Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve Arduino Examples, add workflow testing

Browse Source
This commit is contained in:
gojimmypi
2025-09-02 11:45:28 -07:00
parent f33814b377
commit 0065d9a0dd
7 changed files with 606 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

325
.github/workflows/arduino.yml vendored Normal file
View File

@@ -0,0 +1,325 @@
name: Arduino CI Build (1 of 4) wolfssl
#
# Test fetches wolfssl-examples/Arduino and uses local, latest github master branch wolfssl
#
# These 4 workflows across 3 repos are interdependent for the current $REPO_OWNER:
#
# THIS Arduino CI Build 1: https://github.com/$REPO_OWNER/wolfssl # /.github/workflows/arduino.yml
# - Builds Arduino library from local clone of wolfssl master branch
# - Fetches examples from https://github.com/$REPO_OWNER/wolfssl-examples
#
# Arduino CI Build 2: https://github.com/$REPO_OWNER/wolfssl-examples # /.github/workflows/arduino-release.yml
# - Tests examples based on latest published release of Arduino library, NOT latest on wolfssl github.
# - Should be identical to Arduino CI Build 3 in every way but wolfssl install.
# - Copies only compile script from wolfssl-examples
# - Builds local examples
# - No other repos used
#
# Arduino CI Build 3: https://github.com/$REPO_OWNER/wolfssl-examples # /.github/workflows/arduino.yml
# - Fetches current wolfSSL from https://github.com/$REPO_OWNER/wolfssl
# - Creates an updated Arduino library
# - Compiles local examples
# - Contains the source of `compile-all-examples.sh` and respective board-list.txt
#
# Arduino CI Build 4: https://github.com/$REPO_OWNER/Arduino-wolfssl # /.github/workflows/arduino.yml
# - Assembles and installs an updated Arduino wolfssl library from LOCAL wolfssl master source
# - Copies only compile script copied from wolfssl-examples
# - Builds local examples
# - No other repos used
#
#
# ** NOTE TO MAINTAINERS **
#
# Consider using winmerge or similar tool to keep the 4 arduino[-release].yml files in relative sync.
# Although there are some specific differences, most of the contents are otherwise identical.
#
# See https://github.com/wolfSSL/Arduino-wolfSSL
#
# To test locally:
# cd [your WOLFSSL_ROOT], e.g. cd /mnt/c/workspace/wolfssl-$USER
# [optional checkout] e.g. git checkout tags/v5.8.2-stable
# pushd ./IDE/ARDUINO
# export ARDUINO_ROOT="$HOME/Arduino/libraries"
# ./wolfssl-arduino.sh INSTALL
# cd [your WOLFSSL_EXAMPLES_ROOT] e.g. /mnt/c/workspace/wolfssl-examples-$USER
#
# START OF COMMON SECTION
on:
push:
branches: [ '**', 'master', 'main', 'release/**' ]
paths:
- '.github/workflows/arduino.yml'
- 'IDE/ARDUINO/**'
- 'src/**'
- 'wolfcrypt/**'
- 'wolfssl/**'
pull_request:
branches: [ '**' ]
paths:
- 'github/workflows/arduino.yml'
- 'IDE/ARDUINO/**'
- 'src/**'
- 'wolfcrypt/**'
- 'wolfssl/**'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
env:
REPO_OWNER: ${{ github.repository_owner }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Install Arduino CLI
run: |
# Script to fetch and run install.sh from arduino/arduino-cli
# The install script will test to see if the recently installed apps in in the path
# So set it up in advance:
mkdir -p "${PWD}/bin"
echo "${PWD}/bin" >> $GITHUB_PATH
# Sets the install directory to a consistent path at the repo root.
ROOT_BIN="$GITHUB_WORKSPACE/bin"
# Ensures that BINDIR exists before the installer runs
mkdir -p "$ROOT_BIN"
# Save as a lobal environment variable
echo "$ROOT_BIN" >> "$GITHUB_PATH"
# Download and run install script from Arduino:
# -S show errors; -L follow redirects; -v Verbose
set +e # don't abort on error
set -o pipefail
curl -vSL --retry 5 --retry-delay 10 \
https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh \
| sh -x
rc=$?
c_rc=${PIPESTATUS[0]} # curl's exit code
