Espressif HW Improvements (#6624)

* Espressif HW Improvements
* revised AES HW/SW fallback logic for ESP32

IDE/Espressif/ESP-IDF/README.md

@@ -6,6 +6,7 @@ and have not yet been upgraded to the master branch V5.
 See the latest [migration guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
 
 ## Overview
+
  ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
 
 Including the following examples:
@@ -17,29 +18,57 @@ Including the following examples:
  The *user_settings.h* file enables some of the hardened settings.
 
 ## Requirements
+
  1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)
 
 ## Setup for Linux
+
  1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree 
  2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
- 3. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
+ 3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
 ## Setup for Windows
+
  1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
  2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`
  3. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
  4. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
+## Setup for VisualGDB
+
+### Clone a specific version:
+
+```
+C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espressif/esp-idf.git v5.0.2
+```
+
 ## Configuration
+
  1. The `user_settings.h` can be found in _/path/to/esp_`/esp-idf/components/wolfssl/include/user_settings.h`
 
 ## Build examples
+
  1. See README in each example folder
 
 ## Support
+
  For question please email [support@wolfssl.com]
 
  Note: This is tested with : 
- - OS: Ubuntu 20.04.3 LTS and Microsoft Windows 10 Pro 10.0.19041 and well as WSL Ubuntu
+ - OS: Ubuntu 20.04.3 LTS
+ - Microsoft Windows 10 Pro 10.0.19041 
+ - WSL Ubuntu
+
  - ESP-IDF: ESP-IDF v4.3.2
  - Module : ESP32-WROOM-32
+
+## JTAG Debugging
+
+All of the examples are configured to use either the on-board JTAG (when available) or
+the open source [Tigard multi-protocol tool for hardware hacking](https://github.com/tigard-tools/tigard).
+
+VisualGDB users should find the configuration file in the `interface\ftdi` directory:
+
+```
+C:\Users\%USERNAME%\AppData\Local\VisualGDB\EmbeddedDebugPackages\com.sysprogs.esp32.core\share\openocd\scripts\interface\ftdi
+```

IDE/Espressif/ESP-IDF/README_32se.md

@@ -15,7 +15,7 @@ Including the following examples:
 2. Microchip CryptoAuthentication Library: https://github.com/MicrochipTech/cryptoauthlib
 
 ## Setup
-1. Comment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
+1. Comment out `#define WOLFSSL_ESP32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
  Uncomment out `#define WOLFSSL_ESPWROOM32SE` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`
  * **Note:** crypt test will fail if enabled `WOLFSSL_ESPWROOM32SE`
 3. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)

IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md

@@ -27,11 +27,19 @@ Example build on WSL, assuming `git clone` from `c:\workspace`:
 # switch to test example
 cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
 
-# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
 
-# build and flash, in this example to COM20
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+# set target chipset
+idf.py set-target esp32s3
+
+# erase
+idf.py erase-flash -p /dev/ttyS24 -b 115200
+
+# start with a low upload speed, then increase as found operational
+idf.py 
+# build and flash, in this example to COM24
+idf.py build flash -p /dev/ttyS24 -b 115200 monitor
 ```
 
 ## Example Output

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt

@@ -50,7 +50,6 @@ set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
  "${WOLFSSL_ROOT}/wolfcrypt/src/"
  "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
  "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
- "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
  "${WOLFSSL_ROOT}/wolfcrypt/test/"
  )
 
@@ -190,9 +189,10 @@ set(COMPONENT_SRCEXCLUDE
  "${WOLFSSL_ROOT}/src/conf.c"
  "${WOLFSSL_ROOT}/src/misc.c"
  "${WOLFSSL_ROOT}/src/pk.c"
- "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
+ "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
+ "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
+ "${WOLFSSL_ROOT}/src/ssl_certman.c" # included by ssl.c
+ "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
  "${WOLFSSL_ROOT}/src/x509.c"
  "${WOLFSSL_ROOT}/src/x509_str.c"
  "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c

@@ -154,6 +154,8 @@ void app_main(void)
  /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
 #if defined(CONFIG_IDF_TARGET_ESP32C3)
  /* not available for C3 at this time */
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* not available for C6 at this time */
 #elif defined(CONFIG_IDF_TARGET_ESP32S3)
  ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
  CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
@@ -185,8 +187,6 @@ void app_main(void)
  #endif
 #endif
 
-
-
 #if defined (WOLFSSL_USE_TIME_HELPER)
  set_time();
 #endif
@@ -224,9 +224,23 @@ void app_main(void)
  /* see wolfssl/wolfcrypt/error-crypt.h */
  }
 
- /* after the test, we'll just wait */
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+ ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - (uxTaskGetStackHighWaterMark(NULL) / 4));
+#endif
+
+ ESP_LOGI(TAG, "\n\nDone!\n\n"
+ "If running from idf.py monitor, press twice: Ctrl+]");
+
+ /* done */
  while (1) {
- /* nothing */
- }
+#if defined(SINGLE_THREADED)
+ while (1);
+#else
+ vTaskDelay(60000);
+#endif
+ } /* done whle */
 #endif
 }

IDE/Espressif/ESP-IDF/user_settings.h

@@ -18,12 +18,24 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+
 #undef WOLFSSL_ESPIDF
 #undef WOLFSSL_ESP32
 #undef WOLFSSL_ESPWROOM32SE
 #undef WOLFSSL_ESP32
 #undef WOLFSSL_ESP8266
 
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+#include <sdkconfig.h>
+
 #define WOLFSSL_ESPIDF
 
 /*
@@ -85,11 +97,11 @@
  /* #define CUSTOM_SLOT_ALLOCATION */
 #endif
 
-/* rsa primitive specific definition */
+/* RSA primitive specific definition */
 #if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
  /* Define USE_FAST_MATH and SMALL_STACK */
  #define ESP32_USE_RSA_PRIMITIVE
- /* threshold for performance adjustment for hw primitive use */
+ /* threshold for performance adjustment for HW primitive use */
  /* X bits of G^X mod P greater than */
  #define EPS_RSA_EXPT_XBTIS 36
  /* X and Y of X * Y mod P greater than */
@@ -107,11 +119,50 @@
 /* #define NO_ASN_TIME */
 /* #define XTIME time */
 
-/* when you want not to use HW acceleration */
-/* #define NO_ESP32_CRYPT */
-/* #define NO_WOLFSSL_ESP32_CRYPT_HASH*/
-/* #define NO_WOLFSSL_ESP32_CRYPT_AES */
-/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
 
-/* adjust wait-timeout count if you see timeout in rsa hw acceleration */
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
 #define ESP_RSA_TIMEOUT_CNT 0x249F00
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* when you want not to use HW acceleration on ESP32 (below for S3, etc */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* ESP32-S2 disabled by default; not implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* when you want not to use HW acceleration on ESP32-S3 */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* ESP32-C3 disabled by default, not implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* ESP32-C6 disabled by default, not implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* ESP32-H2 disabled by default, not implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#else
+ /* anything else unknown will have HW disabled by default */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif