Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Cyclic0007:v5.2.1
Branches Tags
Cyclic0007:master Cyclic0007:nightly-snapshot Cyclic0007:revert-9495-aarch64_no_hw_crypto_asm_aes Cyclic0007:revert-9512-20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches Cyclic0007:TLS13-cipher-suite-fix Cyclic0007:revert-9145-zd20038_2 Cyclic0007:pr-8603 Cyclic0007:remove-arc4 Cyclic0007:devin-lifeguard/update-rules-d59f9c48 Cyclic0007:revert-8277-aarch64_no_crypto Cyclic0007:revert-5549-fix_sha256_debug Cyclic0007:cert-3389
Cyclic0007:WCv5.2.4-KRNL-CHKIN-r5 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC2 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC1 Cyclic0007:WCv5.2.4-KRNL-CHKIN-r4 Cyclic0007:wolfEntropy2d Cyclic0007:v5.8.4-stable Cyclic0007:WCv5.2.5-STM32-PAA Cyclic0007:WCv5.2.4-KRNL-CHKIN Cyclic0007:v5.8.2-stable Cyclic0007:WCv5.2.3-RSA-SWITCH Cyclic0007:wolfEntropy2 Cyclic0007:WCv5.2.3-DHGENPUB-r2 Cyclic0007:WCv5.2.3-DHGENPUB Cyclic0007:v5.8.0-stable Cyclic0007:WCv6.0.0-RC5 Cyclic0007:WCv6.0.0-RC4 Cyclic0007:WCv5.2.3-STM32-PAA Cyclic0007:WCv6.0.0-RC3 Cyclic0007:v5.7.6-stable Cyclic0007:v5.2.1 Cyclic0007:WCv5.2.3-ARMv8-PAA-r2 Cyclic0007:WCv6.0.0-RC2 Cyclic0007:WCv6.0.0-RC1 Cyclic0007:v5.2.1-stable-OS_Seed-HdrOnly Cyclic0007:v5.7.4-stable Cyclic0007:v5.7.2-stable Cyclic0007:wolfEntropy1 Cyclic0007:v5.7.0-stable Cyclic0007:WCv5.2.3-ARMv8-PAA Cyclic0007:v5.6.6-stable Cyclic0007:v5.6.4-stable Cyclic0007:v5.2.1-stable Cyclic0007:WCv5.2.1-PILOT Cyclic0007:v5.6.3-stable Cyclic0007:v5.6.2-stable Cyclic0007:v5.6.0-stable Cyclic0007:v5.5.4-stable Cyclic0007:v5.5.3-stable Cyclic0007:v5.5.2-stable Cyclic0007:v5.5.1-stable Cyclic0007:v5.5.0-stable Cyclic0007:v5.4.0-stable Cyclic0007:v5.3.0-stable Cyclic0007:v5.2.0-stable Cyclic0007:v5.1.1-stable Cyclic0007:WCv5.0-RC12 Cyclic0007:v5.1.0-stable Cyclic0007:WCv5.0-RC11 Cyclic0007:WCv5.0-RC10 Cyclic0007:v5.0.0-stable Cyclic0007:WCv5.0-RC9 Cyclic0007:v4.8.1-stable Cyclic0007:v4.8.0-stable Cyclic0007:WCv5.0-RC8 Cyclic0007:WCv5.0-RC7 Cyclic0007:WCv5.0-RC6 Cyclic0007:WCv5.0-RC5 Cyclic0007:v4.7.1r Cyclic0007:WCv5.0-RC4 Cyclic0007:WCv5.0-RC3 Cyclic0007:WCv5.0-RC2 Cyclic0007:v4.7.0-stable Cyclic0007:v4.6.0-stable Cyclic0007:v4.5.0-stable Cyclic0007:v4.4.0-stable Cyclic0007:v4.3.0-stable Cyclic0007:v4.2.0c Cyclic0007:v4.2.0-stable Cyclic0007:wolfRand-RC2 Cyclic0007:v4.1.0-stable Cyclic0007:wolfRand-RC1 Cyclic0007:v4.0.0-stable Cyclic0007:list Cyclic0007:WCv4-rng-stable Cyclic0007:v3.15.8 Cyclic0007:v3.15.7-stable Cyclic0007:v3.15.6 Cyclic0007:v3.15.5a Cyclic0007:v3.15.5-stable Cyclic0007:WCv4.0-RC9 Cyclic0007:WCv4.0-RC8 Cyclic0007:WCv4.0-RC7 Cyclic0007:v3.15.3-stable Cyclic0007:l Cyclic0007:WCv4-stable Cyclic0007:v3.15.0-stable Cyclic0007:v3.14.5 Cyclic0007:WCv4.0-RC6 Cyclic0007:WCv4.0-RC5 Cyclic0007:WCv4.0-RC4 Cyclic0007:v3.14.4 Cyclic0007:WCv4.0-RC3 Cyclic0007:WCv4.0-RC2 Cyclic0007:WCv4.0-RC1 Cyclic0007:v3.14.2 Cyclic0007:v3.14.0b Cyclic0007:v3.14.0a Cyclic0007:v3.14.0-stable Cyclic0007:v3.13.3 Cyclic0007:v3.13.2 Cyclic0007:v3.13.0-stable Cyclic0007:v3.12.2-stable Cyclic0007:v3.12.0-stable Cyclic0007:v3.11.1-tls13-beta Cyclic0007:v3.11.0-stable Cyclic0007:v3.10.4 Cyclic0007:v3.10.3 Cyclic0007:v3.10.2-stable Cyclic0007:v3.10.0a Cyclic0007:v3.10.0-stable Cyclic0007:v3.9.10b Cyclic0007:v3.9.10-stable Cyclic0007:v3.9.8 Cyclic0007:v3.9.6w Cyclic0007:v3.9.6 Cyclic0007:v3.9.1 Cyclic0007:v3.9.0 Cyclic0007:v3.8.0 Cyclic0007:v3.7.3 Cyclic0007:v3.7.1 Cyclic0007:v3.7.0 Cyclic0007:v3.6.9d Cyclic0007:v3.69.d Cyclic0007:v3.6.9c Cyclic0007:v3.6.9b Cyclic0007:v3.6.9 Cyclic0007:v3.6.8 Cyclic0007:v3.6.6 Cyclic0007:v3.6.2 Cyclic0007:v3.6.0b Cyclic0007:v3.6.0 Cyclic0007:v3.4.8 Cyclic0007:v3.4.6 Cyclic0007:v3.4.2 Cyclic0007:v3.4.0 Cyclic0007:v3.3.3 Cyclic0007:v3.3.2 Cyclic0007:v3.3.0 Cyclic0007:v3.2.6 Cyclic0007:v3.2.4 Cyclic0007:v3.2.0 Cyclic0007:v3.1.0 Cyclic0007:v3.0.2 Cyclic0007:v3.0.0 Cyclic0007:v2.9.4 Cyclic0007:v2.9.2 Cyclic0007:v2.9.1 Cyclic0007:v0.5 Cyclic0007:v2.9.0 Cyclic0007:v2.8.6 Cyclic0007:v2.8.5a Cyclic0007:v2.8.5 Cyclic0007:v2.8.4 Cyclic0007:v2.8.3 Cyclic0007:v2.8.2 Cyclic0007:v2.8.0 Cyclic0007:v2.7.2 Cyclic0007:v2.7.0 Cyclic0007:v2.6.2 Cyclic0007:v2.6.0 Cyclic0007:v2.5.2b Cyclic0007:v2.5.2 Cyclic0007:v2.5.0 Cyclic0007:v2.4.7 Cyclic0007:v2.4.6 Cyclic0007:v2.4.2 Cyclic0007:v2.4.0 Cyclic0007:v2.3.0 Cyclic0007:v2.2.2 Cyclic0007:v2.1.1 Cyclic0007:v2.2.1 Cyclic0007:v2.2.0 Cyclic0007:v2.1.4 Cyclic0007:v2.1.2 Cyclic0007:v2.0.8 Cyclic0007:v2.0.6 Cyclic0007:v2.0.3 Cyclic0007:v2.0.2 Cyclic0007:v2.0rc3 Cyclic0007:v2.0rc2b Cyclic0007:v2.0rc2 Cyclic0007:v2.0rc1 Cyclic0007:v1.9.0 Cyclic0007:v1.8.8.0
..
compare: Cyclic0007:wolfEntropy2
Branches Tags
Cyclic0007:master Cyclic0007:nightly-snapshot Cyclic0007:revert-9495-aarch64_no_hw_crypto_asm_aes Cyclic0007:revert-9512-20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches Cyclic0007:TLS13-cipher-suite-fix Cyclic0007:revert-9145-zd20038_2 Cyclic0007:pr-8603 Cyclic0007:remove-arc4 Cyclic0007:devin-lifeguard/update-rules-d59f9c48 Cyclic0007:revert-8277-aarch64_no_crypto Cyclic0007:revert-5549-fix_sha256_debug Cyclic0007:cert-3389
Cyclic0007:WCv5.2.4-KRNL-CHKIN-r5 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC2 Cyclic0007:WCv6.0.0-linuxkm-UPDT-RC1 Cyclic0007:WCv5.2.4-KRNL-CHKIN-r4 Cyclic0007:wolfEntropy2d Cyclic0007:v5.8.4-stable Cyclic0007:WCv5.2.5-STM32-PAA Cyclic0007:WCv5.2.4-KRNL-CHKIN Cyclic0007:v5.8.2-stable Cyclic0007:WCv5.2.3-RSA-SWITCH Cyclic0007:wolfEntropy2 Cyclic0007:WCv5.2.3-DHGENPUB-r2 Cyclic0007:WCv5.2.3-DHGENPUB Cyclic0007:v5.8.0-stable Cyclic0007:WCv6.0.0-RC5 Cyclic0007:WCv6.0.0-RC4 Cyclic0007:WCv5.2.3-STM32-PAA Cyclic0007:WCv6.0.0-RC3 Cyclic0007:v5.7.6-stable Cyclic0007:v5.2.1 Cyclic0007:WCv5.2.3-ARMv8-PAA-r2 Cyclic0007:WCv6.0.0-RC2 Cyclic0007:WCv6.0.0-RC1 Cyclic0007:v5.2.1-stable-OS_Seed-HdrOnly Cyclic0007:v5.7.4-stable Cyclic0007:v5.7.2-stable Cyclic0007:wolfEntropy1 Cyclic0007:v5.7.0-stable Cyclic0007:WCv5.2.3-ARMv8-PAA Cyclic0007:v5.6.6-stable Cyclic0007:v5.6.4-stable Cyclic0007:v5.2.1-stable Cyclic0007:WCv5.2.1-PILOT Cyclic0007:v5.6.3-stable Cyclic0007:v5.6.2-stable Cyclic0007:v5.6.0-stable Cyclic0007:v5.5.4-stable Cyclic0007:v5.5.3-stable Cyclic0007:v5.5.2-stable Cyclic0007:v5.5.1-stable Cyclic0007:v5.5.0-stable Cyclic0007:v5.4.0-stable Cyclic0007:v5.3.0-stable Cyclic0007:v5.2.0-stable Cyclic0007:v5.1.1-stable Cyclic0007:WCv5.0-RC12 Cyclic0007:v5.1.0-stable Cyclic0007:WCv5.0-RC11 Cyclic0007:WCv5.0-RC10 Cyclic0007:v5.0.0-stable Cyclic0007:WCv5.0-RC9 Cyclic0007:v4.8.1-stable Cyclic0007:v4.8.0-stable Cyclic0007:WCv5.0-RC8 Cyclic0007:WCv5.0-RC7 Cyclic0007:WCv5.0-RC6 Cyclic0007:WCv5.0-RC5 Cyclic0007:v4.7.1r Cyclic0007:WCv5.0-RC4 Cyclic0007:WCv5.0-RC3 Cyclic0007:WCv5.0-RC2 Cyclic0007:v4.7.0-stable Cyclic0007:v4.6.0-stable Cyclic0007:v4.5.0-stable Cyclic0007:v4.4.0-stable Cyclic0007:v4.3.0-stable Cyclic0007:v4.2.0c Cyclic0007:v4.2.0-stable Cyclic0007:wolfRand-RC2 Cyclic0007:v4.1.0-stable Cyclic0007:wolfRand-RC1 Cyclic0007:v4.0.0-stable Cyclic0007:list Cyclic0007:WCv4-rng-stable Cyclic0007:v3.15.8 Cyclic0007:v3.15.7-stable Cyclic0007:v3.15.6 Cyclic0007:v3.15.5a Cyclic0007:v3.15.5-stable Cyclic0007:WCv4.0-RC9 Cyclic0007:WCv4.0-RC8 Cyclic0007:WCv4.0-RC7 Cyclic0007:v3.15.3-stable Cyclic0007:l Cyclic0007:WCv4-stable Cyclic0007:v3.15.0-stable Cyclic0007:v3.14.5 Cyclic0007:WCv4.0-RC6 Cyclic0007:WCv4.0-RC5 Cyclic0007:WCv4.0-RC4 Cyclic0007:v3.14.4 Cyclic0007:WCv4.0-RC3 Cyclic0007:WCv4.0-RC2 Cyclic0007:WCv4.0-RC1 Cyclic0007:v3.14.2 Cyclic0007:v3.14.0b Cyclic0007:v3.14.0a Cyclic0007:v3.14.0-stable Cyclic0007:v3.13.3 Cyclic0007:v3.13.2 Cyclic0007:v3.13.0-stable Cyclic0007:v3.12.2-stable Cyclic0007:v3.12.0-stable Cyclic0007:v3.11.1-tls13-beta Cyclic0007:v3.11.0-stable Cyclic0007:v3.10.4 Cyclic0007:v3.10.3 Cyclic0007:v3.10.2-stable Cyclic0007:v3.10.0a Cyclic0007:v3.10.0-stable Cyclic0007:v3.9.10b Cyclic0007:v3.9.10-stable Cyclic0007:v3.9.8 Cyclic0007:v3.9.6w Cyclic0007:v3.9.6 Cyclic0007:v3.9.1 Cyclic0007:v3.9.0 Cyclic0007:v3.8.0 Cyclic0007:v3.7.3 Cyclic0007:v3.7.1 Cyclic0007:v3.7.0 Cyclic0007:v3.6.9d Cyclic0007:v3.69.d Cyclic0007:v3.6.9c Cyclic0007:v3.6.9b Cyclic0007:v3.6.9 Cyclic0007:v3.6.8 Cyclic0007:v3.6.6 Cyclic0007:v3.6.2 Cyclic0007:v3.6.0b Cyclic0007:v3.6.0 Cyclic0007:v3.4.8 Cyclic0007:v3.4.6 Cyclic0007:v3.4.2 Cyclic0007:v3.4.0 Cyclic0007:v3.3.3 Cyclic0007:v3.3.2 Cyclic0007:v3.3.0 Cyclic0007:v3.2.6 Cyclic0007:v3.2.4 Cyclic0007:v3.2.0 Cyclic0007:v3.1.0 Cyclic0007:v3.0.2 Cyclic0007:v3.0.0 Cyclic0007:v2.9.4 Cyclic0007:v2.9.2 Cyclic0007:v2.9.1 Cyclic0007:v0.5 Cyclic0007:v2.9.0 Cyclic0007:v2.8.6 Cyclic0007:v2.8.5a Cyclic0007:v2.8.5 Cyclic0007:v2.8.4 Cyclic0007:v2.8.3 Cyclic0007:v2.8.2 Cyclic0007:v2.8.0 Cyclic0007:v2.7.2 Cyclic0007:v2.7.0 Cyclic0007:v2.6.2 Cyclic0007:v2.6.0 Cyclic0007:v2.5.2b Cyclic0007:v2.5.2 Cyclic0007:v2.5.0 Cyclic0007:v2.4.7 Cyclic0007:v2.4.6 Cyclic0007:v2.4.2 Cyclic0007:v2.4.0 Cyclic0007:v2.3.0 Cyclic0007:v2.2.2 Cyclic0007:v2.1.1 Cyclic0007:v2.2.1 Cyclic0007:v2.2.0 Cyclic0007:v2.1.4 Cyclic0007:v2.1.2 Cyclic0007:v2.0.8 Cyclic0007:v2.0.6 Cyclic0007:v2.0.3 Cyclic0007:v2.0.2 Cyclic0007:v2.0rc3 Cyclic0007:v2.0rc2b Cyclic0007:v2.0rc2 Cyclic0007:v2.0rc1 Cyclic0007:v1.9.0 Cyclic0007:v1.8.8.0

