY_CONFIG_FILE)),) + $(info File does not exist: $(MY_CONFIG_FILE)) + else + CFLAGS += -DUSE_MY_PRIVATE_MAC_CONFIG + $(info Using private config file for: Mac) + endif +endif + +ifneq ($(OS),MY_PRIVATE_CONFIG) + CFLAGS += -DMY_PRIVATE_CONFIG="$(MY_PRIVATE_CONFIG)" +else + ifeq ($(OS),Linux) + CFLAGS += -DOS_LINUX + endif + ifeq ($(OS),Windows_NT) + CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_WINDOWS + endif + ifeq ($(OS),Darwin) + CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_APPLE + endif + ifneq (,$(findstring MINGW,$(OS))) + CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_MINGW + endif + ifneq (,$(findstring CYGWIN,$(OS))) + CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_CYGWIN + endif +endif + +# It is essential that the build process sees the WOLFSSL_USER_SETTINGS CFLAGS += -DWOLFSSL_USER_SETTINGS -# if there isn't the directory, please disable the line below. + +# if directory not available, please disable the line below. EXTRA_COMPONENT_DIRS = $(IDF_PATH)/examples/common_components/protocol_examples_common +# The Standard Espressif IDF include: include $(IDF_PATH)/make/project.mk diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md index 21855add8f..1bfd0cc88c 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md @@ -8,12 +8,50 @@ When using the CLI, see the [example parameters](/IDE/Espressif/ESP-IDF/examples For general information on [wolfSSL examples for Espressif](../README.md), see the [README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file. -## VisualGDB +## Quick Start + +Use the [ESP-IDF](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/index.html) +for ESP32 or [RTOS SDK](https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html) +for the ESP8266. + +Run `menuconfig` utility (`idf.py menuconfig` for ESP32 or `make menuconfig` for the ESP8266) +and set the various parameters for the target device, along with local WiFi settings: + +* Target Host: `CONFIG_WOLFSSL_TARGET_HOST` (The IP address of a listening server) +* Target Port: `CONFIG_WOLFSSL_TARGET_PORT` (Typically `11111`) +* Example WiFi SSID: `CONFIG_EXAMPLE_WIFI_SSID` (The WiFi that you want to connect to) +* Example WiFi Password: `CONFIG_EXAMPLE_WIFI_PASSWORD` (The WiFi password) + +The latest examples use makefiles that do not require local file copy installation of wolfSSL. + +Build and flash the software to see the example in action. + +## Quick Start with VisualGDB + +There are optional [VisualGDB](https://visualgdb.com/tutorials/esp8266/) project files in the +[VisualGDB](./VisualGDB) project subdirectory, and an ESP8266 project file in the project directory, +called `wolfssl_client_ESP8266.vgdbproj`. Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button. -No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`. +No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM19`. + +## Troubleshooting + +Weird results, odd messages, unexpected compiler errors? Manually delete the build directory and +any locally generated files (`sdkconfig`, `sdkconfig-debug`, etc.) and start over. + +The `build` directory is typically located in the root of the project directory: `[project]/build`. + + +Difficulty flashing: + +* Ensure the target device has a robust, stable, clean power supply. +* Check that quality USB cables are being used. +* Try lowering the flash baud rate in the `menuconfig`. The 115200 is typically reliable. +* Review board specifications: some require manual boot mode via on-board buttons. +* See [Espressif ESP Frequently Asked Questions](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf) -## ESP-IDF Commandline +## ESP-IDF Commandline v5.x 1. `idf.py menuconfig` to config the project @@ -38,9 +76,83 @@ When you want to test the wolfSSL client e.g. Launch ./examples/server/server -v 4 -b -i -d + +## VisualGDB for ESP8266 + +Reminder that we build with `make` and not `cmake` in VisualGDB. + +Build files will be created in `[project directory]\build` + +## ESP-IDF make Commandline (version 3.5 or earlier for the ESP8266) + +``` +export IDF_PATH=~/esp/ESP8266_RTOS_SDK + +``` + + +## ESP-IDF CMake Commandline (version 3.5 or earlier for the ESP8266) + +Build files will be created in `[project directory]\build\debug` + +``` +# Set your path to RTOS SDK, shown here for default from WSL with VisualGDB +WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4 +# or +WRK_IDF_PATH=~/esp/ESP8266_RTOS_SDK + +# Setup the environment +. $WRK_IDF_PATH/export.sh + +# install as needed / prompted +/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4/install.sh + +# Fetch wolfssl from GitHub if needed: +cd /workspace +git clone https://github.com/wolfSSL/wolfssl.git + +# change directory to wolfssl client example. +cd wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client + +# or for example, WSL with C:\workspace as home for git clones: +# cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_client + +# adjust settings as desired +idf.py menuconfig + + +idf.py build flash -p /dev/ttyS70 -b 115200 +idf.py monitor -p /dev/ttyS70 -b 74880 +``` + ## SM Ciphers -#### Working Linux Client to ESP32 Server +(TODO coming soon) +See https://github.com/wolfSSL/wolfsm + +#### Working Linux Client to ESP32 Server Example: + +``` +./examples/client/client -h 192.168.1.37 -p 11111 -v 3 +``` + +```text +-c Certificate file, default ./certs/client-cert.pem +-k Key file, default ./certs/client-key.pem +-A Certificate Authority file, default ./certs/ca-cert.pem +``` + +Example client, with default certs explicitly given: + +```bash +./examples/client/client -h 192.168.1.37 -p 11111 -v 3 -c ./certs/client-cert.pem -k ./certs/client-key.pem -A ./certs/ca-cert.pem +``` + +Example client, with RSA 1024 certs explicitly given: + +``` +./examples/client/client -h 192.168.1.37 -p 11111 -v 3 -c ./certs/1024/client-cert.pem -k ./certs/1024/client-key.pem -A ./certs/1024/ca-cert.pem +``` Command: @@ -48,7 +160,6 @@ Command: cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server . /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh idf.py flash -p /dev/ttyS19 -b 115200 monitor - ``` ``` @@ -75,4 +186,3 @@ I hear you fa shizzle! ``` See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md). - diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln index c46b3864f2..17f246f684 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln @@ -18,6 +18,10 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{5326 EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{A51226B3-88A7-4463-B443-0E321C4A3D53}" ProjectSection(SolutionItems) = preProject + ..\..\..\..\..\..\wolfssl\wolfcrypt\error-crypt.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\error-crypt.h + ..\..\..\..\..\..\wolfssl\error-ssl.h = ..\..\..\..\..\..\wolfssl\error-ssl.h + ..\main\Kconfig.projbuild = ..\main\Kconfig.projbuild + ..\build\VisualGDB\Debug\esp-idf\esp_system\ld\memory.ld = ..\build\VisualGDB\Debug\esp-idf\esp_system\ld\memory.ld ..\..\..\..\..\..\..\my_private_config.h = ..\..\..\..\..\..\..\my_private_config.h ..\partitions_singleapp_large.csv = ..\partitions_singleapp_large.csv ..\README.md = ..\README.md @@ -25,6 +29,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution ..\build\VisualGDB\Debug\config\sdkconfig.cmake = ..\build\VisualGDB\Debug\config\sdkconfig.cmake ..\sdkconfig.defaults = ..\sdkconfig.defaults ..\build\VisualGDB\Debug\config\sdkconfig.h = ..\build\VisualGDB\Debug\config\sdkconfig.h + ..\build\VisualGDB\Debug\esp-idf\esp_system\ld\sections.ld = ..\build\VisualGDB\Debug\esp-idf\esp_system\ld\sections.ld EndProjectSection EndProject Global diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt index e129a64efb..615142bacd 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt @@ -158,8 +158,8 @@ if(CMAKE_BUILD_EARLY_EXPANSION) idf_component_register( REQUIRES "${COMPONENT_REQUIRES}" PRIV_REQUIRES # esp_hw_support - esp_timer - driver # this will typically only be needed for wolfSSL benchmark + # esp_timer + # driver # this will typically only be needed for wolfSSL benchmark ) else() diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk index 5234a007e1..8184da11d0 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk @@ -1,40 +1,244 @@ -# -# Copyright (C) 2006-2023 wolfSSL Inc. -# -# This file is part of wolfSSL. -# -# wolfSSL is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# wolfSSL is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA -# -# -# Component Makefile -# - -COMPONENT_ADD_INCLUDEDIRS := . ./include - -COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos" -# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc" - -COMPONENT_SRCDIRS := src wolfcrypt/src -COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif -COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel -COMPONENT_SRCDIRS += wolfcrypt/benchmark -COMPONENT_SRCDIRS += wolfcrypt/test - -CFLAGS +=-DWOLFSSL_USER_SETTINGS - -COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o -COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o -COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o -COMPONENT_OBJEXCLUDE += src/bio.o +# +# Copyright (C) 2006-2023 wolfSSL Inc. +# +# This file is part of wolfSSL. +# +# wolfSSL is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# wolfSSL is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA +# + +# +# Component Makefile +# +# +# The Espressif Managed Components are only for newer versions of the ESP-IDF +# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later: +# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html +# https://components.espressif.com/ +# +# Usage: +# +# make flash +# +# make flash ESPPORT=/dev/ttyS55 +# +# make flash ESPBAUD=9600 +# +# make monitor ESPPORT=COM1 +# +# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200 +# +# export ESPPORT=/dev/ttyS55 +# +# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html +# + +# Although the project should define WOLFSSL_USER_SETTINGS, we'll also +# define it here: +CFLAGS +=-DWOLFSSL_USER_SETTINGS + +# NOTICE: the WOLFSSL_ROOT setting MUST be relative! +# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables +# In the wolfSSL GitHub examples for Espressif: +# https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples +# When this wolfssl component.mk makefile is in [project]/components/wolfssl +# The root is 7 directories up from here: +WOLFSSL_ROOT := ../../../../../../.. + +# NOTE: The wolfSSL include diretory (e.g. user_settings.h) is +# located HERE in THIS project, and *not* in the wolfSSL root. +COMPONENT_ADD_INCLUDEDIRS := ./include +COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/. +COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl +COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt +COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif +# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos +# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc" + +# wolfSSL +COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src + +# wolfcrypt +COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src + +# Espressif +COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif +COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel + +COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)/wolfcrypt/src/aes_asm.o +COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o +COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o +COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512_asm.o +COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_x25519_asm.o +COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/aes_gcm_x86_asm.o +COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/src/bio.o + + +## +## wolfSSL +## +COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o +# COMPONENT_OBJS += src/conf.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o +# COMPONENT_OBJS += src/pk.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o +# COMPONENT_OBJS += src/ssl_asn1.o +# COMPONENT_OBJS += src/ssl_bn.o +# COMPONENT_OBJS += src/ssl_certman.o +# COMPONENT_OBJS += src/ssl_crypto.o +# COMPONENT_OBJS += src/ssl_misc.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o +# COMPONENT_OBJS += src/x509.o +# COMPONENT_OBJS += src/x509_str.o + +## +## wolfcrypt +## +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_kyber.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o +# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber_poly.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o + +## +## Espressif +## +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o +COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o + +## +## wolfcrypt benchmark (optional) +## +## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o +## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark +## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark + + +## +## wolfcrypt test (optional) +## +## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o +## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test + +## +## wolfcrypt +## +# COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h index de5e247ce3..99b61e157c 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h @@ -1,6 +1,6 @@ /* user_settings.h * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -19,12 +19,16 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ +/* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.6.6-01 */ + /* This user_settings.h is for Espressif ESP-IDF */ #include +#define DEBUG_WOLFSSL +#define DEBUG_WOLFSSL_VERBOSE /* The Espressif sdkconfig will have chipset info. ** -** Possible values: +** Some possible values: ** ** CONFIG_IDF_TARGET_ESP32 ** CONFIG_IDF_TARGET_ESP32S2 @@ -37,7 +41,7 @@ #define WOLFSSL_ESPIDF /* - * choose ONE of these Espressif chips to define: + * ONE of these Espressif chipsets should be defined: * * WOLFSSL_ESP32 * WOLFSSL_ESPWROOM32SE @@ -46,8 +50,13 @@ #undef WOLFSSL_ESPWROOM32SE #undef WOLFSSL_ESP8266 #undef WOLFSSL_ESP32 +/* See below for chipset detection from sdkconfig.h */ -#define WOLFSSL_ESP32 +/* Small session cache saves a lot of RAM for ClientCache and SessionCache. + * Memory requirement is about 5KB, otherwise 20K is needed when not specified. + * If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K) + * When really desparate, try NO_SESSION_CACHE. */ +#define SMALL_SESSION_CACHE /* optionally turn off SHA512/224 SHA512/256 */ /* #define WOLFSSL_NOSHA512_224 */ @@ -62,6 +71,9 @@ #define BENCH_EMBEDDED #define USE_CERT_BUFFERS_2048 +#define WOLFSSL_SMALL_STACK +#define HAVE_ECC +#define RSA_LOW_MEM /* TLS 1.3 */ #define WOLFSSL_TLS13 @@ -79,7 +91,9 @@ #define HAVE_AESGCM -#define WOLFSSL_RIPEMD +/* Optional RIPEMD: RACE Integrity Primitives Evaluation Message Digest */ +/* #define WOLFSSL_RIPEMD */ + /* when you want to use SHA224 */ #define WOLFSSL_SHA224 @@ -87,24 +101,17 @@ #define WOLFSSL_SHA384 /* when you want to use SHA512 */ -#define WOLFSSL_SHA512 +/* #define WOLFSSL_SHA512 */ /* when you want to use SHA3 */ -#define WOLFSSL_SHA3 +/* #define WOLFSSL_SHA3 */ -#define HAVE_ED25519 /* ED25519 requires SHA512 */ +/* ED25519 requires SHA512 */ +/* #define HAVE_ED25519 */ -#define HAVE_ECC -#define HAVE_CURVE25519 -#define CURVE25519_SMALL -#define HAVE_ED25519 - - #define OPENSSL_EXTRA /* when you want to use pkcs7 */ /* #define HAVE_PKCS7 */ -#define HAVE_PKCS7 - #if defined(HAVE_PKCS7) #define HAVE_AES_KEYWRAP #define HAVE_X963_KDF @@ -125,7 +132,7 @@ /* #define CUSTOM_SLOT_ALLOCATION */ #endif -/* rsa primitive specific definition */ +/* RSA primitive specific definition */ #if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE) /* Define USE_FAST_MATH and SMALL_STACK */ #define ESP32_USE_RSA_PRIMITIVE @@ -145,8 +152,6 @@ #endif #endif -#define RSA_LOW_MEM - /* #define WOLFSSL_ATECC508A_DEBUG */ /* date/time */ @@ -173,10 +178,6 @@ /* #undef USE_FAST_MATH */ /* #define USE_INTEGER_HEAP_MATH */ - -#define WOLFSSL_SMALL_STACK - - #define HAVE_VERSION_EXTENDED_INFO /* #define HAVE_WC_INTROSPECTION */ @@ -190,7 +191,6 @@ #define WOLFSSL_CERT_EXT #define WOLFSSL_SYS_CA_CERTS - #define WOLFSSL_CERT_TEXT #define WOLFSSL_ASN_TEMPLATE @@ -203,7 +203,7 @@ #undef WOLFSSL_SYS_CA_CERTS */ -/* +/* command-line options --enable-keygen --enable-certgen --enable-certreq @@ -211,10 +211,11 @@ --enable-asn-template */ -/* Default is HW enabled unless turned off. -** Uncomment these lines to force SW instead of HW acceleration */ - +/* Chipset detection from sdkconfig.h + * Default is HW enabled unless turned off. + * Uncomment lines to force SW instead of HW acceleration */ #if defined(CONFIG_IDF_TARGET_ESP32) + #define WOLFSSL_ESP32 /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */ /* #define NO_ESP32_CRYPT */ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ @@ -232,6 +233,7 @@ /***** END CONFIG_IDF_TARGET_ESP32 *****/ #elif defined(CONFIG_IDF_TARGET_ESP32S2) + #define WOLFSSL_ESP32 /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */ /* #define NO_ESP32_CRYPT */ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ @@ -244,6 +246,7 @@ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/ #elif defined(CONFIG_IDF_TARGET_ESP32S3) + #define WOLFSSL_ESP32 /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */ /* #define NO_ESP32_CRYPT */ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ @@ -257,6 +260,7 @@ #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \ defined(CONFIG_IDF_TARGET_ESP8684) + #define WOLFSSL_ESP32 /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a * single QFN 4x4 mm package. Out of released documentation, Technical * Reference Manual as well as ESP-IDF Programming Guide is applicable @@ -282,6 +286,7 @@ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/ #elif defined(CONFIG_IDF_TARGET_ESP32C3) + #define WOLFSSL_ESP32 /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */ /* #define NO_ESP32_CRYPT */ @@ -299,6 +304,7 @@ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/ #elif defined(CONFIG_IDF_TARGET_ESP32C6) + #define WOLFSSL_ESP32 /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */ /* #define NO_ESP32_CRYPT */ @@ -315,6 +321,7 @@ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/ #elif defined(CONFIG_IDF_TARGET_ESP32H2) + #define WOLFSSL_ESP32 /* wolfSSL Hardware Acceleration not yet implemented */ #define NO_ESP32_CRYPT #define NO_WOLFSSL_ESP32_CRYPT_HASH @@ -323,15 +330,28 @@ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/ #elif defined(CONFIG_IDF_TARGET_ESP8266) - /* TODO: Revisit ESP8266 */ + #define WOLFSSL_ESP8266 + + /* There's no hardware encryption on the ESP8266 */ + /* Consider using the ESP32-C2/C3/C6 + * See https://www.espressif.com/en/products/socs/esp32-c2 */ #define NO_ESP32_CRYPT #define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_AES #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /***** END CONFIG_IDF_TARGET_ESP266 *****/ +#elif defined(CONFIG_IDF_TARGET_ESP8684) + /* There's no Hardware Acceleration available on ESP8684 */ + #define NO_ESP32_CRYPT + #define NO_WOLFSSL_ESP32_CRYPT_HASH + #define NO_WOLFSSL_ESP32_CRYPT_AES + #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI + /***** END CONFIG_IDF_TARGET_ESP8684 *****/ + #else /* Anything else encountered, disable HW accleration */ + #warning "Unexpected CONFIG_IDF_TARGET_NN value" #define NO_ESP32_CRYPT #define NO_WOLFSSL_ESP32_CRYPT_HASH #define NO_WOLFSSL_ESP32_CRYPT_AES @@ -392,12 +412,75 @@ #define ATCA_WOLFSSL */ -/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm +/***************************** Certificate Macros ***************************** + * + * The section below defines macros used in typically all of the wolfSSL + * examples such as the client and server for certs stored in header files. + * + * There are various certificate examples in this header file: + * https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h + * + * To use the sets of macros below, define *one* of these: + * + * USE_CERT_BUFFERS_1024 - ECC 1024 bit encoded ASN1 + * USE_CERT_BUFFERS_2048 - RSA 2048 bit encoded ASN1 + * WOLFSSL_SM[2,3,4] - SM Ciphers + * + * For example: define USE_CERT_BUFFERS_2048 to use CA Certs used in this + * wolfSSL function for the `ca_cert_der_2048` buffer, size and types: + * + * ret = wolfSSL_CTX_load_verify_buffer(ctx, + * CTX_CA_CERT, + * CTX_CA_CERT_SIZE, + * CTX_CA_CERT_TYPE); + * + * See https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_load_verify_buffer + * + * In this case the CTX_CA_CERT will be defined as `ca_cert_der_2048` as + * defined here: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h + * + * The CTX_CA_CERT_SIZE and CTX_CA_CERT_TYPE are similarly used to reference + * array size and cert type respectively. + * + * Similarly for loading the private client key: + * + * ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, + * CTX_CLIENT_KEY, + * CTX_CLIENT_KEY_SIZE, + * CTX_CLIENT_KEY_TYPE); + * + * see https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_use_privatekey_buffer + * + * Similarly, the other macros are for server certificates and keys: + * `CTX_SERVER_CERT` and `CTX_SERVER_KEY` are available. + * + * The certificate and key names are typically `static const unsigned char` + * arrays. The [NAME]_size are typically `sizeof([array name])`, and the types + * are the known wolfSSL encoding type integers (e.g. WOLFSSL_FILETYPE_PEM). + * + * See `SSL_FILETYPE_[name]` in + * https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/ssl.h + * + * See Abstract Syntax Notation One (ASN.1) in: + * https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/asn.h + * + * Optional SM4 Ciphers: + * + * Although the SM ciphers are shown here, the `certs_test_sm.h` may not yet + * be available. See: + * https://github.com/wolfSSL/wolfssl/pull/6825 + * https://github.com/wolfSSL/wolfsm + * + * Uncomment these 3 macros to enable the SM Ciphers and use the macros below. + */ + +/* #define WOLFSSL_SM2 #define WOLFSSL_SM3 #define WOLFSSL_SM4 */ +/* Conditional macros used in wolfSSL TLS client and server examples */ #if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4) #include #define CTX_CA_CERT root_sm2 @@ -413,15 +496,47 @@ #undef WOLFSSL_BASE16 #define WOLFSSL_BASE16 #else - #define USE_CERT_BUFFERS_2048 - #define USE_CERT_BUFFERS_256 - #define CTX_CA_CERT ca_cert_der_2048 - #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 - #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 - #define CTX_SERVER_CERT server_cert_der_2048 - #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048 - #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1 - #define CTX_SERVER_KEY server_key_der_2048 - #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048 - #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 -#endif + #if defined(USE_CERT_BUFFERS_2048) + #include + #define CTX_CA_CERT ca_cert_der_2048 + #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 + #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + + #define CTX_SERVER_CERT server_cert_der_2048 + #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048 + #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + #define CTX_SERVER_KEY server_key_der_2048 + #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048 + #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 + + #define CTX_CLIENT_CERT client_cert_der_2048 + #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048 + #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + #define CTX_CLIENT_KEY client_key_der_2048 + #define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048 + #define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1 + + #elif defined(USE_CERT_BUFFERS_1024) + #include + #define CTX_CA_CERT ca_cert_der_1024 + #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024 + #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + + #define CTX_CLIENT_CERT client_cert_der_1024 + #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_1024 + #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + #define CTX_CLIENT_KEY client_key_der_1024 + #define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_1024 + #define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1 + + #define CTX_SERVER_CERT server_cert_der_1024 + #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_1024 + #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1 + #define CTX_SERVER_KEY server_key_der_1024 + #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_1024 + #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1 + #else + /* Optionally define custom cert arrays, sizes, and types here */ + #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024" + #endif +#endif /* Conditional key and cert constant names */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c index 9d5d26dbe8..30388b3174 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c @@ -1,6 +1,6 @@ /* client-tls.c * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -18,7 +18,6 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ - #include "client-tls.h" /* Espressif FreeRTOS */ @@ -28,13 +27,15 @@ #include #endif +/* Espressif */ +#include + /* socket includes */ #include #include /* wolfSSL */ #include -#include "user_settings.h" #include #ifdef WOLFSSL_TRACK_MEMORY @@ -50,30 +51,6 @@ #define DEFAULT_MAX_DHKEY_BITS 2048 #endif -#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4) - #include - #define CTX_CA_CERT root_sm2 - #define CTX_CA_CERT_SIZE sizeof_root_sm2 - #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM - #define CTX_CLIENT_CERT client_sm2 - #define CTX_CLIENT_CERT_SIZE sizeof_client_sm2 - #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_PEM - #define CTX_CLIENT_KEY client_sm2_priv - #define CTX_CLIENT_KEY_SIZE sizeof_client_sm2_priv - #define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_PEM -#else - #include - #define CTX_CA_CERT ca_cert_der_2048 - #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048 - #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1 - #define CTX_CLIENT_CERT client_cert_der_2048 - #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048 - #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1 - #define CTX_CLIENT_KEY client_key_der_2048 - #define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048 - #define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1 -#endif - /* Project */ #include "wifi_connect.h" #include "time_helper.h" @@ -87,7 +64,7 @@ * -h 192.168.1.128 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C * **/ -static const char* const TAG = "tls_client"; +#define TAG "client-tls" #if defined(DEBUG_WOLFSSL) int stack_start = -1; @@ -264,29 +241,29 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args) * * reference code for SM Ciphers: * - #if defined(HAVE_AESGCM) && !defined(NO_DH) - #ifdef WOLFSSL_TLS13 - defaultCipherList = "TLS13-AES128-GCM-SHA256" - #ifndef WOLFSSL_NO_TLS12 - ":DHE-PSK-AES128-GCM-SHA256" - #endif - ; - #else - defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; + #if defined(HAVE_AESGCM) && !defined(NO_DH) + #ifdef WOLFSSL_TLS13 + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":DHE-PSK-AES128-GCM-SHA256" #endif - #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13) - defaultCipherList = "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256" - #ifndef WOLFSSL_NO_TLS12 - ":PSK-AES128-GCM-SHA256" - #endif - ; - #elif defined(HAVE_NULL_CIPHER) - defaultCipherList = "PSK-NULL-SHA256"; - #elif !defined(NO_AES_CBC) - defaultCipherList = "PSK-AES128-CBC-SHA256"; + ; #else - defaultCipherList = "PSK-AES128-GCM-SHA256"; + defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; #endif + #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13) + defaultCipherList = "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":PSK-AES128-GCM-SHA256" + #endif + ; + #elif defined(HAVE_NULL_CIPHER) + defaultCipherList = "PSK-NULL-SHA256"; + #elif !defined(NO_AES_CBC) + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #else + defaultCipherList = "PSK-AES128-GCM-SHA256"; + #endif */ ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE); @@ -294,16 +271,16 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args) ESP_LOGI(TAG, "Set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE); } else { - ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE); + ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n", + WOLFSSL_ESP32_CIPHER_SUITE); } #endif #ifdef DEBUG_WOLFSSL ShowCiphers(NULL); - ESP_LOGI(TAG, - "Stack used: %d\n", - CONFIG_ESP_MAIN_TASK_STACK_SIZE - - uxTaskGetStackHighWaterMark(NULL)); + ESP_LOGI(TAG, "Stack used: %d\n", + CONFIG_ESP_MAIN_TASK_STACK_SIZE + - uxTaskGetStackHighWaterMark(NULL)); #endif /* see user_settings PROJECT_DH for HAVE_DH and HAVE_FFDHE_2048 */ @@ -328,12 +305,13 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args) CTX_CLIENT_CERT_SIZE, CTX_CLIENT_CERT_TYPE); if (ret_i != SSL_SUCCESS) { - ESP_LOGE(TAG, "ERROR: failed to load chain %d, please check the file.\n", ret_i); + ESP_LOGE(TAG, "ERROR: failed to load chain %d, " + "please check the file.", ret_i); } - /* Load client certificates into WOLFSSL_CTX */ - WOLFSSL_MSG("Loading...cert"); - ret_i = wolfSSL_CTX_load_verify_buffer(ctx, + /* Load client certificates into WOLFSSL_CTX */ + WOLFSSL_MSG("Loading...cert"); + ret_i = wolfSSL_CTX_load_verify_buffer(ctx, CTX_CA_CERT, CTX_CA_CERT_SIZE, CTX_CA_CERT_TYPE); @@ -420,10 +398,17 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args) #endif /* Attach wolfSSL to the socket */ - wolfSSL_set_fd(ssl, sockfd); + ret_i = wolfSSL_set_fd(ssl, sockfd); + if (ret_i == WOLFSSL_SUCCESS) { + ESP_LOGI(TAG, "wolfSSL_set_fd success"); + } + else { + ESP_LOGE(TAG, "ERROR: failed wolfSSL_set_fd. Error: %d\n", ret_i); + } WOLFSSL_MSG("Connect to wolfSSL on the server side"); /* Connect to wolfSSL on the server side */ + ret_i = wolfSSL_connect(ssl); if (wolfSSL_connect(ssl) == SSL_SUCCESS) { #ifdef DEBUG_WOLFSSL ShowCiphers(ssl); @@ -458,7 +443,8 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args) printf("%s\n", buff); } else { - ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL\n"); + ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL. " + "Error: %d\n", ret_i); } #ifdef DEBUG_WOLFSSL ShowCiphers(ssl); @@ -487,16 +473,28 @@ WOLFSSL_ESP_TASK tls_smp_client_init(void* args) #else xTaskHandle _handle; #endif - /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */ + /* See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html#functions */ + if (TLS_SMP_CLIENT_TASK_BYTES < (6 * 1024)) { + /* Observed approximately 6KB limit for the RTOS task stack size. + * Reminder parameter is bytes, not words as with generic FreeeRTOS. */ + ESP_LOGW(TAG, "Warning: TLS_SMP_CLIENT_TASK_BYTES < 6KB"); + } +#ifndef WOLFSSL_SMALL_STACK + ESP_LOGW(TAG, "WARNING: WOLFSSL_SMALL_STACK is not defined. Consider " + "defining that to reduce embedded memory usage."); +#endif + + /* Note that despite vanilla FreeRTOS using WORDS for a parameter, + * Espressif uses BYTES for the task stack size here: */ ret = xTaskCreate(tls_smp_client_task, TLS_SMP_CLIENT_TASK_NAME, - TLS_SMP_CLIENT_TASK_WORDS, + TLS_SMP_CLIENT_TASK_BYTES, NULL, TLS_SMP_CLIENT_TASK_PRIORITY, &_handle); if (ret != pdPASS) { - ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME); + ESP_LOGI(TAG, "Create thread %s failed.", TLS_SMP_CLIENT_TASK_NAME); } return TLS_SMP_CLIENT_TASK_RET; } diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk index 61f8990c31..c59edbee41 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk @@ -1,8 +1,8 @@ # # Main component makefile. # -# This Makefile can be left empty. By default, it will take the sources in the -# src/ directory, compile them and link them into lib(subdirectory_name).a -# in the build directory. This behaviour is entirely configurable, +# This Makefile can be left empty. By default, it will take the sources in the +# src/ directory, compile them and link them into lib(subdirectory_name).a +# in the build directory. This behavior is entirely configurable, # please read the ESP-IDF documents if you need to do this. # diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h index 1188ee36e8..de53403573 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h @@ -1,6 +1,6 @@ -/* server-tls.h +/* client-tls.h * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -18,18 +18,20 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ -#ifndef _SERVER_TLS_ -#define _SERVER_TLS_ +#ifndef _CLIENT_TLS_H_ +#define _CLIENT_TLS_H_ + +/* Local project, auto-generated configuration */ +#include "sdkconfig.h" #include #include -#include "sdkconfig.h" /* See main/Kconfig.projbuild for default configuration settings */ #ifdef CONFIG_WOLFSSL_TARGET_HOST #define TLS_SMP_TARGET_HOST CONFIG_WOLFSSL_TARGET_HOST #else - #define TLS_SMP_TARGET_HOST "192.168.1.38" + #define TLS_SMP_TARGET_HOST "192.168.1.37" #endif #ifdef CONFIG_WOLFSSL_TARGET_PORT @@ -39,13 +41,20 @@ #endif #define TLS_SMP_CLIENT_TASK_NAME "tls_client_example" -#define TLS_SMP_CLIENT_TASK_WORDS 22240 + +/* Reminder: Vanilla FreeRTOS is words, Espressif is bytes. */ +#if defined(WOLFSSL_ESP8266) + #define TLS_SMP_CLIENT_TASK_BYTES (6 * 1024) +#else + #define TLS_SMP_CLIENT_TASK_BYTES (8 * 1024) +#endif + #define TLS_SMP_CLIENT_TASK_PRIORITY 8 #if defined(SINGLE_THREADED) #define WOLFSSL_ESP_TASK int #else - #include "freertos/FreeRTOS.h" + #include #define WOLFSSL_ESP_TASK void #endif @@ -68,4 +77,5 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args); #else WOLFSSL_ESP_TASK tls_smp_client_init(void* args); #endif + #endif /* _SERVER_TLS_ */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h index 94c3b5eba6..12c452d6e2 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h @@ -1,6 +1,6 @@ -/* template main.h +/* wolfssl_client main.h * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h index a47f940016..3586ac65a8 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h @@ -1,5 +1,6 @@ -/* - * Copyright (C) 2006-2023 wolfSSL Inc. +/* time_helper.h + * + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -20,8 +21,8 @@ /* common Espressif time_helper v5.6.3.001 */ -#ifndef _TIME_HELPER_H -#define _TIME_HELPER_H +#ifndef _TIME_HELPER_H_ +#define _TIME_HELPER_H_ /* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0 * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues @@ -32,13 +33,13 @@ extern "C" { #endif /* a function to show the current data and time */ -int esp_show_current_datetime(); +int esp_show_current_datetime(void); /* worst case, if GitHub time not available, used fixed time */ int set_fixed_default_time(void); /* set time from string (e.g. GitHub commit time) */ -int set_time_from_string(char* time_buffer); +int set_time_from_string(const char* time_buffer); /* set time from NTP servers, * also initially calls set_fixed_default_time or set_time_from_string */ @@ -51,4 +52,4 @@ int set_time_wait_for_ntp(void); } /* extern "C" */ #endif -#endif /* #ifndef _TIME_HELPER_H */ +#endif /* #ifndef _TIME_HELPER_H_ */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h index 644ce00db3..b29d58120b 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h @@ -21,9 +21,6 @@ #ifndef _WIFI_CONNECT_H_ #define _WIFI_CONNECT_H_ -#include -#include - /* ESP lwip */ #define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY @@ -48,19 +45,54 @@ * file my_private_config.h should be excluded from git updates */ /* #define USE_MY_PRIVATE_CONFIG */ -#ifdef USE_MY_PRIVATE_CONFIG +/* Note that IntelliSense may not work properly in the next section for the + * Espressif SDK 3.4 on the ESP8266. Macros should still be defined. + * See the project-level Makefile. Example found in: + * https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/template + * + * The USE_MY_PRIVATE_[OS]_CONFIG is typically an environment variable that + * triggers the make (not cmake) to add compiler defines. + */ +#if defined(USE_MY_PRIVATE_WINDOWS_CONFIG) + #include "/workspace/my_private_config.h" +#elif defined(USE_MY_PRIVATE_WSL_CONFIG) + #include "/mnt/c/workspace/my_private_config.h" +#elif defined(USE_MY_PRIVATE_LINUX_CONFIG) + #include "~/workspace/my_private_config.h" +#elif defined(USE_MY_PRIVATE_MAC_CONFIG) + #include "~/Documents/my_private_config.h" +#elif defined(USE_MY_PRIVATE_CONFIG) + /* This section works best with cmake & non-environment variable setting */ #if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS) + #define WOLFSSL_CMAKE + #include "/workspace/my_private_config.h" + #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_WINDOWS) + #define WOLFSSL_MAKE #include "/workspace/my_private_config.h" #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL) + #define WOLFSSL_CMAKE + #include "/mnt/c/workspace/my_private_config.h" + #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_WSL) + #define WOLFSSL_MAKE #include "/mnt/c/workspace/my_private_config.h" #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX) + #define WOLFSSL_CMAKE + #include "~/workspace/my_private_config.h" + #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_LINUX) + #define WOLFSSL_MAKE #include "~/workspace/my_private_config.h" #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE) #include "~/Documents/my_private_config.h" + #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_APPLE) + #define WOLFSSL_MAKE + #include "~/Documents/my_private_config.h" + #elif defined(OS_WINDOWS) + #include "/workspace/my_private_config.h" #else - #warning "did not detect environment. using ~/my_private_config.h" - #include "~/my_private_config.h" - #endif + /* Edit as needed for your private config: */ + #warning "default private config using /workspace/my_private_config.h" + #include "/workspace/my_private_config.h" + #endif #else /* @@ -70,14 +102,22 @@ ** If you'd rather not, just change the below entries to strings with ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid" */ - #ifdef CONFIG_ESP_WIFI_SSID + #if defined(CONFIG_ESP_WIFI_SSID) + /* tyically from ESP32 with ESP-IDF v4 ot v5 */ #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID + #elif defined(CONFIG_EXAMPLE_WIFI_SSID) + /* tyically from ESP8266 rtos-sdk/v3.4 */ + #define EXAMPLE_ESP_WIFI_SSID CONFIG_EXAMPLE_WIFI_SSID #else #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT" #endif - #ifdef CONFIG_ESP_WIFI_PASSWORD + #if defined(CONFIG_ESP_WIFI_PASSWORD) + /* tyically from ESP32 with ESP-IDF v4 or v5 */ #define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD + #elif defined(CONFIG_EXAMPLE_WIFI_SSID) + /* tyically from ESP8266 rtos-sdk/v3.4 */ + #define EXAMPLE_ESP_WIFI_PASS CONFIG_EXAMPLE_WIFI_PASSWORD #else #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT" #endif diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c index add43ada2f..fa116ed10f 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c @@ -1,6 +1,6 @@ /* main.c * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -27,8 +27,9 @@ #include /* wolfSSL */ +/* Always include wolfcrypt/settings.h before any other wolfSSL file. */ +/* Reminder: settings.h pulls in user_settings.h; don't include it here */ #include -#include #include #ifndef WOLFSSL_ESPIDF #warning "Problem with wolfSSL user_settings." @@ -44,13 +45,17 @@ * For wired ethernet, see: * https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */ #include "wifi_connect.h" + /* + * Note ModBus TCP cannot be disabled on ESP8266 tos-sdk/v3.4 + * See https://github.com/espressif/esp-modbus/issues/2 + */ #endif #ifdef WOLFSSL_TRACK_MEMORY #include #endif -static const char* const TAG = "TLS Client"; +static const char* TAG = "main"; #if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \ && defined(WOLFSSL_ATECC508A) @@ -115,7 +120,7 @@ void my_atmel_free(int slotId) #endif /* CUSTOM_SLOT_ALLOCATION */ #endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */ -/* for FreeRTOS */ +/* Entry for FreeRTOS */ void app_main(void) { int stack_start = 0; @@ -126,26 +131,42 @@ void app_main(void) ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------"); ESP_LOGI(TAG, "--------------------------------------------------------"); ESP_LOGI(TAG, "--------------------------------------------------------"); +#ifdef ESP_SDK_MEM_LIB_VERSION + sdk_init_meminfo(); +#endif #ifdef ESP_TASK_MAIN_STACK ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK); #endif #ifdef TASK_EXTRA_STACK_SIZE ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE); #endif -#ifdef INCLUDE_uxTaskGetStackHighWaterMark + +#ifdef SINGLE_THREADED + ESP_LOGI(TAG, "Single threaded"); +#else ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)", CONFIG_ESP_MAIN_TASK_STACK_SIZE, - (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*))); + (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*))); + + #ifdef INCLUDE_uxTaskGetStackHighWaterMark + { + /* Returns the high water mark of the stack associated with xTask. That is, + * the minimum free stack space there has been (in bytes not words, unlike + * vanilla FreeRTOS) since the task started. The smaller the returned + * number the closer the task has come to overflowing its stack. + * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html + */ + stack_start = uxTaskGetStackHighWaterMark(NULL); + #ifdef ESP_SDK_MEM_LIB_VERSION + { + sdk_var_whereis("stack_start", &stack_start); + } + #endif - /* Returns the high water mark of the stack associated with xTask. That is, - * the minimum free stack space there has been (in bytes not words, unlike - * vanilla FreeRTOS) since the task started. The smaller the returned - * number the closer the task has come to overflowing its stack. - * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html - */ - stack_start = uxTaskGetStackHighWaterMark(NULL); - ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start); -#endif + ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start); + } + #endif /* INCLUDE_uxTaskGetStackHighWaterMark */ +#endif /* SINGLE_THREADED */ #ifdef HAVE_VERSION_EXTENDED_INFO esp_ShowExtendedSystemInfo(); @@ -184,11 +205,23 @@ void app_main(void) /* Initialize NVS */ ret = nvs_flash_init(); - if (ret == ESP_ERR_NVS_NO_FREE_PAGES || - ret == ESP_ERR_NVS_NEW_VERSION_FOUND) { - ESP_ERROR_CHECK(nvs_flash_erase()); - ret = nvs_flash_init(); + #if defined(CONFIG_IDF_TARGET_ESP8266) + { + if (ret == ESP_ERR_NVS_NO_FREE_PAGES) { + ESP_ERROR_CHECK(nvs_flash_erase()); + ret = nvs_flash_init(); + } } + #else + { + /* Non-ESP8266 initialization is slightly different */ + if (ret == ESP_ERR_NVS_NO_FREE_PAGES || + ret == ESP_ERR_NVS_NEW_VERSION_FOUND) { + ESP_ERROR_CHECK(nvs_flash_erase()); + ret = nvs_flash_init(); + } + } + #endif /* else not CONFIG_IDF_TARGET_ESP8266 */ ESP_ERROR_CHECK(ret); #if defined(CONFIG_IDF_TARGET_ESP32H2) @@ -203,8 +236,8 @@ void app_main(void) ESP_LOGI(TAG, "Trying WiFi again..."); ret = wifi_init_sta(); } - #endif -#endif + #endif /* else not CONFIG_IDF_TARGET_ESP32H2 */ +#endif /* else FOUND_PROTOCOL_EXAMPLES_DIR not found */ /* Once we are connected to the network, start & wait for NTP time */ ret = set_time_wait_for_ntp(); @@ -216,14 +249,6 @@ void app_main(void) esp_show_current_datetime(); } - /* HWM is maximum amount of stack space that has been unused, in bytes - * not words (unlike vanilla freeRTOS). */ - ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes", - CONFIG_ESP_MAIN_TASK_STACK_SIZE - - (uxTaskGetStackHighWaterMark(NULL)) - ); - ESP_LOGI(TAG, "Starting TLS Client task ...\n"); - #if defined(SINGLE_THREADED) /* just call the task */ tls_smp_client_task((void*)NULL); @@ -232,6 +257,19 @@ void app_main(void) /* start a thread with the task */ args[0].loops = 10; args[0].port = 11111; + + /* HWM is maximum amount of stack space that has been unused, in bytes + * not words (unlike vanilla freeRTOS). */ + int this_heap; + this_heap = esp_get_free_heap_size(); + ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes", + CONFIG_ESP_MAIN_TASK_STACK_SIZE + - (uxTaskGetStackHighWaterMark(NULL)) + ); + ESP_LOGI(TAG, "Starting TLS Client task ...\n"); + + ESP_LOGI(TAG, "main tls_smp_client_init heap @ %p = %d", + &this_heap, this_heap); tls_smp_client_init(args); /* optional additional client threads tls_smp_client_init(args); @@ -244,24 +282,24 @@ void app_main(void) */ #endif + /* Done */ +#ifdef SINGLE_THREADED + ESP_LOGV(TAG, "\n\nDone!\n\n"); + while (1); +#else ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n"); vTaskDelete(NULL); /* done */ while (1) { ESP_LOGV(TAG, "\n\nLoop...\n\n"); -#ifdef INCLUDE_uxTaskGetStackHighWaterMark + #ifdef INCLUDE_uxTaskGetStackHighWaterMark ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL)); ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE - (uxTaskGetStackHighWaterMark(NULL) )); -#endif - -#if defined(SINGLE_THREADED) - ESP_LOGV(TAG, "\n\nDone!