s_rc=${PIPESTATUS[1]} # sh's exit code
set -e # restore default abort-on-error
# If there was a curl error, we have our own local copy that is more reliable and can add our own debugging
if [ "$rc" -ne 0 ]; then
echo "Primary install failed: curl=$c_rc, sh=$s_rc. Falling back..." >&2
echo "Using local copy of arduino_install.sh"
pushd ./Arduino/sketches
chmod +x ./arduino_install.sh
# Mimic curl install, does not use current directory:
BINDIR="$ROOT_BIN" sh -x ./arduino_install.sh
popd
else
echo "Alternative install script not needed."
fi
- name: Confirm Arduino CLI install
run: arduino-cli version
- name: Setup Arduino CLI
run: |
arduino-cli config init
arduino-cli core update-index
arduino-cli config add board_manager.additional_urls https://www.pjrc.com/teensy/package_teensy_index.json
arduino-cli core update-index
arduino-cli config add board_manager.additional_urls https://arduino.esp8266.com/stable/package_esp8266com_index.json
arduino-cli core update-index
arduino-cli core install esp32:esp32 # ESP32
arduino-cli core install arduino:avr # Arduino Uno, Mega, Nano
arduino-cli core install arduino:sam # Arduino Due
arduino-cli core install arduino:samd # Arduino Zero
arduino-cli core install teensy:avr # PJRC Teensy
arduino-cli core install esp8266:esp8266 # ESP8266
arduino-cli core install arduino:mbed_nano # nanorp2040connect
arduino-cli core install arduino:mbed_portenta # portenta_h7_m7
arduino-cli core install arduino:mbed_edge
# sudo "/home/$USER/.arduino15/packages/arduino/hardware/mbed_nano/4.2.4/post_install.sh"
arduino-cli core install arduino:renesas_uno
arduino-cli lib install "ArduinoJson" # Example dependency
arduino-cli lib install "WiFiNINA" # ARDUINO_SAMD_NANO_33_IOT
arduino-cli lib install "Ethernet" # Install Ethernet library
arduino-cli lib install "Bridge" # Pseudo-network for things like arduino:samd:tian
- name: Set job environment variables
run: |
# Script to assign some common environment variables after everything is installed
ICON_OK=$(printf "\xE2\x9C\x85")
ICON_FAIL=$(printf "\xE2\x9D\x8C")
echo "GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..")" >> "$GITHUB_ENV"
echo "ARDUINO_ROOT=$(realpath "$HOME/Arduino/libraries")" >> "$GITHUB_ENV"
# Show predefined summary:
echo "GITHUB_WORKSPACE = $GITHUB_WORKSPACE"
# Show assigned build:env values (e.g. "wolfssl", "gojimmpi" or other owners):
echo "REPO_OWNER = $REPO_OWNER"
echo "GITHUB_ENV=$GITHUB_ENV"
# Show our custom values:
echo "GITHUB_WORK = $GITHUB_WORK"
echo "ARDUINO_ROOT = $ARDUINO_ROOT"
# WOLFSSL_EXAMPLES_ROOT is the repo root, not example location
echo "WOLFSSL_EXAMPLES_ROOT = $WOLFSSL_EXAMPLES_ROOT"
- name: Get wolfssl-examples
run: |
# Fetch Arduino examples from the wolfssl-examples repo
echo "Start pwd:"
pwd
# we're typically in $GITHUB_WORKSPACE=/home/runner/work/wolfssl/wolfssl
# goto /home/runner/work to fetch wolfssl-examples
echo "Current pwd for wolfssl-examples clone fetch: $(pwd)"
GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..")
echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE"
# Typically /home/runner/work
echo "GITHUB_WORK=$GITHUB_WORK"
pushd "$GITHUB_WORK"
echo "Updated pwd for wolfssl-examples clone fetch: $(pwd)"
git clone --depth 1 https://github.com/$REPO_OWNER/wolfssl-examples.git wolfssl-examples-publish
cd ./wolfssl-examples-publish
echo "WOLFSSL_EXAMPLES_ROOT=$(pwd)"
echo "Path for wolfssl-examples-publish: $(pwd)"
popd # GITHUB_WORK
# ** END ** Get wolfssl-examples
- name: Install wolfSSL Arduino library
run: |
# Run the local wolfssl-arduino.sh install script to install wolfssl Arduino library.
# Methods of installing Arduino library:
# 1) arduino-cli lib install "wolfSSL"
# 2) manual copy of files (typical of the Arduino-wolfssl repo)
# 3) run ./wolfssl-arduino.sh INSTALL (typical of the wolfssl repo)
echo "Current pwd for wolfssl-examples clone fetch: $(pwd)"
GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..")
echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE"
# Typically /home/runner/work
echo "GITHUB_WORK=$GITHUB_WORK"
pwd
pushd ./IDE/ARDUINO
# Set default ARDUINO_ROOT to Arduino library.
export ARDUINO_ROOT="$HOME/Arduino/libraries"
export WOLFSSL_EXAMPLES_ROOT="$GITHUB_WORK/wolfssl-examples-publish"
echo "ARDUINO_ROOT: $WOLFSSL_EXAMPLES_ROOT"
echo "WOLFSSL_EXAMPLES_ROOT: $WOLFSSL_EXAMPLES_ROOT"
bash ./wolfssl-arduino.sh INSTALL # Install wolfSSL library
popd
# ** END ** Install wolfSSL Arduino library
- name: List installed Arduino libraries
run: arduino-cli lib list
- name: Get compile-all-examples.sh
run: |
# Fetch compile script FROM THE CURRENT OWNER.
# This repo is Arduino-wolfssl; we'll fetch the script from the wolfssl-examples for the same repository owner.
echo "Repository owner: $REPO_OWNER"
echo "Current directory: $PWD"
echo "Current pwd for wolfssl-examples clone fetch: $PWD"
WOLFSSL_EXAMPLES_DIRECTORY="$ARDUINO_ROOT/wolfssl/examples"
THIS_BOARD_LIST="board_list.txt"
echo "WOLFSSL_EXAMPLES_DIRECTORY=$WOLFSSL_EXAMPLES_DIRECTORY"
# Fetch script and board list into WOLFSSL_EXAMPLES_DIRECTORY
echo "Fetching board_list.txt from REPO_OWNER=$REPO_OWNER"
curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/board_list.txt" -o "$WOLFSSL_EXAMPLES_DIRECTORY/$THIS_BOARD_LIST"
# Check if the first line is "404: Not Found" - which would indicate the curl path above is bad.
FILE="$WOLFSSL_EXAMPLES_DIRECTORY/board_list.txt"
# Ensure the file exists
if [[ ! -f "$FILE" ]]; then
echo "File not found: $FILE"
exit 1
fi
# Check if the first line is "404: Not Found"
if [[ $(head -n 1 "$FILE") == "404: Not Found" ]]; then
echo "The first line is '404: Not Found'"
exit 1
fi
# Fetch the compile script from repo: https://github.com/[$USER]/wolfssl-examples/
echo "Fetching compile-all-examples.sh from REPO_OWNER=$REPO_OWNER"
curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/compile-all-examples.sh" -o "$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh"
# Check if the first line is "404: Not Found" - which would indicate the curl path above is bad.
FILE="$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh"
# Ensure the file exists
if [[ ! -f "$FILE" ]]; then
echo "File not found: $FILE"
exit 1
fi
# Check if the first line is "404: Not Found"
if [[ $(head -n 1 "$FILE") == "404: Not Found" ]]; then
echo "The first line is '404: Not Found'"
exit 1
fi
pushd "$WOLFSSL_EXAMPLES_DIRECTORY"
echo "Current directory: $PWD"
echo "Current directory $PWD"
echo "Contents:"
ls -al
find ./ -type f | sort
# ensure we can execute the script here (permissions lost during curl fetch)
chmod +x ./compile-all-examples.sh
echo "Found compile script: $(ls -al ./compile-all-examples.sh ./$THIS_BOARD_LIST)"
popd
# ** END ** Get compile-all-examples.sh
# This will fail with Arduino published wolfSSL v5.7.6 and older
# as the examples moved. See https://github.com/wolfSSL/wolfssl/pull/8514
#
- name: Compile Arduino Sketches for Various Boards
run: |
# Call the compile-all-examples.sh script to compile all the examples for each of the fqbn names in the local copy of board_list.txt
echo "Current directory: $PWD"
echo "ARDUINO_ROOT: $ARDUINO_ROOT"
WOLFSSL_EXAMPLES_DIRECTORY="$ARDUINO_ROOT/wolfssl/examples"
echo "WOLFSSL_EXAMPLES_DIRECTORY: $WOLFSSL_EXAMPLES_DIRECTORY"
echo "Change directory to Arduino examples..."
pushd "$WOLFSSL_EXAMPLES_DIRECTORY"
echo "Current directory: $PWD"
echo "Calling ./compile-all-examples.sh"
bash ./compile-all-examples.sh
popd
# End Compile Arduino Sketches for Various Boards

16
.wolfssl_known_macro_extras
View File

@@ -16,9 +16,14 @@ ARDUINO_ARCH_NRF52
ARDUINO_ARCH_RP2040
ARDUINO_ARCH_SAMD
ARDUINO_ARCH_STM32
ARDUINO_AVR_ETHERNET
ARDUINO_AVR_LEONARDO_ETH
ARDUINO_SAMD_MKR1000
ARDUINO_SAMD_NANO_33_IOT
ARDUINO_SAMD_ZERO
ARDUINO_SAM_DUE
ARDUINO_SEEED_XIAO
ARDUINO_TEENSY40
ARDUINO_TEENSY41
ASN_DUMP_OID
ASN_TEMPLATE_SKIP_ISCA_CHECK
@@ -212,12 +217,14 @@ ESP_IDF_VERSION_MINOR
ESP_PLATFORM
ESP_TASK_MAIN_STACK
ETHERNET_AVAILABLE
ETHERNET_H
EV_TRIGGER
EXTERNAL_LOADER_APP
FORCE_FAILURE_GETRANDOM
FP_ECC_CONTROL
FREERTOS_TCP_WINSIM
FREESCALE
FREESCALE_MQX
FREESCALE_RNGB
FREESCALE_USE_MMCAU_CLASSIC
FSL_FEATURE_HAS_L1CACHE
@@ -560,6 +567,7 @@ USE_SECRET_CALLBACK
USE_STSAFE_RNG_SEED
USE_STSAFE_VERBOSE
USE_TLSV13
USE_WINDOWS_API
USE_WOLF_STRNSTR
USS_API
WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
@@ -610,7 +618,10 @@ WC_SSIZE_TYPE
WC_STRICT_SIG
WC_WANT_FLAG_DONT_USE_AESNI
WC_XMSS_FULL_HASH
WIFIESPAT
WIFI_101
WIFI_AVAILABLE
WIFI_NINA
WIN_REUSE_CRYPT_HANDLE
WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
WOLFSENTRY_H
@@ -757,7 +768,6 @@ WOLFSSL_MULTICIRCULATE_ALTNAMELIST
WOLFSSL_NONBLOCK_OCSP
WOLFSSL_NOSHA3_384
WOLFSSL_NOT_WINDOWS_API
WOLFSSL_NO_ATOMIC
WOLFSSL_NO_BIO_ADDR_IN
WOLFSSL_NO_CLIENT
WOLFSSL_NO_CLIENT_CERT_ERROR
@@ -953,6 +963,7 @@ __ARM_ARCH_7M__
__ARM_FEATURE_CRYPTO
__ASSEMBLER__
__ATOMIC_RELAXED
__AVR_ARCH__
__AVR__
__BCPLUSPLUS__
__BIG_ENDIAN__
@@ -985,6 +996,7 @@ __LINUX__
__LP64
__LP64__
__MACH__
__MEGAAVR__
__MICROBLAZE__
__MINGW32__
__MINGW64_VERSION_MAJOR
@@ -1007,6 +1019,8 @@ __SAM3X4C__
__SAM3X4E__
__SAM3X8C__
__SAM3X8E__
__SAMD21__
__SAMD51__
__SANITIZE_ADDRESS__
__SDCC_VERSION_MAJOR
__SDCC_VERSION_MINOR

16
IDE/ARDUINO/README.md
View File

@@ -1,18 +1,18 @@
# wolfSSL with Arduino
See the [example sketches](./sketches/README.md):
NOTE: Moving; See https://github.com/wolfSSL/wolfssl-examples/pull/499
See the [example sketches](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino):
Bare-bones templates:
- [sketches/wolfssl_version](./sketches/wolfssl_version/README.md) single file.
- [sketches/template](./sketches/template/README.md) multiple file example.
- [sketches/wolfssl_version](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/wolfssl_version/README.md) single file.
- [sketches/template](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/template/README.md) multiple file example.
Functional examples:
- [sketches/wolfssl_AES_CTR](./sketches/wolfssl_AES_CTR/README.md) AES CTR Encrypt / decrypt.
- [sketches/wolfssl_client](./sketches/wolfssl_client/README.md) TLS Client.
- [sketches/wolfssl_server](./sketches/wolfssl_server/README.md) TLS Server.
- [sketches/wolfssl_AES_CTR](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/wolfssl_AES_CTR/README.md) AES CTR Encrypt / decrypt.
- [sketches/wolfssl_client](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/wolfssl_client/README.md) TLS Client.
- [sketches/wolfssl_server](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/wolfssl_server/README.md) TLS Server.
- [sketches/wolfssl_client_dtls](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/wolfssl_client_dtls/README.md) DTLS Client.
- [sketches/wolfssl_server_dtls](https://github.com/wolfSSL/wolfssl-examples/tree/master/Arduino/sketches/wolfssl_server_dtls/README.md) DTLS Server.
Both the `template` and `wolfssl_AES_CTR` examples include VisualGDB project files.

84
IDE/ARDUINO/wolfssl-arduino.sh
View File

@@ -26,6 +26,9 @@
# The Arduino library include file is "wolfssl.h" (all lower case)
# The Published wolfSSL Arduino Registry is at https://github.com/wolfSSL/Arduino-wolfSSL.git
# See https://downloads.arduino.cc/libraries/logs/github.com/wolfSSL/Arduino-wolfSSL/
#
echo "wolfssl-arduino.sh v5.8.2 rev B"
ROOT_DIR="/wolfssl"
# The Arduino Version will initially have a suffix appended during fine tuning stage.
@@ -70,18 +73,24 @@ if [ "$ROOT_DIR" = "" ]; then
exit 1
fi
if [ "$ARDUINO_ROOT" = "" ]; then
echo "No ARDUINO_ROOT export... detecting..."
ARDUINO_ROOT="$HOME/Arduino/libraries"
ARDUINO_ROOT="$HOME/Arduino/libraries"
# Check environment
if [ -n "$WSL_DISTRO_NAME" ]; then
# we found a non-blank WSL environment distro name
current_path="$(pwd)"
pattern="/mnt/?"
if echo "$current_path" | grep -Eq "^$pattern"; then
# if we are in WSL and shared Windows file system, 'ln' does not work.
ARDUINO_ROOT="/mnt/c/Users/$USER/Documents/Arduino/libraries"
# Check environment
if [ -n "$WSL_DISTRO_NAME" ]; then
# we found a non-blank WSL environment distro name
echo "Found WSL: $WSL_DISTRO_NAME"
current_path="$(pwd)"
pattern="/mnt/?"
if echo "$current_path" | grep -Eq "^$pattern"; then
# if we are in WSL and shared Windows file system, 'ln' does not work.
ARDUINO_ROOT="/mnt/c/Users/$USER/Documents/Arduino/libraries"
echo "ARDUINO_ROOT set to $ARDUINO_ROOT"
fi
fi
else
echo "Using export ARDUINO_ROOT"
fi
echo "The Arduino library root is: $ARDUINO_ROOT"
@@ -173,7 +182,7 @@ THIS_DIR=${PWD##*/}
if [ "$THIS_DIR" = "ARDUINO" ]; then
# mkdir ./wolfssl
if [ -d ".${ROOT_DIR}" ]; then
echo "ERROR: $(realpath ".${ROOT_DIR}") is not empty"
echo "ERROR: $(realpath ".${ROOT_DIR}") is not empty; failed prior install? Please remove."
exit 1
else
echo "Step 01: mkdir .${ROOT_DIR}"
@@ -267,6 +276,7 @@ if [ "$THIS_DIR" = "ARDUINO" ]; then
echo "Destination EXAMPLES_DIR=.${EXAMPLES_DIR}"
echo "EXAMPLES_DIR_REAL_PATH=${EXAMPLES_DIR_REAL_PATH}"
# Only explicit source code is copied to the Arduino library. Edit with caution, no automation:
if [ -n "$WOLFSSL_EXAMPLES_ROOT" ]; then
echo "Copy template example...."
mkdir -p ".${EXAMPLES_DIR}"/template/wolfssl_library/src
@@ -279,23 +289,33 @@ if [ "$THIS_DIR" = "ARDUINO" ]; then
echo "Copy wolfssl_AES_CTR example...."
mkdir -p ".${EXAMPLES_DIR}"/wolfssl_AES_CTR
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_AES_CTR/wolfssl_AES_CTR.ino ".${EXAMPLES_DIR}"/wolfssl_AES_CTR/wolfssl_AES_CTR.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_AES_CTR/README.md ".${EXAMPLES_DIR}"/wolfssl_AES_CTR/README.md || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_AES_CTR/wolfssl_AES_CTR.ino ".${EXAMPLES_DIR}"/wolfssl_AES_CTR/wolfssl_AES_CTR.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_AES_CTR/README.md ".${EXAMPLES_DIR}"/wolfssl_AES_CTR/README.md || exit 1
echo "Copy wolfssl_client example...."
mkdir -p ".${EXAMPLES_DIR}"/wolfssl_client
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_client/wolfssl_client.ino ".${EXAMPLES_DIR}"/wolfssl_client/wolfssl_client.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_client/README.md ".${EXAMPLES_DIR}"/wolfssl_client/README.md || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_client/wolfssl_client.ino ".${EXAMPLES_DIR}"/wolfssl_client/wolfssl_client.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_client/README.md ".${EXAMPLES_DIR}"/wolfssl_client/README.md || exit 1
echo "Copy wolfssl_client_dtls example...."
mkdir -p ".${EXAMPLES_DIR}"/wolfssl_client_dtls
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_client_dtls/wolfssl_client_dtls.ino ".${EXAMPLES_DIR}"/wolfssl_client_dtls/wolfssl_client_dtls.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_client_dtls/README.md ".${EXAMPLES_DIR}"/wolfssl_client_dtls/README.md || exit 1
echo "Copy wolfssl_server example...."
mkdir -p .${EXAMPLES_DIR}/wolfssl_server
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_server/wolfssl_server.ino ".${EXAMPLES_DIR}"/wolfssl_server/wolfssl_server.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_server/README.md ".${EXAMPLES_DIR}"/wolfssl_server/README.md || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_server/wolfssl_server.ino ".${EXAMPLES_DIR}"/wolfssl_server/wolfssl_server.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_server/README.md ".${EXAMPLES_DIR}"/wolfssl_server/README.md || exit 1
echo "Copy wolfssl_server_dtls example...."
mkdir -p .${EXAMPLES_DIR}/wolfssl_server_dtls
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_server_dtls/wolfssl_server_dtls.ino ".${EXAMPLES_DIR}"/wolfssl_server_dtls/wolfssl_server_dtls.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_server_dtls/README.md ".${EXAMPLES_DIR}"/wolfssl_server_dtls/README.md || exit 1
echo "Copy wolfssl_version example...."
mkdir -p .${EXAMPLES_DIR}/wolfssl_version
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_version/wolfssl_version.ino ".${EXAMPLES_DIR}"/wolfssl_version/wolfssl_version.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_version/README.md ".${EXAMPLES_DIR}"/wolfssl_version/README.md || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_version/wolfssl_version.ino ".${EXAMPLES_DIR}"/wolfssl_version/wolfssl_version.ino || exit 1
$CP_CMD "$WOLFSSL_EXAMPLES_ROOT"/Arduino/sketches/wolfssl_version/README.md ".${EXAMPLES_DIR}"/wolfssl_version/README.md || exit 1
else
NO_ARDUINO_EXAMPLES=1
fi
@@ -364,27 +384,39 @@ if [ "$THIS_OPERATION" = "INSTALL" ]; then
# Nearly an ordinary copy, but we remove any lines with ">>" (typically edit with caution warning in comments)
grep -v '>>' ../../examples/configs/user_settings_arduino.h > ".${ROOT_SRC_DIR}"/user_settings.h || exit 1
# Show the user_settings.h revision string:
echo "This user_settings.h revision string:"
grep "WOLFSSL_USER_SETTINGS_ID" ."${ROOT_SRC_DIR}/user_settings.h"
echo ""
if [ "$THIS_INSTALL_IS_GITHUB" = "true" ]; then
echo "Installing to GitHub directory: $THIS_INSTALL_DIR"
cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
echo "Removing workspace library directory: .$ROOT_DIR"
rm -rf ".$ROOT_DIR"
rm -rf ".$ROOT_DIR" || exit 1
else
echo "Installing to local directory:"
if [ "$THIS_INSTALL_DIR" = "" ]; then
echo "mv .$ROOT_DIR $ARDUINO_ROOT"
mv ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
if [ -n "$WSL_DISTRO_NAME" ]; then
# setfattr not installed by default
# echo "Set system.wsl_case_sensitive .$ROOT_DIR"
# setfattr -x system.wsl_case_sensitive .$ROOT_DIR
#
# use copy instead of move to avoid possible system.wsl_case_sensitive warnings
echo "cp -r .\"$ROOT_DIR\" \"$ARDUINO_ROOT\""
cp -r ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
echo "rm -rf .\"$ROOT_DIR\""
rm -rf ."$ROOT_DIR" || exit 1
else
echo "mv .$ROOT_DIR $ARDUINO_ROOT"
mv ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
fi
echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
else
echo "cp -r .\"$ROOT_DIR\"/* \"$THIS_INSTALL_DIR\""
mkdir -p "$THIS_INSTALL_DIR" || exit 1
cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
mkdir -p "$THIS_INSTALL_DIR" || exit 1
cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
fi
fi
fi