1 Commits
v5.2.1 ... wolfEntrop

Author SHA1 Message Date
kaleb-himes
e04a7b5782 wolfEntropy Adaptive Proportion Fix 2025 2025-06-24 10:22:49 -06:00
1333 changed files with 45170 additions and 231361 deletions
Expand all files Collapse all files

18
.codespellexcludelines
View File

@@ -1,18 +0,0 @@
###############################################################################
# In this file, you should add the line of the file that needs to be ignored.
# The line should be exactly as it appears in the file.
###############################################################################
0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
static const byte plaintext[] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras lacus odio, pretium vel sagittis ac, facilisis quis diam. Vivamus condimentum velit sed dolor consequat interdum. Etiam eleifend ornare felis, eleifend egestas odio vulputate eu. Sed nec orci nunc. Etiam quis mi augue. Donec ullamcorper suscipit lorem, vel luctus augue cursus fermentum. Etiam a porta arcu, in convallis sem. Integer efficitur elementum diam, vel scelerisque felis posuere placerat. Donec vestibulum sit amet leo sit amet tincidunt. Etiam et vehicula turpis. Phasellus quis finibus sapien. Sed et tristique turpis. Nullam vitae sagittis tortor, et aliquet lorem. Cras a leo scelerisque, convallis lacus ut, fermentum urna. Mauris quis urna diam. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam aliquam vehicula orci id pulvinar. Proin mollis, libero sollicitudin tempor ultrices, massa augue tincidunt turpis, sit amet aliquam neque nibh nec dui. Fusce finibus massa quis rutrum suscipit cras amet";
rsource "Kconfig.tls-generic"
/* Loop over authenticated associated data AD1..ADn */
/* no easy answer [c'est la vie]. Just division */
const uint8_t* hashIn, int hashSz)
XMEMCPY(hash + (curveSz - hashSz), hashIn, hashSz);
0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, /* creen would be i */
\pagenumbering{alph}
DES3_KEY_SIZE = 24, /* 3 des ede */
/* functions added to support above needed, removed TOOM and KARATSUBA */

3
.github/workflows/async.yml vendored
View File

@@ -23,7 +23,6 @@ jobs:
'--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 6
@@ -37,7 +36,7 @@ jobs:
./configure ${{ matrix.config }}
make check
- name: Print errors
- name: Print errors
if: ${{ failure() }}
run: |
if [ -f test-suite.log ] ; then

30
.github/workflows/codespell.yml vendored
View File

@@ -1,30 +0,0 @@
name: Codespell test
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
codespell:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: codespell-project/actions-codespell@v2.1
with:
check_filenames: true
check_hidden: true
# Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
ignore_words_list: adin,aNULL,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te
# The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
exclude_file: '.codespellexcludelines'
# To skip files entirely from being processed, add it to the following list:
skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg'

53
.github/workflows/coverity-scan-fixes.yml vendored
View File

@@ -1,53 +0,0 @@
name: Coverity Scan master branch
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * 1-5'
- cron: '0 0 * * 0'
- cron: '0 12 * * 0'
jobs:
coverity:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: master
- name: Configure wolfSSL with enable-all M-F
if: github.event.schedule == '0 0 * * 1-5'
run: |
./autogen.sh
./configure --enable-all
- name: Configure wolfSSL with enable-all enable-smallstack Sun at 00:00
if: github.event.schedule == '0 0 * * 0'
run: |
./autogen.sh
./configure --enable-all --enable-smallstack
- name: Configure wolfSSL with bigendian Sun at 12:00
if: github.event.schedule == '0 12 * * 0'
run: |
./autogen.sh
./configure --enable-all CFLAGS="-DBIG_ENDIAN_ORDER"
- name: Check secrets
env:
token_var: ${{ secrets.COVERITY_SCAN_TOKEN }}
email_var: ${{ secrets.COVERITY_SCAN_EMAIL }}
run: |
token_len=${#token_var}
echo "$token_len"
email_len=${#email_var}
echo "$email_len"
- uses: vapier/coverity-scan-action@v1
with:
build_language: 'cxx'
project: "wolfSSL/wolfssl"
token: ${{ secrets.COVERITY_SCAN_TOKEN }}
email: ${{ secrets.COVERITY_SCAN_EMAIL }}
command: "make"

16
.github/workflows/curl.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
@@ -27,19 +26,15 @@ jobs:
configure: --enable-curl
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-curl
path: build-dir.tgz
path: build-dir
retention-days: 5
test_curl:
name: ${{ matrix.curl_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 15
@@ -52,15 +47,14 @@ jobs:
- name: Install test dependencies
run: |
sudo apt-get update
sudo apt-get install nghttp2 libpsl5 libpsl-dev python3-impacket
sudo apt-get install nghttp2 libpsl5 libpsl-dev
sudo pip install impacket
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-curl
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Build curl
uses: wolfSSL/actions-build-autotools-project@v1
@@ -73,4 +67,4 @@ jobs:
- name: Test curl
working-directory: curl
run: make -j $(nproc) test-ci
run: make -j test-ci

105
.github/workflows/cyrus-sasl.yml vendored
View File

@@ -1,105 +0,0 @@
name: cyrus-sasl Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
# Don't run tests as this config is tested in many other places
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-sasl
path: build-dir.tgz
retention-days: 5
sasl_check:
strategy:
fail-fast: false
matrix:
# List of releases to test
ref: [ 2.1.28 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
# Don't prompt for anything
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install krb5-kdc krb5-otp libkrb5-dev \
libsocket-wrapper libnss-wrapper krb5-admin-server libdb5.3-dev
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-sasl
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout sasl
uses: actions/checkout@v4
with:
repository: cyrusimap/cyrus-sasl
ref: cyrus-sasl-${{ matrix.ref }}
path: sasl
- name: Build cyrus-sasl
working-directory: sasl
run: |
patch -p1 < $GITHUB_WORKSPACE/osp/cyrus-sasl/${{ matrix.ref }}/${{ matrix.ref }}.patch
autoreconf -ivf
./configure --with-openssl=no --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-dblib=berkeley --disable-shared
# Need to run 'make' twice with '--disable-shared' for some reason
make -j || make -j
- name: Run testsuite
working-directory: sasl
run: |
make -j -C utils testsuite saslpasswd2
# Retry up to five times
for i in {1..5}; do
TEST_RES=0
$GITHUB_WORKSPACE/osp/cyrus-sasl/${{ matrix.ref }}/run-tests.sh || TEST_RES=$?
if [ "$TEST_RES" -eq "0" ]; then
break
fi
done

2
.github/workflows/disabled/haproxy.yml vendored
View File

@@ -20,7 +20,6 @@ jobs:
# List of refs to test
ref: [ master ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
steps:
- name: Build wolfSSL
@@ -58,3 +57,4 @@ jobs:
- name: Test HaProxy
working-directory: haproxy
run: make reg-tests reg-tests/ssl VTEST_PROGRAM=$GITHUB_WORKSPACE/VTest/vtest

8
.github/workflows/disabled/hostap.yml vendored
View File

@@ -22,7 +22,6 @@ jobs:
- build_id: hostap-build2
wolf_extra_config: --enable-brainpool --enable-wpas-dpp
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-20.04
# This should be a safe limit for the tests to run.
@@ -100,7 +99,6 @@ jobs:
build_id: hostap-build2
}
name: hwsim test
if: github.repository_owner == 'wolfssl'
# For openssl 1.1
runs-on: ubuntu-20.04
# This should be a safe limit for the tests to run.
@@ -183,7 +181,7 @@ jobs:
- name: Checkout hostap
uses: actions/checkout@v4
with:
repository: julek-wolfssl/hostap-mirror
repository: julek-wolfssl/hostap-mirror
path: hostap
ref: ${{ matrix.config.hostap_ref }}
# necessary for cherry pick step
@@ -212,7 +210,7 @@ jobs:
done
- if: ${{ matrix.hostapd }}
name: Setup hostapd config file
name: Setup hostapd config file
run: |
cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
hostap/hostapd/.config
@@ -222,7 +220,7 @@ jobs:
EOF
- if: ${{ matrix.wpa_supplicant }}
name: Setup wpa_supplicant config file
name: Setup wpa_supplicant config file
run: |
cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
hostap/wpa_supplicant/.config

9
.github/workflows/docker-Espressif.yml vendored
View File

@@ -14,7 +14,6 @@ concurrency:
jobs:
espressif_latest:
name: latest Docker container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 12
@@ -23,24 +22,22 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Initialize Espressif IDE and build examples
run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
espressif_v4_4:
name: v4.4 Docker container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
container:
image: espressif/idf:release-v4.4
steps:
- uses: actions/checkout@v4
- name: Initialize Espressif IDE and build examples
run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
espressif_v5_0:
name: v5.0 Docker container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
container:
image: espressif/idf:release-v5.0
steps:
- uses: actions/checkout@v4
- name: Initialize Espressif IDE and build examples
run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh

12
.github/workflows/docker-OpenWrt.yml vendored
View File

@@ -17,7 +17,6 @@ concurrency:
jobs:
build_library:
name: Compile libwolfssl.so
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
@@ -29,19 +28,14 @@ jobs:
- uses: actions/checkout@v4
- name: Compile libwolfssl.so
run: ./autogen.sh && ./configure --enable-all && make
# 2024-08-05 - Something broke in the actions. They are no longer following links.
- name: tar libwolfssl.so
working-directory: src/.libs
run: tar -zcf libwolfssl.tgz libwolfssl.so*
- name: Upload libwolfssl.so
uses: actions/upload-artifact@v4
with:
name: openwrt-libwolfssl.so
path: src/.libs/libwolfssl.tgz
path: src/.libs/libwolfssl.so
retention-days: 5
compile_container:
name: Compile container
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 2
@@ -56,9 +50,7 @@ jobs:
- uses: actions/download-artifact@v4
with:
name: openwrt-libwolfssl.so
path: .
- name: untar libwolfssl.so
run: tar -xf libwolfssl.tgz -C Docker/OpenWrt
path: Docker/OpenWrt/.
- name: Build but dont push
uses: docker/build-push-action@v5
with:

11
.github/workflows/grpc.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
@@ -28,14 +27,11 @@ jobs:
configure: --enable-all 'CPPFLAGS=-DWOLFSSL_RSA_KEY_CHECK -DHAVE_EX_DATA_CLEANUP_HOOKS'
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-grpc
path: build-dir.tgz
path: build-dir
retention-days: 5
grpc_check:
@@ -51,7 +47,6 @@ jobs:
test_core_security_ssl_credentials_test test_cpp_end2end_ssl_credentials_test
h2_ssl_cert_test h2_ssl_session_reuse_test
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 30
@@ -70,9 +65,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-grpc
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v4

13
.github/workflows/hitch.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
@@ -28,14 +27,11 @@ jobs:
configure: --enable-hitch
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-hitch
path: build-dir.tgz
path: build-dir
retention-days: 5
hitch_check:
@@ -48,7 +44,6 @@ jobs:
ignore-tests: >-
test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
@@ -58,9 +53,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-hitch
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v4
@@ -107,4 +100,4 @@ jobs:
working-directory: ./hitch
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
make check
make check