\n\n"); - while (1); -#else + #endif vTaskDelay(60000); -#endif - } /* done whle */ + } /* done while */ +#endif /* else not SINGLE_THREADED */ } /* app_main */ diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c index 5149d2e609..5eb06a140a 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c @@ -1,6 +1,6 @@ /* time_helper.c * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -19,12 +19,14 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ -/* common Espressif time_helper v5.6.3.002 */ -#include "esp_idf_version.h" +/* See https://tf.nist.gov/tf-cgi/servers.cgi */ + +/* common Espressif time_helper v5.6.6.001 */ #include "sdkconfig.h" #include "time_helper.h" #include +#include #if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR) #if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1) @@ -36,25 +38,24 @@ #include #endif #else - /* TODO Consider pre IDF v5? */ + /* TODO Consider non ESP-IDF environments */ #endif /* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0 * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues */ -const static char* TAG = "time_helper"; /* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */ #ifndef TIME_ZONE -/* - * PST represents Pacific Standard Time. - * +8 specifies the offset from UTC (Coordinated Universal Time), indicating - * that Pacific Time is UTC-8 during standard time. - * PDT represents Pacific Daylight Time. - * M3.2.0 indicates that Daylight Saving Time (DST) starts on the - * second (2) Sunday (0) of March (3). - * M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11) - */ + /* + * PST represents Pacific Standard Time. + * +8 specifies the offset from UTC (Coordinated Universal Time), indicating + * that Pacific Time is UTC-8 during standard time. + * PDT represents Pacific Daylight Time. + * M3.2.0 indicates that Daylight Saving Time (DST) starts on the + * second (2) Sunday (0) of March (3). + * M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11) + */ #define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0" #endif /* not defined: TIME_ZONE, so we are setting our own */ @@ -87,11 +88,13 @@ const static char* TAG = "time_helper"; char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST; +const static char* TAG = "time_helper"; + /* our NTP server list is global info */ extern char* ntpServerList[NTP_SERVER_COUNT]; /* Show the current date and time */ -int esp_show_current_datetime() +int esp_show_current_datetime(void) { time_t now; char strftime_buf[64]; @@ -104,7 +107,7 @@ int esp_show_current_datetime() localtime_r(&now, &timeinfo); strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo); ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf); - return 0; + return ESP_OK; } /* the worst-case scenario is a hard-coded date/time */ @@ -113,9 +116,9 @@ int set_fixed_default_time(void) /* ideally, we'd like to set time from network, * but let's set a default time, just in case */ struct tm timeinfo = { - .tm_year = 2023 - 1900, - .tm_mon = 10, - .tm_mday = 02, + .tm_year = 2024 - 1900, + .tm_mon = 1, + .tm_mday = 05, .tm_hour = 13, .tm_min = 01, .tm_sec = 05 @@ -130,7 +133,38 @@ int set_fixed_default_time(void) ESP_LOGI(TAG, "Adjusting time from fixed value"); now = (struct timeval){ .tv_sec = interim_time }; ret = settimeofday(&now, NULL); + ESP_LOGI(TAG, "settimeofday result = %d", ret); + return ret; +} + +/* probably_valid_time_string(s) + * + * some sanity checks on time string before calling sscanf() + * + * returns 0 == ESP_OK == Success if str is likely a valid time. + * -1 == ESP_FAIL otherwise + */ +int probably_valid_time_string(const char* str) +{ + int ret = ESP_OK; + size_t length = 0; + size_t spaces = 0; + size_t colons = 0; + + while (str[length] != '\0') { + if (str[length] == ' ') { + spaces++; + } + if (str[length] == ':') { + colons++; + } + length++; + } + if ((length > 32) || (spaces < 4) || (spaces > 5) || (colons > 2)) { + ret = ESP_FAIL; + ESP_LOGE(TAG, "ERROR, failed time sanity check: %s", str); + } return ret; } @@ -138,60 +172,66 @@ int set_fixed_default_time(void) * * returns 0 = success if able to set the time from the provided string * error for any other value, typically -1 */ -int set_time_from_string(char* time_buffer) +int set_time_from_string(const char* time_buffer) { /* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */ + char offset[28]; /* large arrays, just in case there's still bad data */ + char day_str[28]; + char month_str[28]; const char *format = "%3s %3s %d %d:%d:%d %d %s"; struct tm this_timeinfo; struct timeval now; time_t interim_time; - char offset[6]; /* expecting trailing single quote, not used */ - char day_str[4]; - char month_str[4]; int day, year, hour, minute, second; int quote_offset = 0; int ret = 0; - /* we are expecting the string to be encapsulated in single quotes */ - if (*time_buffer == 0x27) { - quote_offset = 1; - } + /* perform some basic sanity checkes */ + ret = probably_valid_time_string(time_buffer); + if (ret == ESP_OK) { + /* we are expecting the string to be encapsulated in single quotes */ + if (*time_buffer == 0x27) { + quote_offset = 1; + } - ret = sscanf(time_buffer + quote_offset, - format, - day_str, month_str, - &day, &hour, &minute, &second, &year, &offset); + ret = sscanf(time_buffer + quote_offset, + format, + day_str, month_str, + &day, &hour, &minute, &second, &year, &offset); - if (ret == 8) { - /* we found a match for all componets */ + if (ret == 8) { + /* we found a match for all componets */ - const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", - "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }; + const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }; - for (int i = 0; i < 12; i++) { - if (strcmp(month_str, months[i]) == 0) { - this_timeinfo.tm_mon = i; - break; + for (int i = 0; i < 12; i++) { + if (strcmp(month_str, months[i]) == 0) { + this_timeinfo.tm_mon = i; + break; + } } - } - this_timeinfo.tm_mday = day; - this_timeinfo.tm_hour = hour; - this_timeinfo.tm_min = minute; - this_timeinfo.tm_sec = second; - this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */ + this_timeinfo.tm_mday = day; + this_timeinfo.tm_hour = hour; + this_timeinfo.tm_min = minute; + this_timeinfo.tm_sec = second; + this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */ - interim_time = mktime(&this_timeinfo); - now = (struct timeval){ .tv_sec = interim_time }; - ret = settimeofday(&now, NULL); - ESP_LOGI(TAG, "Time updated to %s", time_buffer); - } - else { - ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer); - ESP_LOGI(TAG, "Trying fixed date that was hard-coded."); - set_fixed_default_time(); - ret = -1; + interim_time = mktime(&this_timeinfo); + now = (struct timeval){ .tv_sec = interim_time }; + ret = settimeofday(&now, NULL); + ESP_LOGI(TAG, "Time updated to %s", time_buffer); + } + else { + ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", + time_buffer); + ESP_LOGI(TAG, "Trying fixed date that was hard-coded...."); + set_fixed_default_time(); + ret = ESP_FAIL; + } } + return ret; } @@ -224,14 +264,16 @@ int set_time(void) #ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE /* initialy set a default approximate time from recent git commit */ - ESP_LOGI(TAG, "Found git hash date, attempting to set system date."); - set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE); + ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s", + LIBWOLFSSL_VERSION_GIT_HASH_DATE); + set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0"); esp_show_current_datetime(); ret = -4; #else /* otherwise set a fixed time that was hard coded */ set_fixed_default_time(); + esp_show_current_datetime(); ret = -3; #endif @@ -262,6 +304,7 @@ int set_time(void) } ESP_LOGI(TAG, "%s", thisServer); sntp_setservername(i, thisServer); + ret = ESP_OK; } #ifdef HAS_ESP_NETIF_SNTP ret = esp_netif_sntp_init(&config); @@ -289,6 +332,9 @@ int set_time(void) ESP_LOGW(TAG, "No sntp time servers found."); ret = -1; } + + esp_show_current_datetime(); + ESP_LOGI(TAG, "time helper existing with result = %d", ret); return ret; } @@ -303,6 +349,8 @@ int set_time_wait_for_ntp(void) ret = esp_netif_sntp_start(); ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS); +#else + ESP_LOGE(TAG, "HAS_ESP_NETIF_SNTP not defined"); #endif /* HAS_ESP_NETIF_SNTP */ esp_show_current_datetime(); diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c index b9f9ab7385..19ced33011 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c @@ -1,6 +1,6 @@ /* wifi_connect.c * - * Copyright (C) 2006-2023 wolfSSL Inc. + * Copyright (C) 2006-2024 wolfSSL Inc. * * This file is part of wolfSSL. * @@ -18,17 +18,20 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ - #include "wifi_connect.h" +#include "wifi_connect.h" +/* FreeRTOS */ #include #include #include -#include + +/* Espressif */ #include +#include +#include /* wolfSSL */ #include -#include "user_settings.h" #include #include #ifndef WOLFSSL_ESPIDF @@ -36,7 +39,12 @@ #warning "Check components/wolfssl/include" #endif -#if ESP_IDF_VERSION_MAJOR >= 5 +/* When there's too little heap, WiFi quietly refuses to connect */ +#define WIFI_LOW_HEAP_WARNING 21132 + +#if defined(CONFIG_IDF_TARGET_ESP8266) +#elif ESP_IDF_VERSION_MAJOR >= 5 + /* example path set in cmake file */ #elif ESP_IDF_VERSION_MAJOR >= 4 #include "protocol_examples_common.h" #else @@ -44,7 +52,9 @@ static EventGroupHandle_t wifi_event_group; #endif -#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR) +#if defined(CONFIG_IDF_TARGET_ESP8266) + +#elif defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR) #if ESP_IDF_VERSION_MAJOR >= 4 /* likely using examples, see wifi_connect.h */ #else @@ -64,7 +74,114 @@ /* breadcrumb prefix for logging */ const static char *TAG = "wifi_connect"; -#if ESP_IDF_VERSION_MAJOR < 4 +#if defined(CONFIG_IDF_TARGET_ESP8266) +#ifndef CONFIG_ESP_MAX_STA_CONN + #define CONFIG_ESP_MAX_STA_CONN 4 +#endif +#define EXAMPLE_MAX_STA_CONN CONFIG_ESP_MAX_STA_CONN + +#define WIFI_CONNECTED_BIT BIT0 +#define WIFI_FAIL_BIT BIT1 +#ifndef CONFIG_ESP_MAXIMUM_RETRY + #define CONFIG_ESP_MAXIMUM_RETRY 5 +#endif +/* FreeRTOS event group to signal when we are connected*/ +static EventGroupHandle_t s_wifi_event_group; +static int s_retry_num = 0; + +#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY +static void event_handler(void* arg, esp_event_base_t event_base, + int32_t event_id, void* event_data) +{ + if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) { + esp_wifi_connect(); + } else if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_DISCONNECTED) { + if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) { + esp_wifi_connect(); + s_retry_num++; + ESP_LOGI(TAG, "retry to connect to the AP"); + } else { + xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT); + } + ESP_LOGI(TAG,"connect to the AP fail"); + } else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) { + ip_event_got_ip_t* event = (ip_event_got_ip_t*) event_data; + ESP_LOGI(TAG, "got ip:%s", + ip4addr_ntoa(&event->ip_info.ip)); + s_retry_num = 0; + xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT); + } +} + +int wifi_init_sta(void) +{ + word32 this_heap; + + s_wifi_event_group = xEventGroupCreate(); + + tcpip_adapter_init(); + + ESP_ERROR_CHECK(esp_event_loop_create_default()); + + wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT(); + ESP_ERROR_CHECK(esp_wifi_init(&cfg)); + + ESP_ERROR_CHECK(esp_event_handler_register(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler, NULL)); + ESP_ERROR_CHECK(esp_event_handler_register(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler, NULL)); + + wifi_config_t wifi_config = { + .sta = { + .ssid = EXAMPLE_ESP_WIFI_SSID, + .password = EXAMPLE_ESP_WIFI_PASS + }, + }; + + /* Setting a password implies station will connect to all security modes including WEP/WPA. + * However these modes are deprecated and not advisable to be used. Incase your Access point + * doesn't support WPA2, these mode can be enabled by commenting below line */ + + if (strlen((char *)wifi_config.sta.password)) { + wifi_config.sta.threshold.authmode = WIFI_AUTH_WPA2_PSK; + } + + ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) ); + ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) ); + ESP_ERROR_CHECK(esp_wifi_start() ); + + ESP_LOGI(TAG, "wifi_init_sta finished. Connecting..."); + this_heap = esp_get_free_heap_size(); + ESP_LOGI(TAG, "this heap = %d", this_heap); + if (this_heap < WIFI_LOW_HEAP_WARNING) { + ESP_LOGW(TAG, "Warning: WiFi low heap: %d", WIFI_LOW_HEAP_WARNING); + } + /* Waiting until either the connection is established (WIFI_CONNECTED_BIT) or connection failed for the maximum + * number of re-tries (WIFI_FAIL_BIT). The bits are set by event_handler() (see above) */ + EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group, + WIFI_CONNECTED_BIT | WIFI_FAIL_BIT, + pdFALSE, + pdFALSE, + portMAX_DELAY); + + ESP_LOGI(TAG, "xEventGroupWaitBits finished."); + /* xEventGroupWaitBits() returns the bits before the call returned, hence we can test which event actually + * happened. */ + if (bits & WIFI_CONNECTED_BIT) { + ESP_LOGI(TAG, "connected to ap SSID:%s", + EXAMPLE_ESP_WIFI_SSID); + } else if (bits & WIFI_FAIL_BIT) { + ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s", + EXAMPLE_ESP_WIFI_SSID, EXAMPLE_ESP_WIFI_PASS); + } else { + ESP_LOGE(TAG, "UNEXPECTED EVENT"); + } + + ESP_ERROR_CHECK(esp_event_handler_unregister(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler)); + ESP_ERROR_CHECK(esp_event_handler_unregister(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler)); + vEventGroupDelete(s_wifi_event_group); + return ESP_OK; +} + +#elif ESP_IDF_VERSION_MAJOR < 4 /* event handler for wifi events */ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event) { @@ -270,7 +387,8 @@ int wifi_init_sta(void) int wifi_show_ip(void) { - /* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */ - return 0; + /* TODO Causes panic: ESP_LOGI(TAG, "got ip:" IPSTR, + * IP2STR(&event->ip_info.ip)); */ + return ESP_OK; } #endif diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults index f8bce25ff3..ff9a5d4c52 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults @@ -1,26 +1,15 @@ -CONFIG_FREERTOS_HZ=1000 -CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y - -# -# Default main stack size -# -# This is typically way bigger than needed for stack size. See user_settings.h -# -CONFIG_ESP_MAIN_TASK_STACK_SIZE=55500 +# sdkconfig.defaults for ESP8266 + ESP32 -# Legacy stack size for older ESP-IDF versions -CONFIG_MAIN_TASK_STACK_SIZE=55500 +# CONFIG_ESP_PANIC_PRINT_REBOOT is not set +CONFIG_ESP_PANIC_PRINT_REBOOT=n +CONFIG_ESP_PANIC_PRINT_HALT=y -# -# Compiler options -# -CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y -CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y -CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2 -CONFIG_COMPILER_HIDE_PATHS_MACROS=y -CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y -CONFIG_COMPILER_STACK_CHECK=y +# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set +CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n +CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y +CONFIG_HEAP_DISABLE_IRAM=y +CONFIG_FREERTOS_HZ=1000 # # Partition Table # diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj new file mode 100644 index 0000000000..6181d50c7c --- /dev/null +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj @@ -0,0 +1,292 @@ + + + + + + Unknown + + true + + c9687472-a434-43a7-9026-7914f425b9b4 + true + true + SourceDirs + + + + + + com.visualgdb.xtensa-lx106-elf + + 8.4.0 + 8.1 + 1 + + + + release/v3.4 + rtos-sdk/v3.4 + RTOS_SDK + + 0 + + + + + + + + + + + + + Default + + false + + BuildMachine + BuiltinShortcut + + + + + + + COM70 + + 74880 + 8 + None + One + None + + + 0 + false + true + false + ASCII + + + 255 + 0 + 0 + 0 + + + 255 + 169 + 169 + 169 + + + 255 + 211 + 211 + 211 + + + 255 + 144 + 238 + 144 + + + 255 + 169 + 169 + 169 + + + + 16 + true + true + true + true + 0 + + LF + false + false + false + + + + true + + + + + True + + true + true + + Enabled + true + true + true + + true + + + + false + + apiModeling.google.GTest + core.builtin.BuiltinFunctions + core.builtin.NoReturnFunctions + core.CallAndMessage + core.DivideZero + core.DynamicTypePropagation + core.NonnilStringConstants + core.NonNullParamChecker + core.NullDereference + core.StackAddressEscape + core.UndefinedBinaryOperatorResult + core.uninitialized.ArraySubscript + core.uninitialized.Assign + core.uninitialized.Branch + core.uninitialized.CapturedBlockVariable + core.uninitialized.UndefReturn + core.VLASize + cplusplus.NewDelete + cplusplus.NewDeleteLeaks + cplusplus.SelfAssignment + deadcode.DeadStores + nullability.NullPassedToNonnull + nullability.NullReturnedFromNonnull + security.insecureAPI.getpw + security.insecureAPI.gets + security.insecureAPI.mkstemp + security.insecureAPI.mktemp + security.insecureAPI.UncheckedReturn + security.insecureAPI.vfork + unix.API + unix.cstring.BadSizeArg + unix.cstring.NullArg + unix.Malloc + unix.MallocSizeof + unix.MismatchedDeallocator + unix.StdCLibraryFunctions + unix.Vfork + + + -analyzer-store=region + -analyzer-opt-analyze-nested-blocks + -analyzer-eagerly-assume + + + + + + Debug + + build/Debug + sdkconfig-debug + false + + + + Release + + build/Release + sdkconfig-release + false + + + + + + + + + + + + + false + false + false + false + false + false + false + false + false + + false + false + false + false + false + false + true + false + None + false + false + + true + false + false + true + 0 + false + 0 + true + false + + + openocd + + -f interface/ftdi/tigard.cfg -f target/esp8266.cfg + + + + false + + 131072 + Enabled + + set remotetimeout 60 + target remote :$$SYS:GDB_PORT$$ + mon reset halt + load + mon xtensa_no_interrupts_during_steps on + mon esp8266_autofeed_watchdog on + + false + 0 + 0 + false + + 0 + Soft + 4096 + 4096 + + size4M + freq40M + QIO + + + + true + Disabled + 0 + false + false + true + false + false + + _estack + 0 + false + + true + + \ No newline at end of file diff --git a/IDE/Espressif/README.md b/IDE/Espressif/README.md index dea3b36a32..5bb1622f3c 100644 --- a/IDE/Espressif/README.md +++ b/IDE/Espressif/README.md @@ -154,7 +154,48 @@ CMake Error at run_serial_tool.cmake:56 (message): Solution: -Press and hold`EN` button, press and release `IO0` button, then release `EN` button. +Press and hold `EN` button, press and release `IO0` button, then release `EN` button. + +### Unknown CMake command "esptool_py_flash_project_args". + +This unintuitive error was observed when including an unneeded `set(COMPONENTS` in