164
examples/configs/user_settings_arduino.h
View File

@@ -25,7 +25,7 @@
*/
/* Define a macro to display user settings version in example code: */
#define WOLFSSL_USER_SETTINGS_ID "Arduino user_settings.h v5.7.6"
#define WOLFSSL_USER_SETTINGS_ID "Arduino user_settings.h v5.8.2"
/* Disable wolfcrypt cryptographic security hardening. Comment out to enable: */
/* #define WC_NO_HARDEN */
@@ -40,7 +40,6 @@
#define WOLFSSL_IGNORE_FILE_WARN
#define NO_FILESYSTEM
#define USE_CERT_BUFFERS_2048
/* Make sure this is not an ESP-IDF file */
#undef WOLFSSL_ESPIDF
@@ -58,13 +57,143 @@
#define RSA_LOW_MEM
#define NO_OLD_TLS
/* TLS 1.3 */
/* #define WOLFSSL_TLS13 */
#if defined(WOLFSSL_TLS13)
/* To see board properties & definitions:
* arduino-cli compile --fqbn [] --show-properties ./sketches/wolfssl_client */
#if defined(ARDUINO_AVR_ETHERNET)
/* TODO: optimize client / server to fit in 32K flash?
* currently 164K too big: */
#define WOLFSSL_NO_TLS13
#define WOLFSSL_MIN_CONFIG
#define WOLFSSL_USER_IO
#define WOLFSSL_NO_WRITEV
#define NO_FILESYSTEM
#define WOLFSSL_NO_CERTS
#define HAVE_TLS
#define NO_RC4
#define NO_PSK
#define NO_SESSION_CACHE
#define NO_CERT_VERIFY
#define NO_MAIN_DRIVER
#define WOLFSSL_NO_SP
#define WOLFSSL_NO_SIG_WRAPPER
#define TFM_TIMING_RESISTANT
#undef WOLFSSL_DTLS
#undef WOLFSSL_DTLS13
#endif
#if defined(ARDUINO_AVR_LEONARDO_ETH)
/* No time available */
/* Used only here in Arduino, WOLFSSL_NO_TLS13 is not a wolfssl macro */
#undef WOLFSSL_NO_TLS13
#define WOLFSSL_NO_TLS13
#define NO_TLS
#undef WOLFSSL_TLS13
#define WOLFSSL_NO_TLS12
#endif
#if defined(ESP8266) || defined(__SAM3X8E__) || \
defined(ARDUINO_AVR_ETHERNET) || defined(ARDUINO_AVR_LEONARDO_ETH)
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_WRITEV
/* There's limited RAM on these devices */
#define USE_CERT_BUFFERS_1024
/* SNI, Supported Groups (elliptic curves), ALPN: */
#define HAVE_TLS_EXTENSIONS
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
#if defined(WOLFSSL_NO_TLS13) && defined(WOLFSSL_NO_TLS12)
/* NO TLS */
#define NO_TLS
#elif defined(WOLFSSL_NO_TLS13)
/* Only TLS 1.2*/
/* enabled by default, for clarity: */
#undef WOLFSSL_NO_TLS12
/* Ensure TLS 1.3 is not enabled */
#undef WOLFSSL_TLS13
#elif defined(WOLFSSL_NO_TLS12)
/* Only TLS 1.3*/
#define WOLFSSL_TLS13
#if defined(WOLFSSL_TLS13)
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_AEAD
#endif
#else
/* Both TLS 1.2 and TLS 1.3 */
/* TLS 1.2 enabled by default, for clarity: */
#undef WOLFSSL_NO_TLS12
/* Enable only TLS 1.3 on small memory devices */
#define WOLFSSL_TLS13
#if defined(WOLFSSL_TLS13)
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_AEAD
#endif
#endif
#undef WOLFSSL_DTLS
#undef WOLFSSL_DTLS13
#elif defined(ESP32) || \
defined(WIFI_101) || defined(WIFI_NINA) || defined(WIFIESPAT) || \
defined(ETHERNET_H) || defined(ARDUINO_TEENSY41) || \
defined(ARDUINO_SAMD_MKR1000)
#define USE_CERT_BUFFERS_2048
/* Only boards known to have networking will have TLS / DTLS enabled */
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
/* Enable TLS 1.3 */
#define WOLFSSL_TLS13
#if defined(WOLFSSL_TLS13)
#define HAVE_TLS_EXTENSIONS
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_AEAD
#endif
/* Enable DTLS */
#define WOLFSSL_DTLS 1
#if defined(WOLFSSL_DTLS)
#define WOLFSSL_DTLS13
/* WOLFSSL_DTLS13 requires WOLFSSL_TLS13 */
#undef WOLFSSL_TLS13
#define WOLFSSL_TLS13
#define USE_WOLFSSL_IO
/* WOLFSSL_SEND_HRR_COOKIE is needed to use DTLS 1.3 server */
#define WOLFSSL_SEND_HRR_COOKIE
#endif
#elif defined (__AVR__) || defined(__AVR_ARCH__) || defined(__MEGAAVR__)
/* Do not enable TLS on platforms without networking */
/* We'll assume all AVR targets are small: 8 or 16 bit */
#define WC_16BIT_CPU
#define NO_TLS
#elif (defined(__SAMD21__) || defined(__SAMD51__)) && defined(ARDUINO_SAMD_ZERO)
/* No networking on ARDUINO_SAMD_ZERO */
#elif defined(ARDUINO_TEENSY40)
/* No networking on TEENSY boards */
#else
/* other / unknown board */
#define USE_CERT_BUFFERS_1024
#endif
/* #define HAVE_SUPPORTED_CURVES */
@@ -72,9 +201,6 @@
/* Cannot use WOLFSSL_NO_MALLOC with small stack */
/* #define WOLFSSL_NO_MALLOC */
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
/* To further reduce size, client or server functionality can be disabled.
* Here, we check if the example code gave us a hint.
*
@@ -503,6 +629,20 @@
#define CTX_SERVER_KEY_SIZE sizeof_server_key_der_1024
#define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#else
#error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
#define USE_CERT_BUFFERS_256
#endif
#endif
/* Final checks */
/* This should already be done in settings.h for newer versions of wolfSSL:
*
* There's currently no 100% reliable "smaller than 32 bit" detection.
* The user can specify: WC_16BIT_CPU
* Lower 16 bits of new OID values may collide on some 16 bit platforms.
* e.g Arduino Mega, fqbn=arduino:avr:mega */
#if defined(WC_16BIT_CPU)
/* Force the old, 16 bit OIDs to be used in wolfcrypt/oid_sum.h */
#undef WOLFSSL_OLD_OID_SUM
#define WOLFSSL_OLD_OID_SUM
#endif

15
wolfssl/wolfcrypt/settings.h
View File

@@ -319,11 +319,24 @@
#define WOLFSSL_USER_IO
#define WOLFSSL_NO_SOCK
#define NO_WRITEV
/* boards less than 32 bit int get tripped up on long OID values */
#define WC_16BIT_CPU
#define WOLFSSL_OLD_OID_SUM
#elif defined(__SAM3X8E__)
#define WOLFSSL_NO_ATOMIC
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_WRITEV
#elif defined(__arm__)
#define WOLFSSL_NO_SOCK
#define NO_WRITEV
#elif defined(ESP32) || defined(ESP8266)
#elif defined(ESP32)
/* assume sockets available */
#elif defined(ESP8266)
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_WRITEV
#else
#define WOLFSSL_NO_SOCK
#endif

36
wolfssl/wolfio.h
View File

@@ -93,7 +93,25 @@
#define LWIP_PROVIDE_ERRNO 1
#endif
#elif defined(ARDUINO)
/* TODO Add specific boards */
/* board-specific */
#if defined(__AVR__)
/* No AVR specifics at this time */
#elif defined(__arm__)
/* No ARM specifics at this time */
#elif defined(ESP8266)
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_WRITEV
/* No Sockets on ESP8266, thus no DTLS */
#elif defined(ESP32)
#if defined(WOLFSSL_DTLS) || defined(WOLFSSL_DTLS13)
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#endif
#else
/* Add new boards here */
#endif
#elif defined(FREESCALE_MQX)
#include <posix.h>
#include <rtcs.h>
@@ -262,6 +280,20 @@
#define SOCKET_ECONNREFUSED ECONNREFUSED
#define SOCKET_ECONNABORTED ECONNABORTED
#endif
#elif defined(ARDUINO)
#if defined(WOLFSSL_DTLS) || defined(WOLFSSL_DTLS13)
#define SOCKADDR_S struct sockaddr_storage
#define SOCKADDR struct sockaddr
#define SOCKADDR_IN struct sockaddr_in
#endif
#define SOCKET_EWOULDBLOCK EWOULDBLOCK
#define SOCKET_EAGAIN EAGAIN
#define SOCKET_ETIMEDOUT ETIMEDOUT
#define SOCKET_ECONNRESET ECONNRESET
#define SOCKET_EINTR EINTR
#define SOCKET_EPIPE EPIPE
#define SOCKET_ECONNREFUSED ECONNREFUSED
#define SOCKET_ECONNABORTED ECONNABORTED
#elif defined(USE_WINDOWS_API)
/* no epipe yet */
#ifndef WSAEPIPE
@@ -402,7 +434,7 @@
#define SOCKET_EPIPE EPIPE
#define SOCKET_ECONNREFUSED ECONNREFUSED
#define SOCKET_ECONNABORTED ECONNABORTED
#endif /* USE_WINDOWS_API */
#endif /* __WATCOMC__ || ARDUINO || USE_WINDOWS_API || __PPU || .. etc */
#ifdef DEVKITPRO
/* from network.h */