25
.github/workflows/hostap-vm.yml vendored
View File

@@ -24,10 +24,9 @@ jobs:
wolf_extra_config: --disable-tls13
- build_id: hostap-vm-build2
wolf_extra_config: >-
--enable-wpas-dpp --enable-brainpool --with-eccminsz=192
--enable-wpas-dpp --enable-brainpool --with-eccminsz=192
--enable-tlsv10 --enable-oldtls
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
@@ -53,19 +52,15 @@ jobs:
${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }}
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.build_id }}
path: build-dir.tgz
path: build-dir
retention-days: 5
build_uml_linux:
name: Build UML (UserMode Linux)
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
@@ -89,7 +84,7 @@ jobs:
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/checkout@v4
with:
repository: torvalds/linux
repository: torvalds/linux
path: linux
- name: Compile linux
@@ -142,7 +137,6 @@ jobs:
}
name: hwsim test
# For openssl 1.1
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 45
@@ -184,9 +178,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: ${{ matrix.config.build_id }}
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Install dependencies
run: |
@@ -196,12 +188,13 @@ jobs:
# hostap dependencies
sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
libnl-route-3-dev libdbus-1-dev bridge-utils tshark python3-pycryptodome
libnl-route-3-dev libdbus-1-dev bridge-utils tshark
sudo pip3 install pycryptodome
- name: Checkout hostap
uses: actions/checkout@v4
with:
repository: julek-wolfssl/hostap-mirror
repository: julek-wolfssl/hostap-mirror
path: hostap
ref: ${{ matrix.config.hostap_ref }}
@@ -235,7 +228,7 @@ jobs:
fi
- if: ${{ matrix.hostapd }}
name: Setup hostapd config file
name: Setup hostapd config file
run: |
cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
hostap/hostapd/.config
@@ -245,7 +238,7 @@ jobs:
EOF
- if: ${{ matrix.wpa_supplicant }}
name: Setup wpa_supplicant config file
name: Setup wpa_supplicant config file
run: |
cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
hostap/wpa_supplicant/.config

85
.github/workflows/ipmitool.yml vendored
View File

@@ -1,85 +0,0 @@
name: ipmitool Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
if: github.repository_owner == 'wolfssl'
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
# Don't run tests as this config is tested in many other places
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-ipmitool
path: build-dir.tgz
retention-days: 5
build_ipmitool:
strategy:
fail-fast: false
matrix:
git_ref: [ c3939dac2c060651361fc71516806f9ab8c38901 ]
name: ${{ matrix.git_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
needs: build_wolfssl
steps:
- name: Install dependencies
run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline8
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-ipmitool
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Build ipmitool
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: ipmitool/ipmitool
ref: ${{ matrix.git_ref }}
path: ipmitool
patch-file: $GITHUB_WORKSPACE/osp/ipmitool/*-${{ matrix.git_ref }}.patch
configure: --with-wolfssl=$GITHUB_WORKSPACE/build-dir
# No checks included and not running since it depends on hardware
check: false
- name: Confirm built with wolfSSL
working-directory: ipmitool
run: |
ldd src/ipmitool | grep wolfssl
ldd src/ipmievd | grep wolfssl

96
.github/workflows/jwt-cpp.yml vendored
View File

@@ -1,96 +0,0 @@
name: jwt-cpp Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
# Don't run tests as this config is tested in many other places
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-jwt-cpp
path: build-dir.tgz
retention-days: 5
build_pam-ipmi:
if: github.repository_owner == 'wolfssl'
strategy:
fail-fast: false
matrix:
config:
- ref: 0.7.0
runner: ubuntu-latest
- ref: 0.6.0
runner: ubuntu-22.04
name: ${{ matrix.config.ref }}
runs-on: ${{ matrix.config.runner }}
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
# Don't prompt for anything
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install libgtest-dev
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-jwt-cpp
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout jwt-cpp
uses: actions/checkout@v4
with:
repository: Thalhammer/jwt-cpp
path: jwt-cpp
ref: v${{ matrix.config.ref }}
- name: Build pam-ipmi
working-directory: jwt-cpp
run: |
patch -p1 < ../osp/jwt-cpp/${{ matrix.config.ref }}.patch
PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig \
cmake -B build -DJWT_SSL_LIBRARY:STRING=wolfSSL -DJWT_BUILD_TESTS=ON .
make -j -C build
ldd ./build/tests/jwt-cpp-test | grep wolfssl
- name: Run jwt-cpp tests
working-directory: jwt-cpp
run: ./build/tests/jwt-cpp-test

11
.github/workflows/krb5.yml vendored
View File

@@ -16,7 +16,6 @@ jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 5
@@ -32,14 +31,11 @@ jobs:
configure: --enable-krb CC='gcc -fsanitize=address'
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-krb5
path: build-dir.tgz
path: build-dir
retention-days: 5
krb5_check:
@@ -49,7 +45,6 @@ jobs:
# List of releases to test
ref: [ 1.21.1 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 8
@@ -59,9 +54,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-krb5
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v4

11
.github/workflows/libssh2.yml vendored
View File

@@ -16,7 +16,6 @@ jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
@@ -29,14 +28,11 @@ jobs:
check: false # config is already tested in many other PRB's
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-libssh2
path: build-dir.tgz
path: build-dir
retention-days: 5
libssh2_check:
@@ -46,7 +42,6 @@ jobs:
# List of releases to test
ref: [ 1.11.0 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 8
@@ -56,9 +51,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-libssh2
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Build and test libssh2
uses: wolfSSL/actions-build-autotools-project@v1

86
.github/workflows/libvncserver.yml vendored
View File

@@ -1,86 +0,0 @@
name: libvncserver Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
# Don't run tests as this config is tested in many other places
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-libvncserver
path: build-dir.tgz
retention-days: 5
build_libvncserver:
strategy:
fail-fast: false
matrix:
ref: [ 0.9.13 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
needs: build_wolfssl
steps:
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-libvncserver
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout libvncserver
uses: actions/checkout@v4
with:
repository: LibVNC/libvncserver
path: libvncserver
ref: LibVNCServer-${{ matrix.ref }}
- name: Build libvncserver
working-directory: libvncserver
run: |
patch -p1 < ../osp/libvncserver/${{ matrix.ref }}.patch
PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig \
cmake -B build -DWITH_GNUTLS=OFF -DWITH_OPENSSL=OFF -DWITH_GCRYPT=OFF -DWITH_WOLFSSL=ON .
make -j -C build VERBOSE=1
ldd build/libvncclient.so | grep wolfssl
ldd build/libvncserver.so | grep wolfssl
- name: Run libvncserver tests
working-directory: libvncserver
run: make -C build test

11
.github/workflows/memcached.yml vendored
View File

@@ -16,7 +16,6 @@ jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
steps:
- name: Build wolfSSL
@@ -29,14 +28,11 @@ jobs:
- name: Bundle Docker entry point
run: cp wolfssl/.github/workflows/memcached.sh build-dir/bin
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-memcached
path: build-dir.tgz
path: build-dir
retention-days: 5
memcached_check:
@@ -47,7 +43,6 @@ jobs:
include:
- ref: 1.6.22
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
needs: build_wolfssl
steps:
@@ -55,9 +50,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-memcached
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v4

99
.github/workflows/mosquitto.yml vendored
View File

@@ -1,99 +0,0 @@
name: mosquitto Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-mosquitto CFLAGS="-DALLOW_INVALID_CERTSIGN"
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-mosquitto
path: build-dir.tgz
retention-days: 5
mosquitto_check:
strategy:
fail-fast: false
matrix:
ref: [ 2.0.18 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
steps:
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-mosquitto
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y build-essential libev-dev libssl-dev automake python3-docutils libcunit1 libcunit1-doc libcunit1-dev pkg-config make python3-psutil
- name: Checkout mosquitto
uses: actions/checkout@v4
with:
repository: eclipse/mosquitto
ref: v${{ matrix.ref }}
path: mosquitto
- name: Configure and build mosquitto
run: |
cd $GITHUB_WORKSPACE/mosquitto/
patch -p1 < $GITHUB_WORKSPACE/osp/mosquitto/${{ matrix.ref }}.patch
make WITH_TLS=wolfssl WITH_CJSON=no WITH_DOCS=no WOLFSSLDIR=$GITHUB_WORKSPACE/build-dir
- name: Run mosquitto tests
working-directory: ./mosquitto
run: |
# Retry up to five times
for i in {1..5}; do
TEST_RES=0
make WITH_TLS=wolfssl WITH_CJSON=no WITH_DOCS=no WOLFSSLDIR=$GITHUB_WORKSPACE/build-dir ptest || TEST_RES=$?
if [ "$TEST_RES" -eq "0" ]; then
break
fi
done
if [ "$TEST_RES" -ne "0" ]; then
exit $TEST_RES
fi

3
.github/workflows/multi-arch.yml vendored
View File

@@ -36,7 +36,6 @@ jobs:
CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
ARCH: armel
EXTRA_OPTS: --enable-sp-asm
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
@@ -52,7 +51,7 @@ jobs:
CFLAGS: ${{ matrix.CFLAGS }}
QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples ${{ matrix.EXTRA_OPTS }} && make
- name: Print errors
- name: Print errors
if: ${{ failure() }}
run: |
if [ -f config.log ] ; then

3
.github/workflows/multi-compiler.yml vendored
View File

@@ -46,13 +46,10 @@ jobs:
- CC: clang-14
CXX: clang++-14
OS: ubuntu-latest
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.OS }}
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Install dependencies
run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y ${{ matrix.CC }}
- uses: actions/checkout@v4
- name: Build
env:

84
.github/workflows/net-snmp.yml vendored
View File

@@ -1,84 +0,0 @@
name: net-snmp Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-net-snmp
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-net-snmp
path: build-dir.tgz
retention-days: 5
net-snmp_check:
strategy:
fail-fast: false
matrix:
# List of releases to test
include:
- ref: 5.9.3
test_opts: -e 'agentxperl'
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
steps:
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-net-snmp
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Build net-snmp
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: net-snmp/net-snmp
ref: v${{ matrix.ref }}
path: net-snmp
patch-file: $GITHUB_WORKSPACE/osp/net-snmp/${{ matrix.ref }}.patch
configure: --disable-shared --with-wolfssl=$GITHUB_WORKSPACE/build-dir
check: false
- name: Run net-snmp tests
working-directory: net-snmp
run: |
autoconf --version | grep -P '2\.\d\d' -o > dist/autoconf-version
make -j test TESTOPTS="${{ matrix.test_opts }}"

15
.github/workflows/nginx.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
@@ -34,14 +33,11 @@ jobs:
configure: --enable-nginx ${{ env.wolf_debug_flags }}
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-nginx
path: build-dir.tgz
path: build-dir
retention-days: 5
nginx_check:
@@ -97,7 +93,7 @@ jobs:
stream_ssl_preread.t stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t
stream_ssl_variables.t stream_ssl_verify_client.t stream_upstream_zone_ssl.t
upstream_zone_ssl.t uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t
uwsgi_ssl.t uwsgi_ssl_verify.t
uwsgi_ssl.t uwsgi_ssl_verify.t
# Following tests do not pass with sanitizer on (with OpenSSL too)
sanitize-not-ok: >-
grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
@@ -106,7 +102,6 @@ jobs:
stream_proxy_protocol_ssl.t stream_proxy_ssl_conf_command.t stream_proxy_ssl.t
stream_proxy_ssl_verify.t
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 6
@@ -116,9 +111,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-nginx
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Install dependencies
run: |
@@ -223,4 +216,4 @@ jobs:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
prove ${{ matrix.sanitize-ok }}

5
.github/workflows/no-malloc.yml vendored
View File

@@ -18,10 +18,9 @@ jobs:
matrix:
config: [
# Add new configs here
'--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC -DRSA_MIN_SIZE=1024"',
'--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC"',
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 6
@@ -36,7 +35,7 @@ jobs:
make
./wolfcrypt/test/testwolfcrypt
- name: Print errors
- name: Print errors
if: ${{ failure() }}
run: |
if [ -f test-suite.log ] ; then

93
.github/workflows/ntp.yml vendored
View File

@@ -1,93 +0,0 @@
name: ntp Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-ntp
path: build-dir.tgz
retention-days: 5
ntp_check:
strategy:
fail-fast: false
matrix:
# List of releases to test
ref: [ 4.2.8p15 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
needs: build_wolfssl
steps:
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-ntp
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
# Avoid DoS'ing ntp site so cache the tar.gz
- name: Check if we have ntp
uses: actions/cache@v4
id: cache
with:
path: ntp-${{ matrix.ref }}.tar.gz
key: ntp-${{ matrix.ref }}.tar.gz
- name: Download ntp
if: steps.cache.outputs.cache-hit != 'true'
run: |
wget https://downloads.nwtime.org/ntp/4.2.8/ntp-${{ matrix.ref }}.tar.gz
- name: Extract ntp
run: |
tar -xf ntp-${{ matrix.ref }}.tar.gz
- name: Build and test ntp
working-directory: ntp-${{ matrix.ref }}
run: |
patch -p1 < $GITHUB_WORKSPACE/osp/ntp/${{ matrix.ref }}/ntp-${{ matrix.ref }}.patch
./bootstrap
./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir
make -j
make -j check

1
.github/workflows/ocsp.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
ocsp_stapling:
name: ocsp stapling
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
timeout-minutes: 10
steps:

89
.github/workflows/openldap.yml vendored
View File

@@ -1,89 +0,0 @@
name: openldap Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-openldap CPPFLAGS=-DWOLFSSL_NO_ASN_STRICT
install: true
check: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-openldap
path: build-dir.tgz
retention-days: 5
openldap_check:
strategy:
fail-fast: false
matrix:
include:
# List of releases to test
- osp_ref: 2.5.13
git_ref: OPENLDAP_REL_ENG_2_5_13
name: ${{ matrix.osp_ref }}
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 20
needs: build_wolfssl
steps:
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-openldap
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout openldap
uses: actions/checkout@v4
with:
repository: openldap/openldap
path: openldap
ref: ${{ matrix.git_ref }}
- name: Build and test OpenLDAP
working-directory: openldap
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
patch -p1 < $GITHUB_WORKSPACE/osp/openldap/${{ matrix.osp_ref }}/openldap-${{ matrix.osp_ref }}.patch
rm aclocal.m4
autoreconf -ivf
./configure --with-tls=wolfssl --disable-bdb --disable-hdb \
CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include \
-I$GITHUB_WORKSPACE/build-dir/include/wolfssl \
-L$GITHUB_WORKSPACE/build-dir/lib"
make -j depend
make -j
make -j check

15
.github/workflows/openssh.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
@@ -27,17 +26,14 @@ jobs:
path: wolfssl
configure: >-
--enable-openssh --enable-dsa --with-max-rsa-bits=8192
--enable-intelasm --enable-sp-asm CFLAGS="-DRSA_MIN_SIZE=1024"
--enable-intelasm --enable-sp-asm
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-openssh
path: build-dir.tgz
path: build-dir
retention-days: 5
openssh_check:
@@ -48,7 +44,6 @@ jobs:
- git_ref: 'V_9_6_P1'
osp_ver: '9.6'
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
needs: build_wolfssl
steps:
@@ -56,9 +51,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-openssh
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v4
@@ -76,7 +69,7 @@ jobs:
configure: --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-rpath=-Wl,-rpath=
check: false
# make tests take >20 minutes. Consider limiting?
# make tests take >20 minutes. Consider limiting?
- name: Run tests
working-directory: ./openssh
run: |