the project-level CMakeLists.txt +and attempting to build with an older toolchain, such as the RTOS SDK 3.4 for the ESP8266. + +### PermissionError: [Errno 13] Permission denied could not open port {} + +This error, other than the obvious permissions, also occurs when the port is in use by another application: + +```text +Traceback (most recent call last): + File "/home/gojimmypi/.espressif/python_env/rtos3.4_py3.10_env/lib/python3.10/site-packages/serial/serialposix.py", line 322, in open + self.fd = os.open(self.portstr, os.O_RDWR | os.O_NOCTTY | os.O_NONBLOCK) +PermissionError: [Errno 13] Permission denied: '/dev/ttyS55' + +During handling of the above exception, another exception occurred: + +Traceback (most recent call last): + [... snip ...] +raise SerialException(msg.errno, "could not open port {}: {}".format(self._port, msg)) +serial.serialutil.SerialException: [Errno 13] could not open port /dev/ttyS55: [Errno 13] Permission denied: '/dev/ttyS55' +``` +### Panic Task watchdog got triggered. + +Long-running code may trip the watchdog timer. + +``` +Task watchdog got triggered. + +Guru Meditation Error: Core 0 panic'ed (unknown). Exception was unhandled. +``` + +The watchdog needs to be [fed](https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-reference/system/wdts.html?highlight=watchdog#_CPPv418esp_task_wdt_resetv) on a regular basis +with `void esp_task_wdt_reset(void)` from `esp8266/include/esp_task_wdt.h`. + +Try turning off the WDT in menuconfig, or for Makefiles: + +``` +EXTRA_CFLAGS += -DNO_WATCHDOG +``` #### Other Solutions diff --git a/IDE/Espressif/include.am b/IDE/Espressif/include.am index 662034155e..5011e51f2c 100644 --- a/IDE/Espressif/include.am +++ b/IDE/Espressif/include.am @@ -95,6 +95,7 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_hel EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md +EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index d3b331afd9..fe2e1ee507 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -1471,7 +1471,7 @@ static const char* bench_result_words3[][5] = { ESP_LOGI(TAG, "expected_diff = %llu", expected_diff); ESP_LOGI(TAG, "tickBeginDiff = %lu", tickBeginDiff); - ESP_LOGW(TAG, ""); + ESP_LOGW(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); } #endif } diff --git a/wolfcrypt/src/port/Espressif/esp32_mp.c b/wolfcrypt/src/port/Espressif/esp32_mp.c index 20fb4ee9ee..1afda2b832 100644 --- a/wolfcrypt/src/port/Espressif/esp32_mp.c +++ b/wolfcrypt/src/port/Espressif/esp32_mp.c @@ -2441,14 +2441,14 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z) esp_mp_mulmod_usage_ct); ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures", esp_mp_mulmod_error_ct); - ESP_LOGI(TAG, ""); + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); esp_show_mp("HW Z", Z); /* this is the HW result */ esp_show_mp("SW Z2", Z2); /* this is the SW result */ ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries", esp_mp_mulmod_usage_ct); ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures", esp_mp_mulmod_error_ct); - ESP_LOGI(TAG, ""); + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); #ifndef NO_RECOVER_SOFTWARE_CALC @@ -2991,7 +2991,7 @@ int esp_hw_show_mp_metrics(void) "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL"); #else /* Metrics: esp_mp_mul() */ - ESP_LOGI(TAG, ""); /* mul follows */ + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mul follows */ ESP_LOGI(TAG, "esp_mp_mul HW acceleration enabled."); ESP_LOGI(TAG, "Number of calls to esp_mp_mul: %lu", esp_mp_mul_usage_ct); @@ -3010,7 +3010,7 @@ int esp_hw_show_mp_metrics(void) "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD"); #else /* Metrics: esp_mp_mulmod() */ - ESP_LOGI(TAG, ""); /* mulmod follows */ + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mulmod follows */ ESP_LOGI(TAG, "esp_mp_mulmod HW acceleration enabled."); /* Metrics: esp_mp_mulmod() */ @@ -3052,7 +3052,7 @@ int esp_hw_show_mp_metrics(void) "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD"); #else /* Metrics: sp_mp_exptmod() */ - ESP_LOGI(TAG, ""); /* exptmod follows */ + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* exptmod follows */ ESP_LOGI(TAG, "Number of calls to esp_mp_exptmod: %lu", esp_mp_exptmod_usage_ct); diff --git a/wolfcrypt/src/port/Espressif/esp32_sha.c b/wolfcrypt/src/port/Espressif/esp32_sha.c index f6ad645c73..ca01affe47 100644 --- a/wolfcrypt/src/port/Espressif/esp32_sha.c +++ b/wolfcrypt/src/port/Espressif/esp32_sha.c @@ -227,10 +227,13 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type) #if defined(CONFIG_IDF_TARGET_ESP32) || \ defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3) switch (hash_type) { /* check each wolfSSL hash type WC_[n] */ + + #ifndef NO_SHA case WC_HASH_TYPE_SHA: ctx->sha_type = SHA1; /* assign Espressif SHA HW type */ ret = esp_sha_init_ctx(ctx); break; + #endif case WC_HASH_TYPE_SHA224: #if defined(CONFIG_IDF_TARGET_ESP32S2) || \ @@ -333,7 +336,6 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type) return ret; } -#ifndef NO_SHAx /* TODO cannot currently turn off SHA */ /* we'll call a separate init as there's only 1 HW acceleration */ int esp_sha_init_ctx(WC_ESP32SHA* ctx) { @@ -522,6 +524,7 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx) * We assume all issues handled, above. */ } /* esp_sha_init_ctx */ +#ifndef NO_SHA /* ** internal SHA ctx copy for ESP HW */ diff --git a/wolfcrypt/src/port/Espressif/esp32_util.c b/wolfcrypt/src/port/Espressif/esp32_util.c index 027fdedded..829afa4a60 100644 --- a/wolfcrypt/src/port/Espressif/esp32_util.c +++ b/wolfcrypt/src/port/Espressif/esp32_util.c @@ -482,7 +482,7 @@ int ShowExtendedSystemInfo_config(void) show_macro("WOLFSSL_NO_CURRDIR", STR_IFNDEF(WOLFSSL_NO_CURRDIR)); show_macro("WOLFSSL_LWIP", STR_IFNDEF(WOLFSSL_LWIP)); - ESP_LOGI(TAG, ""); + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); #if defined(CONFIG_COMPILER_OPTIMIZATION_DEFAULT) ESP_LOGI(TAG, "Compiler Optimization: Default"); #elif defined(CONFIG_COMPILER_OPTIMIZATION_SIZE) @@ -494,7 +494,7 @@ int ShowExtendedSystemInfo_config(void) #else ESP_LOGI(TAG, "Compiler Optimization: Unknown"); #endif - ESP_LOGI(TAG, ""); + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); return ESP_OK; } @@ -629,7 +629,7 @@ int ShowExtendedSystemInfo(void) #ifdef INCLUDE_uxTaskGetStackHighWaterMark ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL)); #endif - ESP_LOGI(TAG, ""); + ESP_LOGI(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); ShowExtendedSystemInfo_config(); ShowExtendedSystemInfo_git(); @@ -665,7 +665,7 @@ int esp_show_mp_attributes(char* c, MATH_INT_T* X) ESP_LOGV(MP_TAG, "esp_show_mp_attributes called with X == NULL"); } else { - ESP_LOGI(MP_TAG, ""); + ESP_LOGI(MP_TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); ESP_LOGI(MP_TAG, "%s.used = %d;", c, X->used); #if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH) ESP_LOGI(MP_TAG, "%s.sign = %d;", c, X->sign); @@ -717,7 +717,7 @@ int esp_show_mp(char* c, MATH_INT_T* X) i /* the index, again, for comment */ ); } - ESP_LOGI(MP_TAG, ""); + ESP_LOGI(MP_TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); } return ret; } diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index e4e1ddf933..142a3fba17 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -105,7 +105,7 @@ on the specific device platform. #endif #ifdef WOLFSSL_ESPIDF - /* Define the ESP_LOGx(TAG, "" value for output messages here. + /* Define the ESP_LOGx(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE value for output messages here. ** ** Beware of possible conflict in test.c (that one now named TEST_TAG) */ diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 3cc2d5f437..ec9a0a9a70 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -39,11 +39,8 @@ * By default the HW acceleration is on for ESP32 Chipsets, * but individual components can be turned off. See user_settings.h */ + #define TAG "wc_sha_512" #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW - #if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384) && \ - !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512) - static const char* TAG = "wc_sha_512"; - #endif #else #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW #endif diff --git a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h index b97e2a7b85..401bef5887 100644 --- a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h +++ b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h @@ -44,6 +44,13 @@ #include #include +#if ESP_IDF_VERSION_MAJOR >= 4 + #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "" +#else + /* Older ESP-IDF such as that for ESP8266 do not support empty strings */ + #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "." +#endif + /* exit codes to be used in tfm.c, sp_int.c, integer.c, etc. * * see wolfssl/wolfcrypt/error-crypt.h @@ -521,6 +528,8 @@ extern "C" #ifndef NO_AES #if ESP_IDF_VERSION_MAJOR >= 4 #include "esp32/rom/aes.h" + #elif defined(CONFIG_IDF_TARGET_ESP8266) + /* no hardware includes for ESP8266*/ #else #include "rom/aes.h" #endif