13
.github/workflows/openvpn.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
@@ -28,14 +27,11 @@ jobs:
configure: --enable-openvpn
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-openvpn
path: build-dir.tgz
path: build-dir
retention-days: 5
openvpn_check:
@@ -43,9 +39,8 @@ jobs:
fail-fast: false
matrix:
# List of refs to test
ref: [ release/2.6, master ]
ref: [ release/2.6, v2.6.0, master ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
@@ -55,9 +50,7 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-openvpn
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Install dependencies
run: |

33
.github/workflows/os-check.yml vendored
View File

@@ -25,24 +25,16 @@ jobs:
'--enable-all --enable-asn=original',
'--enable-harden-tls',
'--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13
--enable-opensslextra --enable-sessioncerts
CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE
--enable-opensslextra --enable-sessioncerts
CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE
-DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
'--enable-all --enable-secure-renegotiation',
'--enable-all --enable-haproxy --enable-quic',
'--enable-dtls --enable-dtls13 --enable-earlydata
--enable-session-ticket --enable-psk
'--enable-dtls --enable-dtls13 --enable-earlydata
--enable-session-ticket --enable-psk
CPPFLAGS=''-DWOLFSSL_DTLS13_NO_HRR_ON_RESUME'' ',
'--enable-experimental --enable-kyber --enable-dtls --enable-dtls13
--enable-dtls-frag-ch',
'--enable-all --enable-dtls13 --enable-dtls-frag-ch',
'--enable-dtls --enable-dtls13 --enable-dtls-frag-ch
--enable-dtls-mtu',
'--enable-dtls --enable-dtlscid --enable-dtls13 --enable-secure-renegotiation
--enable-psk --enable-aesccm --enable-nullcipher CPPFLAGS=-DWOLFSSL_STATIC_RSA',
]
name: make check
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
# This should be a safe limit for the tests to run.
timeout-minutes: 14
@@ -63,7 +55,6 @@ jobs:
'examples/configs/user_settings_all.h',
]
name: make user_setting.h
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
# This should be a safe limit for the tests to run.
timeout-minutes: 14
@@ -85,11 +76,9 @@ jobs:
'examples/configs/user_settings_min_ecc.h',
'examples/configs/user_settings_wolfboot_keytools.h',
'examples/configs/user_settings_wolftpm.h',
'examples/configs/user_settings_wolfssh.h',
'examples/configs/user_settings_tls12.h',
]
name: make user_setting.h (testwolfcrypt only)
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
# This should be a safe limit for the tests to run.
timeout-minutes: 14
@@ -111,7 +100,6 @@ jobs:
matrix:
os: [ ubuntu-latest, macos-latest ]
name: make user_setting.h (with sed)
if: github.repository_owner == 'wolfssl'
runs-on: ${{ matrix.os }}
# This should be a safe limit for the tests to run.
timeout-minutes: 14
@@ -130,12 +118,7 @@ jobs:
windows_build:
name: Windows Build Test
if: github.repository_owner == 'wolfssl'
runs-on: windows-latest
strategy:
fail-fast: false
matrix:
arch: [ x64, Win32, ARM64 ]
# This should be a safe limit for the tests to run.
timeout-minutes: 6
env:
@@ -146,6 +129,7 @@ jobs:
# You can convert this to a build matrix if you need coverage of multiple configuration types.
# https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
BUILD_CONFIGURATION: Release
BUILD_PLATFORM: x64
steps:
- uses: actions/checkout@v4
@@ -160,9 +144,8 @@ jobs:
working-directory: ${{env.GITHUB_WORKSPACE}}
# Add additional options to the MSBuild command line here (like platform or verbosity level).
# See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{matrix.arch}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
- if: ${{ matrix.arch != 'ARM64' }}
name: Run Test
- name: Run Test
working-directory: ${{env.GITHUB_WORKSPACE}}
run: Release/${{matrix.arch}}/testsuite.exe
run: Release/x64/testsuite.exe

17
.github/workflows/packaging.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Package wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
@@ -38,9 +37,8 @@ jobs:
- name: Build wolfSSL .deb
run: make deb-docker
# disabled 20240919 -- broken target.
# - name: Build wolfSSL .rpm
# run: make rpm-docker
- name: Build wolfSSL .rpm
run: make rpm-docker
- name: Confirm packages built
run: |
@@ -49,9 +47,8 @@ jobs:
echo Did not find exactly two deb packages!!!
exit 1
fi
# disabled 20240919 -- broken target.
# RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
# if [ "$RPM_COUNT" != "4" ]; then
# echo Did not find exactly four rpm packages!!!
# exit 1
# fi
RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
if [ "$RPM_COUNT" != "4" ]; then
echo Did not find exactly four rpm packages!!!
exit 1
fi

92
.github/workflows/pam-ipmi.yml vendored
View File

@@ -1,92 +0,0 @@
name: pam-ipmi Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
# Don't run tests as this config is tested in many other places
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-pam-ipmi
path: build-dir.tgz
retention-days: 5
build_pam-ipmi:
strategy:
fail-fast: false
matrix:
git_ref: [ e4b13e6725abb178f62ee897fe1c0e81b06a9431 ]
name: ${{ matrix.git_ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
# Don't prompt for anything
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install libpam-dev ninja-build meson
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-pam-ipmi
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout pam-ipmi
uses: actions/checkout@v4
with:
repository: openbmc/pam-ipmi
path: pam-ipmi
ref: ${{ matrix.git_ref }}
- name: Build pam-ipmi
working-directory: pam-ipmi
run: |
patch -p1 < ../osp/pam-ipmi/*-${{ matrix.git_ref }}.patch
PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig meson setup build
ninja -C build
- name: Confirm built with wolfSSL
working-directory: pam-ipmi
run: |
ldd ./build/src/pam_ipmisave/pam_ipmisave.so | grep wolfssl

116
.github/workflows/rng-tools.yml vendored
View File

@@ -1,116 +0,0 @@
name: rng-tools Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all
install: true
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-rng-tools
path: build-dir.tgz
retention-days: 5
rng-tools_check:
strategy:
fail-fast: false
matrix:
# List of releases to test
ref: [ 6.16 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
# Don't prompt for anything
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y libcurl4-openssl-dev libjansson-dev libp11-dev librtlsdr-dev libcap-dev
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-rng-tools
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout jitterentropy-library
uses: actions/checkout@v4
with:
repository: smuellerDD/jitterentropy-library
path: jitterentropy-library
ref: v3.5.0
- name: Build jitterentropy-library
working-directory: jitterentropy-library
run: make -j
- name: Build rng-tools
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: nhorman/rng-tools
ref: v${{ matrix.ref }}
path: rng-tools
patch-file: $GITHUB_WORKSPACE/osp/rng-tools/${{ matrix.ref }}.patch
configure: --without-pkcs11 --enable-jitterentropy=$GITHUB_WORKSPACE/jitterentropy-library --with-wolfssl=$GITHUB_WORKSPACE/build-dir
check: false
- name: Testing rng-tools
id: testing
working-directory: rng-tools
run: |
# Retry up to five times
for i in {1..5}; do
TEST_RES=0
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib make check || TEST_RES=$?
if [ "$TEST_RES" -eq "0" ]; then
break
fi
done
if [ "$TEST_RES" -ne "0" ]; then
exit $TEST_RES
fi
- name: Print logs
if: ${{ failure() && steps.testing.outcome == 'failure' }}
working-directory: rng-tools/tests
run: cat test-suite.log

81
.github/workflows/socat.yml vendored
View File

@@ -1,81 +0,0 @@
name: socat Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-maxfragment --enable-opensslall --enable-opensslextra --enable-dtls --enable-oldtls --enable-tlsv10 --enable-ipv6 'CPPFLAGS=-DWOLFSSL_NO_DTLS_SIZE_CHECK -DOPENSSL_COMPATIBLE_DEFAULTS'
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-socat
path: build-dir.tgz
retention-days: 5
socat_check:
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 30
needs: build_wolfssl
steps:
- name: Install prereqs
run:
sudo apt-get install build-essential autoconf libtool pkg-config clang libc++-dev
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-socat
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Download socat
run: curl -O http://www.dest-unreach.org/socat/download/socat-1.8.0.0.tar.gz && tar xvf socat-1.8.0.0.tar.gz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Build socat
working-directory: ./socat-1.8.0.0
run: |
patch -p1 < ../osp/socat/1.8.0.0/socat-1.8.0.0.patch
autoreconf -vfi
./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --enable-default-ipv=4
make
- name: Run socat tests
working-directory: ./socat-1.8.0.0
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
export SHELL=/bin/bash
SOCAT=$GITHUB_WORKSPACE/socat-1.8.0.0/socat ./test.sh -t 0.5 --expect-fail 36,64,146,214,216,217,309,310,386,399,402,403,459,460,467,468,478,492,528,530

94
.github/workflows/softhsm.yml vendored
View File

@@ -1,94 +0,0 @@
name: SoftHSMv2 Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 10
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all CFLAGS=-DRSA_MIN_SIZE=1024
install: true
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-softhsm
path: build-dir.tgz
retention-days: 5
softhsm_check:
strategy:
fail-fast: false
matrix:
# List of releases to test
ref: [ 2.6.1 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 20
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
# Don't prompt for anything
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y libcppunit-dev
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-softhsm
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Checkout SoftHSMv2
uses: actions/checkout@v4
with:
repository: opendnssec/SoftHSMv2
path: softhsm
ref: ${{ matrix.ref }}
# Not using wolfSSL/actions-build-autotools-project@v1 because autogen.sh doesn't work
- name: Build softhsm
working-directory: softhsm
run: |
patch -p1 < $GITHUB_WORKSPACE/osp/softhsm/${{ matrix.ref }}.patch
autoreconf -if
./configure --with-crypto-backend=wolfssl WOLFSSL_INSTALL_DIR=$GITHUB_WORKSPACE/build-dir
make -j
- name: Test softhsm
working-directory: softhsm
run: make -j check

99
.github/workflows/sssd.yml vendored
View File

@@ -1,99 +0,0 @@
name: sssd Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfssl:
if: github.repository_owner == 'wolfssl'
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-all CFLAGS=-DWOLFSSL_NO_ASN_STRICT
install: true
check: false
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-sssd
path: build-dir.tgz
retention-days: 5
sssd_check:
if: github.repository_owner == 'wolfssl'
strategy:
fail-fast: false
matrix:
# List of releases to test
ref: [ 2.9.1 ]
name: ${{ matrix.ref }}
runs-on: ubuntu-latest
container:
image: quay.io/sssd/ci-client-devel:ubuntu-latest
env:
LD_LIBRARY_PATH: /usr/local/lib
# This should be a safe limit for the tests to run.
timeout-minutes: 20
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
# Don't prompt for anything
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y build-essential autoconf libldb-dev libldb2 python3-ldb bc
- name: Setup env
run: |
ln -s samba-4.0/ldb.h /usr/include/ldb.h
ln -s samba-4.0/ldb_errors.h /usr/include/ldb_errors.h
ln -s samba-4.0/ldb_handlers.h /usr/include/ldb_handlers.h
ln -s samba-4.0/ldb_module.h /usr/include/ldb_module.h
ln -s samba-4.0/ldb_version.h /usr/include/ldb_version.h
- name: Download lib
uses: actions/download-artifact@v4
with:
name: wolf-install-sssd
- name: untar build-dir
run: tar -xf build-dir.tgz
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
- name: Build and test sssd
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: SSSD/sssd
ref: ${{ matrix.ref }}
path: sssd
patch-file: $GITHUB_WORKSPACE/osp/sssd/${{ matrix.ref }}.patch
configure: >-
--without-samba --without-nfsv4-idmapd-plugin --with-oidc-child=no
--without-manpages WOLFSSL_INSTALL_DIR=$GITHUB_WORKSPACE/build-dir
check: true

13
.github/workflows/stunnel.yml vendored
View File

@@ -15,7 +15,6 @@ concurrency:
jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
@@ -28,14 +27,11 @@ jobs:
configure: --enable-stunnel
install: true
- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir
- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-stunnel
path: build-dir.tgz
path: build-dir
retention-days: 5
stunnel_check:
@@ -45,7 +41,6 @@ jobs:
# List of releases to test
ref: [ 5.67 ]
name: ${{ matrix.ref }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 4
@@ -55,10 +50,8 @@ jobs:
uses: actions/download-artifact@v4
with:
name: wolf-install-stunnel
- name: untar build-dir
run: tar -xf build-dir.tgz
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v4
with:

58
.github/workflows/win-csharp-test.yml vendored
View File

@@ -1,58 +0,0 @@
name: Windows CSharp Build Test
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
jobs:
build:
if: github.repository_owner == 'wolfssl'
runs-on: windows-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 6
env:
# Path to the solution file relative to the root of the project.
SOLUTION_FILE_PATH: wolfssl\wrapper\CSharp\wolfSSL_CSharp.sln
# Configuration type to build.
# You can convert this to a build matrix if you need coverage of multiple configuration types.
# https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
BUILD_CONFIGURATION: Debug
BUILD_PLATFORM: x64
steps:
- name: Pull wolfssl
uses: actions/checkout@master
with:
repository: wolfssl/wolfssl
path: wolfssl
- name: Create FIPS stub files (autogen)
working-directory: wolfssl
run: |
echo $null >> wolfcrypt\src\fips.c
echo $null >> wolfcrypt\src\fips_test.c
echo $null >> wolfcrypt\src\wolfcrypt_first.c
echo $null >> wolfcrypt\src\wolfcrypt_last.c
- name: Add MSBuild to PATH
uses: microsoft/setup-msbuild@v1
- name: Build
working-directory: ${{env.GITHUB_WORKSPACE}}
# Add additional options to the MSBuild command line here (like platform or verbosity level).
# See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
- name: Run wolfCrypt test
working-directory: ${{env.GITHUB_WORKSPACE}}wolfssl\wrapper\CSharp\Debug\x64\
run: ./wolfCrypt-test.exe
- name: Run wolfSSL client/server example
working-directory: ${{env.GITHUB_WORKSPACE}}wolfssl\wrapper\CSharp\Debug\x64\
run: ./wolfSSL-TLS-Server.exe && sleep 1 & ./wolfSSL-TLS-Client.exe

3
.github/workflows/zephyr.yml vendored
View File

@@ -25,7 +25,6 @@ jobs:
zephyr-sdk: 0.16.3
- zephyr-ref: v2.7.4
zephyr-sdk: 0.16.3
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-latest
# This should be a safe limit for the tests to run.
timeout-minutes: 25
@@ -46,7 +45,7 @@ jobs:
libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
python3-ply python3-setuptools python-is-python3 qemu-kvm rsync socat srecord sudo \
python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
texinfo unzip wget ovmf xz-utils
- name: Install west

20
.gitignore vendored
View File

@@ -10,7 +10,6 @@ ctaocrypt/src/src/
*.cache
.dirstamp
*.user
!*-VS2022.vcxproj.user
configure
config.*
!cmake/config.in
@@ -246,7 +245,6 @@ linuxkm/libwolfssl.mod.c
linuxkm/libwolfssl.lds
linuxkm/module_exports.c
linuxkm/linuxkm/get_thread_size
*.nds
# autotools generated
scripts/unit.test
@@ -415,14 +413,6 @@ user_settings_asm.h
/IDE/Espressif/**/sdkconfig
/IDE/Espressif/**/sdkconfig.old
# ESP8266 RTOS SDK has a slightly different sdkconfig filename to exclude:
/IDE/Espressif/**/sdkconfig.debug
/IDE/Espressif/**/sdkconfig.release
# Always include Espressif makefiles (typically only used for ESP8266)
!/IDE/Espressif/**/Makefile
!/IDE/Espressif/**/component.mk
# MPLAB
/IDE/MPLABX16/wolfssl.X/dist/default/
/IDE/MPLABX16/wolfssl.X/.generated_files
@@ -444,12 +434,6 @@ debian/changelog
debian/control
*.deb
# Ada/Alire files
wrapper/Ada/alire/
wrapper/Ada/config/
wrapper/Ada/lib/
wrapper/Ada/obj/
# PlatformIO
/**/.pio
/**/.vscode/.browse.c_cpp.db*
@@ -457,7 +441,3 @@ wrapper/Ada/obj/
/**/.vscode/launch.json
/**/.vscode/ipch
/**/sdkconfig.esp32dev
# Autogenerated debug trace headers
wolfssl/debug-trace-error-codes.h
wolfssl/debug-untrace-error-codes.h

982
.wolfssl_known_macro_extras
View File

@@ -1,982 +0,0 @@
AES_GCM_GMULT_NCT
AFX_RESOURCE_DLL
AFX_TARG_ENU
ALLOW_BINARY_MISMATCH_INTROSPECTION
ALLOW_V1_EXTENSIONS
ANDROID
APP_ESP_HTTP_CLIENT
APP_ESP_HTTP_CLIENT_EXAMPLE
APSTUDIO_INVOKED
ARCH_sim
ARDUINO
ARDUINO_ARCH_RP2040
ARDUINO_SAMD_NANO_33_IOT
ARDUINO_SAM_DUE
ASN_DUMP_OID
ASN_TEMPLATE_SKIP_ISCA_CHECK
ATCAPRINTF
ATCA_ENABLE_DEPRECATED
AVR
BASE64_NO_TABLE
BLAKE2B_SELFTEST
BLAKE2S_SELFTEST
BLOCKING
BSP_DEFAULT_IO_CHANNEL_DEFINED
BSP_LED_0
BSP_LED_1
BSP_SDCARD_ESDHC_CHANNEL
BSP_SDCARD_SDHC_CHANNEL
BSP_SDCARD_SPI_CHANNEL
CAAM_OUT_INVALIDATE
CIOCASYMFEAT
CIOCGSESSINFO
CMSIS_OS2_H_
COMPONENT_WOLFSSL
CONFIG_ARCH_CHIP_STM32F746ZG
CONFIG_ARCH_CHIP_STM32H743ZI
CONFIG_ARCH_CHIP_STM32L552ZE
CONFIG_ARCH_POSIX
CONFIG_ARM
CONFIG_ARM64
CONFIG_BOARD_NATIVE_POSIX
CONFIG_COMPILER_OPTIMIZATION_DEFAULT
CONFIG_COMPILER_OPTIMIZATION_NONE
CONFIG_COMPILER_OPTIMIZATION_PERF
CONFIG_COMPILER_OPTIMIZATION_SIZE
CONFIG_CRYPTO_FIPS
CONFIG_CRYPTO_MANAGER
CONFIG_CSPRNG_ENABLED
CONFIG_ESP32C2_DEFAULT_CPU_FREQ_MHZ
CONFIG_ESP32C3_DEFAULT_CPU_FREQ_MHZ
CONFIG_ESP32H2_DEFAULT_CPU_FREQ_MHZ
CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
CONFIG_ESP8266_XTAL_FREQ_26
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80
CONFIG_ESP_ENABLE_WOLFSSH
CONFIG_ESP_MAIN_TASK_STACK_SIZE
CONFIG_ESP_TLS_USING_WOLFSSL
CONFIG_ESP_WIFI_PASSWORD
CONFIG_ESP_WIFI_SSID
CONFIG_ESP_WOLFSSL_ENABLE_KYBER
CONFIG_ESP_WOLFSSL_ENABLE_WOLFSSH
CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT
CONFIG_ESP_WOLFSSL_NO_HW_AES
CONFIG_ESP_WOLFSSL_NO_HW_HASH
CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI
CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
CONFIG_FREERTOS_HZ
CONFIG_FREERTOS_UNICORE
CONFIG_IDF_TARGET
CONFIG_IDF_TARGET_ARCH_RISCV
CONFIG_IDF_TARGET_ARCH_XTENSA
CONFIG_IDF_TARGET_ESP32
CONFIG_IDF_TARGET_ESP32C2
CONFIG_IDF_TARGET_ESP32C3
CONFIG_IDF_TARGET_ESP32C6
CONFIG_IDF_TARGET_ESP32H2
CONFIG_IDF_TARGET_ESP32S2
CONFIG_IDF_TARGET_ESP32S3
CONFIG_IDF_TARGET_ESP8266
CONFIG_IDF_TARGET_ESP8684
CONFIG_MAIN_TASK_STACK_SIZE
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
CONFIG_MBEDTLS_PSA_CRYPTO_C
CONFIG_MIPS
CONFIG_MODULE_SIG
CONFIG_NET_SOCKETS_SOCKOPT_TLS
CONFIG_NEWLIB_LIBC
CONFIG_NEWLIB_NANO_FORMAT
CONFIG_PICOLIBC
CONFIG_POSIX_API
CONFIG_POSIX_THREADS
CONFIG_PREEMPT_COUNT
CONFIG_PTHREAD_IPC
CONFIG_SMP
CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
CONFIG_TIMER_TASK_STACK_DEPTH
CONFIG_TIMER_TASK_STACK_SIZE
CONFIG_TLS_STACK_WOLFSSL
CONFIG_USE_WOLFSSL_ESP_SDK_TIME
CONFIG_USE_WOLFSSL_ESP_SDK_WIFI
CONFIG_WOLFCRYPT_ARMASM
CONFIG_WOLFCRYPT_FIPS
CONFIG_WOLFCRYPT_INTELASM
CONFIG_WOLFSSL
CONFIG_WOLFSSL_ALLOW_TLS13
CONFIG_WOLFSSL_ALPN
CONFIG_WOLFSSL_ALT_CERT_CHAINS
CONFIG_WOLFSSL_APPLE_HOMEKIT
CONFIG_WOLFSSL_ASN_ALLOW_0_SERIAL
CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
CONFIG_WOLFSSL_DTLS
CONFIG_WOLFSSL_ENABLE_KYBER
CONFIG_WOLFSSL_EXAMPLE_NAME_ESP32_SSH_SERVER
CONFIG_WOLFSSL_EXAMPLE_NAME_ESP8266_SSH_SERVER
CONFIG_WOLFSSL_EXAMPLE_NAME_NONE
CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE
CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT
CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER
CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_AWS_IOT_MQTT
CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE
CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
CONFIG_WOLFSSL_HKDF
CONFIG_WOLFSSL_MAX_FRAGMENT_LEN
CONFIG_WOLFSSL_NO_ASN_STRICT
CONFIG_WOLFSSL_PSK
CONFIG_WOLFSSL_RSA_PSS
CONFIG_WOLFSSL_TARGET_HOST
CONFIG_WOLFSSL_TARGET_PORT
CONFIG_WOLFSSL_TLS13_ENABLED
CONFIG_WOLFSSL_TLS_VERSION_1_2
CONFIG_WOLFSSL_TLS_VERSION_1_3
CONFIG_WOLFTPM_EXAMPLE_NAME_ESPRESSIF
CONFIG_X86
CONV_WITH_DIV
CPA_CY_API_VERSION_NUM_MAJOR
CPU_MIMXRT1176DVMAA_cm7
CPU_MK82FN256VLL15
CRLDP_VALIDATE_DATA
CRL_REPORT_LOAD_ERRORS
CRL_STATIC_REVOKED_LIST
CRYPTOCELL_KEY_SIZE
CRYP_HEADERWIDTHUNIT_BYTE
CRYP_KEYIVCONFIG_ONCE
CRYP_KEYSIZE_192B
CSM_UNSUPPORTED_ALGS
CTYPE_USER
CURVED448_SMALL
CY_USING_HAL
DCP_USE_DCACHE
DILITHIUM_MUL_11_SLOW
DILITHIUM_MUL_44_SLOW
DILITHIUM_MUL_QINV_SLOW
DILITHIUM_MUL_Q_SLOW
DILITHIUM_MUL_SLOW
DILITHIUM_USE_HINT_CT
DTLS_RECEIVEFROM_NO_TIMEOUT_ON_INVALID_PEER
ECCSI_ORDER_MORE_BITS_THAN_PRIME
ECC_DUMP_OID
ECDHE_SIZE
ENABLE_SECURE_SOCKETS_LOGS
ESP32
ESP8266
ESP_ENABLE_WOLFSSH
ESP_IDF_VERSION_MAJOR
ESP_IDF_VERSION_MINOR
ESP_PLATFORM
ESP_TASK_MAIN_STACK
EV_TRIGGER
FP_ECC_CONTROL
FREERTOS_TCP_WINSIM
FREESCALE
FREESCALE_RNGB
FREESCALE_USE_MMCAU_CLASSIC
FSL_FEATURE_HAS_L1CACHE
FSL_FEATURE_LTC_HAS_DES
FSL_FEATURE_LTC_HAS_GCM
FSL_FEATURE_LTC_HAS_PKHA
FSL_FEATURE_LTC_HAS_SHA
FSL_FEATURE_SOC_LTC_COUNT
FSL_FEATURE_SOC_MMCAU_COUNT
FSL_FEATURE_SOC_RNG_COUNT
FSL_FEATURE_SOC_TRNG_COUNT
FUSION_RTOS
GENERATE_MACHINE_PARSEABLE_REPORT
GE_P3_TOBYTES_IMPL
GOAHEAD_WS
HAL_RTC_MODULE_ENABLED
HARDWARE_CACHE_COHERENCY
HASH_AlgoMode_HASH
HASH_BYTE_SWAP
HASH_CR_LKEY
HASH_DIGEST
HASH_DataType_8b
HASH_IMR_DCIE
HASH_IMR_DINIE
HAVE_AESGCM_DECRYPT
HAVE_BYTEREVERSE64
HAVE_CERTIFICATE_STATUS_V2
HAVE_COLDFIRE_SEC
HAVE_CRL_UPDATE_CB
HAVE_CSHARP
HAVE_CURL
HAVE_CURVE22519
HAVE_DANE
HAVE_ECC239
HAVE_ECC320
HAVE_ECC512
HAVE_ECC_CDH_CAST
HAVE_ECC_SM2
HAVE_ESP_CLK
HAVE_EX_DATA_CRYPTO
HAVE_EX_DATA_CLEANUP_HOOKS
HAVE_FACON
HAVE_FIPS_VERSION_PORT
HAVE_FUZZER
HAVE_INTEL_MULX
HAVE_INTEL_QAT_SYNC
HAVE_INTEL_SPEEDUP
HAVE_MDK_RTX
HAVE_NETX_BSD
HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
HAVE_POCO_LIB
HAVE_RTP_SYS
HAVE_SECURE_GETENV
HAVE_STACK_SIZE_VERBOSE_LOG
HAVE_THREADX
HAVE_TM_TYPE
HAVE_VALIDATE_DATE
HAVE_VA_COPY
HAVE_X448
HONOR_MATH_USED_LENGTH
HSM_KEY_TYPE_HMAC_224
HSM_KEY_TYPE_HMAC_256
HSM_KEY_TYPE_HMAC_384
HSM_KEY_TYPE_HMAC_512
HSM_OP_KEY_GENERATION_FLAGS_CREATE
HSM_OP_KEY_GENERATION_FLAGS_UPDATE
HSM_SVC_KEY_STORE_FLAGS_UPDATE
IDIRECT_DEV_RANDOM
IDIRECT_DEV_TIME
ID_TRNG
IGNORE_KEY_EXTENSIONS
IGNORE_NETSCAPE_CERT_TYPE
INCLUDE_uxTaskGetStackHighWaterMark
INTEGRITY
INTIMEVER
IOTSAFE_NO_GETDATA
IOTSAFE_SIG_8BIT_LENGTH
KCAPI_USE_XMALLOC
KYBER_NONDETERMINISTIC
K_SERIES
LIBWOLFSSL_VERSION_GIT_BRANCH
LIBWOLFSSL_VERSION_GIT_HASH
LIBWOLFSSL_VERSION_GIT_HASH_DATE
LIBWOLFSSL_VERSION_GIT_ORIGIN
LIBWOLFSSL_VERSION_GIT_SHORT_HASH
LIBWOLFSSL_VERSION_GIT_TAG
LINUXKM_FPU_STATES_FOLLOW_THREADS
LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
LINUX_CYCLE_COUNT
LINUX_RUSAGE_UTIME
LP64
MAX3266X_AESGCM
MAX3266X_RSA
MAXQ10XX_PRODUCTION_KEY
MAXQ_EXPORT_TLS_KEYS
MAXQ_SHA1
MAXSEG_64K
MAX_WOLFSSL_FILE_SIZE
MDK_CONF_BARE_METAL
MDK_CONF_FS
MDK_CONF_RTX_TCP_FS
MDK_CONF_TCP_FS
MDK_WOLFLIB
MICRIUM_MALLOC
MICROCHIP_MPLAB_HARMONY
MICROCHIP_MPLAB_HARMONY_3
MICRO_SESSION_CACHEx
MODULE_SOCK_TCP
MP_31BIT
MP_8BIT
MQX_USE_IO_OLD
MULTI_VALUE_STATISTICS
MUTEX_DURING_INIT
NEED_THREADX_TYPES
NETX_DUO
NET_SECURE_MODULE_EN
NOTE_TRIGGER
NO_AES_DECRYPT
NO_ARDUINO_DEFAULT
NO_ASM
NO_ASN_OLD_TYPE_NAMES
NO_CAMELLIA_CBC
NO_CERT
NO_CIPHER_SUITE_ALIASES
NO_CLIENT_CACHE
NO_CLOCK_SPEEDUP
NO_CURVE25519_KEY_EXPORT
NO_CURVE25519_KEY_IMPORT
NO_CURVE25519_SHARED_SECRET
NO_CURVE448_KEY_EXPORT
NO_CURVE448_KEY_IMPORT
NO_CURVE448_SHARED_SECRET
NO_DEV_URANDOM
NO_ECC384
NO_ECC521
NO_ECC_CACHE_CURVE
NO_ECC_CHECK_KEY
NO_ECC_KEY_IMPORT
NO_ECC_MAKE_PUB
NO_ED25519_CLIENT_AUTH
NO_ED25519_KEY_EXPORT
NO_ED25519_KEY_IMPORT
NO_ED25519_MAKE_KEY
NO_ED25519_SIGN
NO_ED25519_VERIFY
NO_ED448_CLIENT_AUTH
NO_ED448_KEY_EXPORT
NO_ED448_KEY_IMPORT
NO_ED448_SIGN
NO_ED448_VERIFY
NO_ESP_MP_MUL_EVEN_ALT_CALC
NO_FORCE_SCR_SAME_SUITE
NO_GCM_ENCRYPT_EXTRA
NO_GETENV
NO_HANDSHAKE_DONE_CB
NO_IMX6_CAAM_AES
NO_IMX6_CAAM_HASH
NO_OLD_NAMES
NO_OLD_POLY1305
NO_OLD_TIMEVAL_NAME
NO_PBKDF1
NO_PIC32MZ_CRYPT
NO_PIC32MZ_HASH
NO_PIC32MZ_RNG
NO_PKCS11_AES
NO_PKCS11_AESCBC
NO_PKCS11_AESGCM
NO_PKCS11_ECC
NO_PKCS11_ECDH
NO_PKCS11_EC_KEYGEN
NO_PKCS11_HMAC
NO_PKCS11_RNG
NO_PKCS11_RSA
NO_PKCS11_RSA_PKCS
NO_PKCS7
NO_PKCS7_COMPRESSED_DATA
NO_PKCS7_ENCRYPTED_DATA
NO_PKCS7_STREAM
NO_POLY1305_ASM
NO_PUBLIC_CCM_SET_NONCE
NO_PUBLIC_GCM_SET_IV
NO_RESUME_SUITE_CHECK
NO_RNG
NO_RNG_MUTEX
NO_SESSION_CACHE_ROW_LOCK
NO_SKID
NO_SKIP_PREVIEW
NO_STDIO_FGETS_REMAP
NO_TKERNEL_MEM_POOL
NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
NO_VERIFY_OID
NO_WC_SSIZE_TYPE
NO_WOLFSSL_ALLOC_ALIGN
NO_WOLFSSL_AUTOSAR_CRYIF
NO_WOLFSSL_AUTOSAR_CRYPTO
NO_WOLFSSL_AUTOSAR_CSM
NO_WOLFSSL_BASE64_DECODE
NO_WOLFSSL_MSG_EX
NO_WOLFSSL_RENESAS_FSPSM_AES
NO_WOLFSSL_RENESAS_FSPSM_HASH
NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES
NO_WOLFSSL_SHA256
NO_WOLFSSL_SHA256_INTERLEAVE
NO_WOLFSSL_SHA512_INTERLEAVE
NO_WOLFSSL_SKIP_TRAILING_PAD
NO_WOLFSSL_SMALL_STACK_STATIC
NO_WOLFSSL_XILINX_TAG_MALLOC
NRF52
NRF52_SERIES
NRF_ERROR_MODULE_ALREADY_INITIALIZED
OLD_HELLO_ALLOWED
OPENSSL_EXTRA_BSD
OPENSSL_EXTRA_NO_ASN1
OPENSSL_EXTRA_NO_BN
OPENSSL_NO_PK
OS_WINDOWS
OTHERBOARD
OTHER_BOARD
PEER_INFO
PKA_ECC_SCALAR_MUL_IN_B_COEFF
PLATFORMIO
PLUTON_CRYPTO_ECC
PRINT_SESSION_STATS
PTHREAD_STACK_MIN
QAT_ENABLE_HASH
QAT_ENABLE_RNG
QAT_USE_POLLING_CHECK
RC_NO_RNG
REDIRECTION_IN3_KEYELMID
REDIRECTION_IN3_KEYID
REDIRECTION_OUT1_KEYELMID
REDIRECTION_OUT1_KEYID
REDIRECTION_OUT2_KEYELMID
REDIRECTION_OUT2_KEYID
RENESAS_T4_USE
RTC_ALARMSUBSECONDMASK_ALL
RTE_CMSIS_RTOS_RTX
RTOS_MODULE_NET_AVAIL
RTPLATFORM
SA_INTERRUPT
SCEKEY_INSTALLED
SHA256_MANY_REGISTERS
SHA3_BY_SPEC
SHOW_CERTS
SHOW_GEN
SHOW_SIZES
SHOW_SSID_AND_PASSWORD
SIM_SCGC3_RNGA_MASK
SIM_SCGC5_PORTC_MASK
SIM_SCGC5_PORTD_MASK
SIM_SCGC5_PORTE_MASK
SIM_SCGC6_RNGA_MASK
SL_SE_KEY_TYPE_ECC_P384
SL_SE_KEY_TYPE_ECC_P521
SL_SE_KEY_TYPE_ECC_X25519
SL_SE_KEY_TYPE_ECC_X448
SL_SE_PRF_HMAC_SHA1
SOFTDEVICE_PRESENT
SO_NOSIGPIPE
SO_REUSEPORT
SP_INT_NO_ASM
SP_MATH_NEED_ADD_OFF
SP_USE_DIVTI3
SQRTMOD_USE_MOD_EXP
SSL_SNIFFER_EXPORTS
SSN_BUILDING_LIBYASSL
STATIC_CHUNKS_ONLY
STM32F107xC
STM32F207xx
STM32F217xx
STM32F401xE
STM32F407xx
STM32F437xx
STM32F756xx
STM32F777xx
STM32G071xx
STM32G491xx
STM32H563xx
STM32H723xx
STM32H725xx
STM32H743xx
STM32H753xx
STM32L475xx
STM32L4A6xx
STM32L552xx
STM32L562xx
STM32MP135Fxx
STM32U575xx
STM32U585xx
STM32U5A9xx
STM32WB55xx
STM32WL55xx
STM32_AESGCM_PARTIAL
STM32_HW_CLOCK_AUTO
STM32_NUTTX_RNG
TASK_EXTRA_STACK_SIZE
TCP_NODELAY
TFM_ALREADY_SET
TFM_SMALL_MONT_SET
THREADED_SNIFFTEST
TIME_T_NOT_LONG
TI_DUMMY_BUILD
TLS13_RSA_PSS_SIGN_CB_NO_PREHASH
UNICODE
USER_CA_CB
USER_CUSTOM_SNIFFX
USER_MATH_LIB
USE_ALT_MPRIME
USE_ANY_ADDR
USE_CERT_BUFFERS_25519
USE_CERT_BUFFERS_3072
USE_ECDSA_KEYSZ_HASH_ALGO
USE_FULL_ASSERT
USE_HAL_DRIVER
USE_NXP_LTC
USE_NXP_MMCAU
USE_QAE_THREAD_LS
USE_SECRET_CALLBACK
USE_STSAFE_RNG_SEED
USE_STSAFE_VERBOSE
USE_TLSV13
USE_WOLF_STRNSTR
USS_API
WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
WC_AES_BS_WORD_SIZE
WC_AES_GCM_DEC_AUTH_EARLY
WC_ASN_HASH_SHA256
WC_ASYNC_ENABLE_3DES
WC_ASYNC_ENABLE_AES
WC_ASYNC_ENABLE_ARC4
WC_ASYNC_ENABLE_DH
WC_ASYNC_ENABLE_ECC
WC_ASYNC_ENABLE_ECC_KEYGEN
WC_ASYNC_ENABLE_HMAC
WC_ASYNC_ENABLE_MD5
WC_ASYNC_ENABLE_RSA
WC_ASYNC_ENABLE_RSA_KEYGEN
WC_ASYNC_ENABLE_SHA
WC_ASYNC_ENABLE_SHA224
WC_ASYNC_ENABLE_SHA256
WC_ASYNC_ENABLE_SHA3
WC_ASYNC_ENABLE_SHA384
WC_ASYNC_ENABLE_SHA512
WC_ASYNC_NO_CRYPT
WC_ASYNC_NO_HASH
WC_DILITHIUM_CACHE_PRIV_VECTORS
WC_DILITHIUM_CACHE_PUB_VECTORS
WC_DILITHIUM_FIXED_ARRAY
WC_DISABLE_RADIX_ZERO_PAD
WC_ECC_NONBLOCK_ONLY
WC_KDF_NIST_SP_800_56C
WC_LMS_FULL_HASH
WC_NO_RNG_SIMPLE
WC_NO_STATIC_ASSERT
WC_PKCS11_FIND_WITH_ID_ONLY
WC_PROTECT_ENCRYPTED_MEM
WC_RNG_BLOCKING
WC_RSA_DIRECT
WC_RSA_NONBLOCK
WC_RSA_NONBLOCK_TIME
WC_RSA_NO_FERMAT_CHECK
WC_SHA384
WC_SHA384_DIGEST_SIZE
WC_SHA512
WC_SHA512_DIGEST_SIZE
WC_SSIZE_TYPE
WC_STRICT_SIG
WC_XMSS_FULL_HASH
WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
WOLFSENTRY_H
WOLFSENTRY_NO_JSON
WOLFSSL_32BIT_MILLI_TIME
WOLFSSL_AESNI_BY4
WOLFSSL_AESNI_BY6
WOLFSSL_AFTER_DATE_CLOCK_SKEW
WOLFSSL_ALGO_HW_MUTEX
WOLFSSL_ALLOW_CRIT_AIA
WOLFSSL_ALLOW_CRIT_AKID
WOLFSSL_ALLOW_CRIT_SKID
WOLFSSL_ALLOW_ENCODING_CA_FALSE
WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST
WOLFSSL_ALLOW_NO_CN_IN_SAN
WOLFSSL_ALLOW_NO_SUITES
WOLFSSL_ALLOW_SERVER_SC_EXT
WOLFSSL_ALLOW_TLS_SHA1
WOLFSSL_ALTERNATIVE_DOWNGRADE
WOLFSSL_ALT_NAMES_NO_REV
WOLFSSL_ARM_ARCH_NEON_64BIT
WOLFSSL_ASNC_CRYPT
WOLFSSL_ASN_EXTRA
WOLFSSL_ASN_INT_LEAD_0_ANY
WOLFSSL_ASN_TEMPLATE_NEED_SET_INT32
WOLFSSL_ASN_TEMPLATE_TYPE_CHECK
WOLFSSL_ATECC508
WOLFSSL_ATECC508A_NOIDLE
WOLFSSL_ATECC508A_NOSOFTECC
WOLFSSL_ATECC508A_TLS
WOLFSSL_ATECC_ECDH_IOENC
WOLFSSL_ATECC_NO_ECDH_ENC
WOLFSSL_ATECC_RNG
WOLFSSL_ATECC_TFLXTLS
WOLFSSL_ATECC_TNGTLS
WOLFSSL_ATMEL
WOLFSSL_ATMEL_TIME
WOLFSSL_BEFORE_DATE_CLOCK_SKEW
WOLFSSL_BIGINT_TYPES
WOLFSSL_BIO_NO_FLOW_STATS
WOLFSSL_BLAKE2B_INIT_EACH_FIELD
WOLFSSL_BLAKE2S_INIT_EACH_FIELD
WOLFSSL_BLIND_PRIVATE_KEY
WOLFSSL_BYTESWAP32_ASM
WOLFSSL_CAAM_BLACK_KEY_AESCCM
WOLFSSL_CAAM_BLACK_KEY_SM
WOLFSSL_CAAM_NO_BLACK_KEY
WOLFSSL_CALLBACKS
WOLFSSL_CHECK_DESKEY
WOLFSSL_CHECK_MEM_ZERO
WOLFSSL_CHIBIOS
WOLFSSL_CLANG_TIDY
WOLFSSL_COMMERCIAL_LICENSE
WOLFSSL_CONTIKI
WOLFSSL_CRL_ALLOW_MISSING_CDP
WOLFSSL_DILITHIUM_ASSIGN_KEY
WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM
WOLFSSL_DILITHIUM_NO_ASN1
WOLFSSL_DILITHIUM_NO_CHECK_KEY
WOLFSSL_DILITHIUM_NO_LARGE_CODE
WOLFSSL_DILITHIUM_NO_MAKE
WOLFSSL_DILITHIUM_REVERSE_HASH_OID
WOLFSSL_DILITHIUM_SIGN_CHECK_W0
WOLFSSL_DILITHIUM_SIGN_CHECK_Y
WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
WOLFSSL_DTLS_DISALLOW_FUTURE
WOLFSSL_DTLS_DROP_STATS
WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
WOLFSSL_DUMP_MEMIO_STREAM
WOLFSSL_DUP_CERTPOL
WOLFSSL_ECC_BLIND_K
WOLFSSL_ECC_GEN_REJECT_SAMPLING
WOLFSSL_ECC_NO_SMALL_STACK
WOLFSSL_ECC_SIGALG_PARAMS_NULL_ALLOWED
WOLFSSL_ECDHX_SHARED_NOT_ZERO
WOLFSSL_ECDSA_MATCH_HASH
WOLFSSL_ECDSA_SET_K_ONE_LOOP
WOLFSSL_EC_POINT_CMP_JACOBIAN
WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
WOLFSSL_EMNET
WOLFSSL_ESPWROOM32
WOLFSSL_EVP_PRINT
WOLFSSL_EXPORT_INT
WOLFSSL_EXPORT_SPC_SZ
WOLFSSL_EXTRA
WOLFSSL_FORCE_OCSP_NONCE_CHECK
WOLFSSL_FRDM_K64
WOLFSSL_FRDM_K64_JENKINS
WOLFSSL_FUNC_TIME
WOLFSSL_FUNC_TIME_LOG
WOLFSSL_GEN_CERT
WOLFSSL_GETRANDOM
WOLFSSL_GNRC
WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES
WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS
WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC
WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY
WOLFSSL_I2D_ECDSA_SIG_ALLOC
WOLFSSL_IAR_ARM_TIME
WOLFSSL_IGNORE_BAD_CERT_PATH
WOLFSSL_IMX6
WOLFSSL_IMX6_CAAM
WOLFSSL_IMX6_CAAM_BLOB
WOLFSSL_IMX6_CAAM_RNG
WOLFSSL_IMXRT_DCP
WOLFSSL_ISOTP
WOLFSSL_KEIL
WOLFSSL_KEIL_NET
WOLFSSL_KYBER_INVNTT_UNROLL
WOLFSSL_KYBER_NO_LARGE_CODE
WOLFSSL_KYBER_NTT_UNROLL
WOLFSSL_LIB
WOLFSSL_LMS_CACHE_BITS
WOLFSSL_LMS_FULL_HASH
WOLFSSL_LMS_LARGE_CACHES
WOLFSSL_LMS_MAX_HEIGHT
WOLFSSL_LMS_MAX_LEVELS
WOLFSSL_LMS_NO_SIG_CACHE
WOLFSSL_LMS_ROOT_LEVELS
WOLFSSL_LPC43xx
WOLFSSL_MAKE_SYSTEM_NAME_LINUX
WOLFSSL_MAKE_SYSTEM_NAME_WSL
WOLFSSL_MDK5
WOLFSSL_MEM_FAIL_COUNT
WOLFSSL_MONT_RED_CT
WOLFSSL_MP_COND_COPY
WOLFSSL_MP_INVMOD_CONSTANT_TIME
WOLFSSL_MULTICIRCULATE_ALTNAMELIST
WOLFSSL_NONBLOCK_OCSP
WOLFSSL_NOSHA3_384
WOLFSSL_NOT_WINDOWS_API
WOLFSSL_NO_BIO_ADDR_IN
WOLFSSL_NO_CLIENT
WOLFSSL_NO_CLIENT_CERT_ERROR
WOLFSSL_NO_COPY_CERT
WOLFSSL_NO_COPY_KEY
WOLFSSL_NO_CRL_DATE_CHECK
WOLFSSL_NO_CRL_NEXT_DATE
WOLFSSL_NO_DECODE_EXTRA
WOLFSSL_NO_DER_TO_PEM
WOLFSSL_NO_DH186
WOLFSSL_NO_DTLS_SIZE_CHECK
WOLFSSL_NO_ETM_ALERT
WOLFSSL_NO_FENCE
WOLFSSL_NO_FSEEK
WOLFSSL_NO_INIT_CTX_KEY
WOLFSSL_NO_ISSUERHASH_TDPEER
WOLFSSL_NO_KCAPI_AES_CBC
WOLFSSL_NO_KCAPI_HMAC_SHA1
WOLFSSL_NO_KCAPI_HMAC_SHA224
WOLFSSL_NO_KCAPI_HMAC_SHA256
WOLFSSL_NO_KCAPI_HMAC_SHA384
WOLFSSL_NO_KCAPI_HMAC_SHA512
WOLFSSL_NO_KCAPI_SHA224
WOLFSSL_NO_OCSP_DATE_CHECK
WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
WOLFSSL_NO_OCSP_OPTIONAL_CERTS
WOLFSSL_NO_PUBLIC_FFDHE
WOLFSSL_NO_RSA_KEY_CHECK
WOLFSSL_NO_SERVER_GROUPS_EXT
WOLFSSL_NO_SESSION_STATS
WOLFSSL_NO_SIGALG
WOLFSSL_NO_SOCKADDR_UN
WOLFSSL_NO_SPHINCS
WOLFSSL_NO_STRICT_CIPHER_SUITE
WOLFSSL_NO_TICKET_EXPIRE
WOLFSSL_NO_TRUSTED_CERTS_VERIFY
WOLFSSL_NO_XOR_OPS
WOLFSSL_NRF51_AES
WOLFSSL_OLDTLS_AEAD_CIPHERSUITES
WOLFSSL_OLDTLS_SHA2_CIPHERSUITES
WOLFSSL_OLD_SET_CURVES_LIST
WOLFSSL_OLD_UNSUPPORTED_EXTENSION
WOLFSSL_OPTIONS_IGNORE_SYS
WOLFSSL_PASSTHRU_ERR
WOLFSSL_PB
WOLFSSL_PEER_ADDRESS_CHANGES
WOLFSSL_PKCS11_RW_TOKENS
WOLFSSL_PRCONNECT_PRO
WOLFSSL_PREFIX
WOLFSSL_PSA_NO_AES
WOLFSSL_PSA_NO_HASH
WOLFSSL_PSA_NO_PKCB
WOLFSSL_PSA_NO_PKCBS
WOLFSSL_PSA_NO_RNG
WOLFSSL_PSK_IDENTITY_ALERT
WOLFSSL_PSK_ID_PROTECTION
WOLFSSL_PSK_MULTI_ID_PER_CS
WOLFSSL_PSK_TLS13_CB
WOLFSSL_PSOC6_CRYPTO
WOLFSSL_PYTHON
WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY
WOLFSSL_RENESAS_RA6M3
WOLFSSL_RENESAS_RA6M3G
WOLFSSL_RENESAS_RSIP
WOLFSSL_RENESAS_RZN2L
WOLFSSL_RENESAS_TLS
WOLFSSL_RENESAS_TSIP_CRYPTONLY
WOLFSSL_RENESAS_TSIP_IAREWRX
WOLFSSL_RSA_CHECK_D_ON_DECRYPT
WOLFSSL_RSA_DECRYPT_TO_0_LEN
WOLFSSL_RW_THREADED
WOLFSSL_SAKKE_SMALL
WOLFSSL_SAKKE_SMALL_MODEXP
WOLFSSL_SE050_CRYPT
WOLFSSL_SE050_HASH
WOLFSSL_SE050_INIT
WOLFSSL_SE050_NO_TRNG
WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT
WOLFSSL_SETTINGS_FILE
WOLFSSL_SH224
WOLFSSL_SHA256_ALT_CH_MAJ
WOLFSSL_SHUTDOWNONCE
WOLFSSL_SILABS_TRNG
WOLFSSL_SM4_EBC
WOLFSSL_SNIFFER_NO_RECOVERY
WOLFSSL_SP_ARM32_UDIV
WOLFSSL_SP_DH
WOLFSSL_SP_FAST_NCT_EXPTMOD
WOLFSSL_SP_INT_SQR_VOLATILE
WOLFSSL_STACK_CHECK
WOLFSSL_STM32F427_RNG
WOLFSSL_STM32_RNG_NOLIB
WOLFSSL_STRONGEST_HASH_SIG
WOLFSSL_STSAFE_TAKES_SLOT
WOLFSSL_TELIT_M2MB
WOLFSSL_THREADED_CRYPT
WOLFSSL_TICKET_DECRYPT_NO_CREATE
WOLFSSL_TICKET_ENC_AES128_GCM
WOLFSSL_TICKET_ENC_AES256_CBC
WOLFSSL_TICKET_ENC_AES256_GCM
WOLFSSL_TICKET_ENC_CBC_HMAC
WOLFSSL_TICKET_ENC_CHACHA20_POLY1305
WOLFSSL_TICKET_ENC_HMAC_SHA384
WOLFSSL_TICKET_ENC_HMAC_SHA512
WOLFSSL_TI_CURRTIME
WOLFSSL_TLS13_DRAFT
WOLFSSL_TLS13_IGNORE_AEAD_LIMITS
WOLFSSL_TLS13_MIDDLEBOX_COMPAT
WOLFSSL_TLS13_SHA512
WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
WOLFSSL_TRACK_MEMORY_FULL
WOLFSSL_TRAP_MALLOC_SZ
WOLFSSL_UNALIGNED_64BIT_ACCESS
WOLFSSL_USER_FILESYSTEM
WOLFSSL_USER_LOG
WOLFSSL_USER_MUTEX
WOLFSSL_USER_THREADING
WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW
WOLFSSL_USE_FLASHMEM
WOLFSSL_USE_OPTIONS_H
WOLFSSL_USE_POPEN_HOST
WOLFSSL_VALIDATE_DH_KEYGEN
WOLFSSL_WC_XMSS_NO_SHA256
WOLFSSL_WC_XMSS_NO_SHAKE256
WOLFSSL_WICED_PSEUDO_UNIX_EPOCH_TIME
WOLFSSL_X509_STORE_CERTS
WOLFSSL_X509_TRUSTED_CERTIFICATE_CALLBACK
WOLFSSL_XFREE_NO_NULLNESS_CHECK
WOLFSSL_XILINX_CRYPTO_OLD
WOLFSSL_XILINX_PATCH
WOLFSSL_XIL_MSG_NO_SLEEP
WOLFSSL_XMSS_LARGE_SECRET_KEY
WOLFSSL_ZEPHYR
WOLFSS_SP_MATH_ALL
WOLF_ALLOW_BUILTIN
WOLF_CONF_IO
WOLF_CONF_KYBER
WOLF_CONF_PK
WOLF_CONF_RESUMPTION
WOLF_CONF_TPM
WOLF_CRYPTO_CB_CMD
WOLF_CRYPTO_CB_FIND
WOLF_CRYPTO_CB_ONLY_ECC
WOLF_CRYPTO_CB_ONLY_RSA
WOLF_CRYPTO_CB_RSA_PAD
WOLF_CRYPTO_DEV
WOLF_NO_TRAILING_ENUM_COMMAS
WOLSSL_OLD_TIMINGPADVERIFY
XGETPASSWD
XMSS_CALL_PRF_KEYGEN
XPAR_VERSAL_CIPS_0_PSPMC_0_PSV_CORTEXA72_0_TIMESTAMP_CLK_FREQ
XSECURE_CACHE_DISABLE
_ABI64
_ABIO64
_ARCH_PPC64
_COMPILER_VERSION
_INTPTR_T_DECLARED
_LP64
_MSC_VER
_MSVC_LANG
_M_ARM64
_M_X64
_NETOS
_POSIX_C_SOURCE
_SDCC_VERSION_PATCHLEVEL
_SH3
_SILICON_LABS_SECURITY_FEATURE
_SOCKLEN_T
_SYS_DEVCON_LOCAL_H
_TIME_HELPER_H
_UINTPTR_T_DECLARED
_WIN32
_WIN32_WCE
_WIN64
__32MZ2048ECH144__
__32MZ2048ECM144__
__32MZ2048EFM144__
__ANDROID__
__APPLE__
__ARCH_STRCASECMP_NO_REDIRECT
__ARCH_STRCMP_NO_REDIRECT
__ARCH_STRNCASECMP_NO_REDIRECT
__ARCH_STRNCAT_NO_REDIRECT
__ARCH_STRNCMP_NO_REDIRECT
__ARCH_STRNCPY_NO_REDIRECT
__ARCH_STRSTR_NO_REDIRECT
__ARM_ARCH_7M__
__ARM_FEATURE_CRYPTO
__ASSEMBLER__
__ATOMIC_RELAXED
__AVR__
__BCPLUSPLUS__
__BIG_ENDIAN__
__BORLANDC__
__CCRX__
__COMPILER_VER__
__CYGWIN__
__DATE__
__DCACHE_PRESENT
__DCC__
__DECC_VER
__ELF__
__EMSCRIPTEN__
__FPU_PRESENT
__FreeBSD__
__GLIBC__
__GNUC_MINOR__
__GNUC__
__HP_cc
__IAR_SYSTEMS_ICC__
__ICCARM__
__ILP32__
__INCLUDE_NUTTX_CONFIG_H
__INTEGRITY
__INTEL_COMPILER
__KEIL__
__KEY_DATA_H__
__LP64
__LP64__
__MACH__
__MICROBLAZE__
__MINGW32__
__MINGW64_VERSION_MAJOR
__MINGW64__
__MWERKS__
__PIE__
__POWERPC__
__PPC__
__PPU
__QNXNTO__
__QNX__
__ROPI__
__SAM3A4C__
__SAM3A8C__
__SAM3A8H__
__SAM3X4C__
__SAM3X4E__
__SAM3X8C__
__SAM3X8E__
__SANITIZE_ADDRESS__
__SDCC_VERSION_MAJOR
__SDCC_VERSION_MINOR
__SDCC_VERSION_PATCH
__SIZEOF_INT128__
__SIZEOF_LONG_LONG__
__STDC_VERSION__
__STDC__
__STM32__
__STRICT_ANSI__
__SUNPRO_C
__SUNPRO_CC
__SVR4
__TI_COMPILER_VERSION__
__TURBOC__
__USE_GNU
__USE_MISC
__USE_XOPEN2K
__WATCOMC__
__WATCOM_INT64__
__XC32
__XTENSA__
__aarch64__
__alpha__
__arch64__
__arm__
__clang__
__clang_major__
__cplusplus
__ghc__
__ghs__
__hpux__
__i386
__i386__
__ia64__
__linux__
__llvm__
__mips
__mips64
__must_check
__ppc64__
__ppc__
__riscv
__riscv_xlen
__s390x__
__sparc64__
__sun
__svr4__
__thumb__
__ti__
__x86_64__
byte
configTICK_RATE_HZ
fallthrough
noinline
ssize_t
sun
versal
wc_Tls13_HKDF_Expand_Label

100
CMakeLists.txt
View File

@@ -34,7 +34,7 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
You must delete them, or cmake will refuse to work.")
endif()
project(wolfssl VERSION 5.7.4 LANGUAGES C ASM)
project(wolfssl VERSION 5.7.0 LANGUAGES C ASM)
# Set WOLFSSL_ROOT if not already defined
if ("${WOLFSSL_ROOT}" STREQUAL "")
@@ -53,7 +53,7 @@ set(WOLFSSL_LIBRARY_VERSION_FIRST 42)
# increment if interfaces have been added
# set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented
set(WOLFSSL_LIBRARY_VERSION_SECOND 3)
set(WOLFSSL_LIBRARY_VERSION_SECOND 1)
# increment if source code has changed
# set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented or
@@ -131,7 +131,6 @@ check_type_size("__uint128_t" __UINT128_T)
check_type_size("long long" SIZEOF_LONG_LONG)
check_type_size("long" SIZEOF_LONG)
check_type_size("time_t" SIZEOF_TIME_T)
check_type_size("uintptr_t" HAVE_UINTPTR_T)
# By default, HAVE___UINT128_T gets defined as TRUE,
# but we want it as 1.
@@ -285,8 +284,6 @@ if(NOT WOLFSSL_SINGLE_THREADED)
"-DHAVE_PTHREAD"
"-D_POSIX_THREADS")
endif()
else()
list(APPEND WOLFSSL_DEFINITIONS "-DSINGLE_THREADED")
endif()
# DTLS-SRTP
@@ -420,17 +417,16 @@ if(WOLFSSL_CURL)
set(WOLFSSL_MD4 "yes")
set(WOLFSSL_DES3 "yes")
set(WOLFSSL_ALPN "yes")
set(WOLFSSL_WOLFSSH "yes")
set(WOLFSSL_OPENSSLEXTRA "yes")
set(WOLFSSL_CRL "yes")
set(WOLFSSL_OCSP "yes")
set(WOLFSSL_OCSPSTAPLING "yes")
set(WOLFSSL_OCSPSTAPLING_V2 "yes")
# Note: OCSP sets requisite HAVE_TLS_EXTENSIONS and HAVE_CERTIFICATE_STATUS_REQUEST(_V2)
set(WOLFSSL_SNI "yes")
set(WOLFSSL_ALT_CERT_CHAINS "yes")
set(WOLFSSL_IP_ALT_NAME "yes")
set(WOLFSSL_SESSION_TICKET "yes")
set(WOLFSSL_WOLFSSH "yes")
list(APPEND WOLFSSL_DEFINITIONS
"-DNO_SESSION_CACHE_REF" "-DWOLFSSL_DES_ECB")
endif()
@@ -441,7 +437,7 @@ add_option(WOLFSSL_ALPN
"no" "yes;no")
if(WOLFSSL_ALPN)
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ALPN" "-DHAVE_TLS_EXTENSIONS")
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ALPN" "-DHAVE_TLS_EXTENSIONS")
endif()
# altcertchains
@@ -540,15 +536,6 @@ if (WOLFSSL_OPENSSLALL)
"-DWOLFSSL_ERROR_CODE_OPENSSL" "-DWOLFSSL_CERT_NAME_ALL")
endif()
add_option(WOLFSSL_NO_STUB
"Removes OpenSSL compatibility stub functions (default: disabled)"
"no" "yes;no")
if (WOLFSSL_NO_STUB)
list(APPEND WOLFSSL_DEFINITIONS
"-DNO_WOLFSSL_STUB")
endif()
# TODO: - IPv6 test apps
set(WOLFSSL_SLOW_MATH "yes")
@@ -947,29 +934,13 @@ if(WOLFSSL_ECC)
endif()
endif()
# TODO: - Compressed key
# TODO: - ECC custom curves
# - Compressed key
# - FP ECC, fixed point cache ECC
# - ECC encrypt
# - PSK
# - Single PSK identity
# ECC custom curves
add_option("WOLFSSL_ECCCUSTCURVES"
"Enable ECC Custom Curves (default: disabled)"
"no" "yes;no;all")
if(WOLFSSL_ECCCUSTCURVES)
if("${WOLFSSL_ECCCUSTCURVES}" STREQUAL "all")
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECC_SECPR2")
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECC_SECPR3")
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECC_BRAINPOOL")
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECC_KOBLITZ")
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECC_CDH")
endif()
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_CUSTOM_CURVES")
endif()
# CURVE25519
set(WOLFSSL_CURVE25519_SMALL "no")
add_option("WOLFSSL_CURVE25519"
@@ -1562,15 +1533,6 @@ add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} ${SNI_DEFAULT} "yes;no")
set(WOLFSSL_TLSX_HELP_STRING "Enable all TLS Extensions (default: disabled)")
add_option(WOLFSSL_TLSX ${WOLFSSL_TLSX_HELP_STRING} "no" "yes;no")
add_option(WOLFSSL_EX_DATA
"Enable app data (default: disabled)"
"no" "yes;no")
if (WOLFSSL_EX_DATA)
list(APPEND WOLFSSL_DEFINITIONS
"-DHAVE_EX_DATA")
endif()
# Supported elliptic curves extensions
add_option("WOLFSSL_SUPPORTED_CURVES"
"Enable Supported Elliptic Curves (default: enabled)"
@@ -1895,10 +1857,6 @@ add_option("WOLFSSL_CRYPTOCB"
"Enable crypto callbacks (default: disabled)"
"no" "yes;no")
add_option("WOLFSSL_CRYPTOCB_NO_SW_TEST"
"Disable crypto callback SW testing (default: disabled)"
"no" "yes;no")
add_option("WOLFSSL_PKCALLBACKS"
"Enable public key callbacks (default: disabled)"
"no" "yes;no")
@@ -2102,10 +2060,6 @@ if(WOLFSSL_CRYPTOCB)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLF_CRYPTO_CB")
endif()
if(WOLFSSL_CRYPTOCB_NO_SW_TEST)
list(APPEND WOLFSSL_DEFINITIONS "-DWC_TEST_NO_CRYPTOCB_SW_TEST")
endif()
# Public Key Callbacks
if(WOLFSSL_PKCALLBACKS)
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_PK_CALLBACKS")
@@ -2282,6 +2236,32 @@ endif()
file(REMOVE ${OPTION_FILE})
file(APPEND ${OPTION_FILE} "/* wolfssl options.h\n")
file(APPEND ${OPTION_FILE} " * generated from configure options\n")
file(APPEND ${OPTION_FILE} " *\n")
file(APPEND ${OPTION_FILE} " * Copyright (C) 2006-2023 wolfSSL Inc.\n")
file(APPEND ${OPTION_FILE} " *\n")
file(APPEND ${OPTION_FILE} " * This file is part of wolfSSL. (formerly known as CyaSSL)\n")
file(APPEND ${OPTION_FILE} " *\n")
file(APPEND ${OPTION_FILE} " */\n\n")
file(APPEND ${OPTION_FILE} "#ifndef WOLFSSL_OPTIONS_H\n")
file(APPEND ${OPTION_FILE} "#define WOLFSSL_OPTIONS_H\n\n\n")
file(APPEND ${OPTION_FILE} "#ifdef __cplusplus\n")
file(APPEND ${OPTION_FILE} "extern \"C\" {\n")
file(APPEND ${OPTION_FILE} "#endif\n\n")
add_to_options_file("${WOLFSSL_DEFINITIONS}" "${OPTION_FILE}")
# CMAKE_C_FLAGS is just a string of space-separated flags to pass to the C
# compiler. We need to replace those spaces with semicolons in order to treat it
# as a CMake list.
string(REPLACE " " ";" CMAKE_C_FLAGS_LIST "${CMAKE_C_FLAGS}")
add_to_options_file("${CMAKE_C_FLAGS_LIST}" "${OPTION_FILE}")
file(APPEND ${OPTION_FILE} "\n#ifdef __cplusplus\n")
file(APPEND ${OPTION_FILE} "}\n")
file(APPEND ${OPTION_FILE} "#endif\n\n\n")
file(APPEND ${OPTION_FILE} "#endif /* WOLFSSL_OPTIONS_H */\n\n")
####################################################
# Library Target
####################################################
@@ -2359,20 +2339,6 @@ if(WOLFSSL_ARIA)
message(STATUS "ARIA Check: WOLFSSL_LINK_LIBS = ${WOLFSSL_LINK_LIBS}")
endif()
foreach(DEF IN LISTS WOLFSSL_DEFINITIONS)
string(REGEX MATCH "^(-D)?([^=]+)(=(.*))?$" DEF_MATCH ${DEF})
if (NOT "${CMAKE_MATCH_4}" STREQUAL "")
set(${CMAKE_MATCH_2} ${CMAKE_MATCH_4})
# message("set(${CMAKE_MATCH_2} ${CMAKE_MATCH_4})")
else()
set(${CMAKE_MATCH_2} 1)
# message("set(${CMAKE_MATCH_2} 1)")
endif()
endforeach()
# If new build options are added please update the cmake/options.h.in
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/cmake/options.h.in ${OPTION_FILE})
set_target_properties(wolfssl
PROPERTIES
SOVERSION ${WOLFSSL_LIBRARY_VERSION_FIRST}
@@ -2471,7 +2437,7 @@ if(WOLFSSL_EXAMPLES)
PROPERTY RUNTIME_OUTPUT_DIRECTORY
${WOLFSSL_OUTPUT_BASE}/examples/echoserver)
if(NOT WIN32 AND NOT WOLFSSL_SINGLE_THREADED)
if(NOT WIN32)
# Build TLS benchmark example
add_executable(tls_bench
${CMAKE_CURRENT_SOURCE_DIR}/examples/benchmark/tls_bench.c)

333
ChangeLog.md
View File

@@ -1,304 +1,3 @@
# wolfSSL Release 5.7.4 (Oct 24, 2024)
Release 5.7.4 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
NOTE: * --enable-heapmath is being deprecated and will be removed by end of 2024
PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request
number where the code change was added.
## Vulnerabilities
* [Low] When the OpenSSL compatibility layer is enabled, certificate
verification behaved differently in wolfSSL than OpenSSL, in the
X509_STORE_add_cert() and X509_STORE_load_locations() implementations.
Previously, in cases where an application explicitly loaded an intermediate
certificate, wolfSSL was verifying only up to that intermediate certificate,
rather than verifying up to the root CA. This only affects use cases where the
API is called directly, and does not affect TLS connections. Users that call
the API X509_STORE_add_cert() or X509_STORE_load_locations() directly in their
applications are recommended to update the version of wolfSSL used or to have
additional sanity checks on certificates loaded into the X509_STORE when
verifying a certificate. (https://github.com/wolfSSL/wolfssl/pull/8087)
## PQC TLS Experimental Build Fix
* When using TLS with post quantum algorithms enabled, the connection uses a
smaller EC curve than agreed on. Users building with --enable-experimental and
enabling PQC cipher suites with TLS connections are recommended to update the
version of wolfSSL used. Thanks to Daniel Correa for the report.
(https://github.com/wolfSSL/wolfssl/pull/8084)
## New Feature Additions
* RISC-V 64 new assembly optimizations added for SHA-256, SHA-512, ChaCha20,
Poly1305, and SHA-3 (PR 7758,7833,7818,7873,7916)
* Implement support for Connection ID (CID) with DTLS 1.2 (PR 7995)
* Add support for (DevkitPro)libnds (PR 7990)
* Add port for Mosquitto OSP (Open Source Project) (PR 6460)
* Add port for init sssd (PR 7781)
* Add port for eXosip2 (PR 7648)
* Add support for STM32G4 (PR 7997)
* Add support for MAX32665 and MAX32666 TPU HW and ARM ASM Crypto Callback
Support (PR 7777)
* Add support for building wolfSSL to be used in libspdm (PR 7869)
* Add port for use with Nucleus Plus 2.3 (PR 7732)
* Initial support for RFC5755 x509 attribute certificates (acerts). Enabled with
--enable-acert (PR 7926)
* PKCS#11 RSA Padding offload allows tokens to perform CKM_RSA_PKCS
(sign/encrypt), CKM_RSA_PKCS_PSS (sign), and CKM_RSA_PKCS_OAEP (encrypt).
(PR 7750)
* Added “new” and “delete” style functions for heap/pool allocation and freeing
of low level crypto structures (PR 3166 and 8089)
## Enhancements and Optimizations
* Increase default max alt. names from 128 to 1024 (PR 7762)
* Added new constant time DH agree function wc_DhAgree_ct (PR 7802)
* Expanded compatibility layer with the API EVP_PKEY_is_a (PR 7804)
* Add option to disable cryptocb test software test using
--disable-cryptocb-sw-test (PR 7862)
* Add a call to certificate verify callback before checking certificate dates
(PR 7895)
* Expanded algorithms supported with the wolfCrypt CSharp wrapper. Adding
support for RNG, ECC(ECIES and ECDHE), RSA, ED25519/Curve25519, AES-GCM, and
Hashing (PR 3166)
* Expand MMCAU support for use with DES ECB (PR 7960)
* Update AES SIV to handle multiple associated data inputs (PR 7911)
* Remove HAVE_NULL_CIPHER from --enable-openssh (PR 7811)
* Removed duplicate if(NULL) checks when calling XFREE (macro does) (PR 7839)
* Set RSA_MIN_SIZE default to 2048 bits (PR 7923)
* Added support for wolfSSL to be used as the default TLS in the zephyr kernel
(PR 7731)
* Add enable provider build using --enable-wolfprovider with autotools (PR 7550)
* Renesas RX TSIP ECDSA support (PR 7685)
* Support DTLS1.3 downgrade when the server supports CID (PR 7841)
* Server-side checks OCSP even if it uses v2 multi (PR 7828)
* Add handling of absent hash params in PKCS7 bundle parsing and creation
(PR 7845)
* Add the use of w64wrapper for Poly1305, enabling Poly1305 to be used in
environments that do not have a word64 type (PR 7759)
* Update to the maxq10xx support (PR 7824)
* Add support for parsing over optional PKCS8 attributes (PR 7944)
* Add support for either side method with DTLS 1.3 (PR 8012)
* Added PKCS7 PEM support for parsing PEM data with BEGIN/END PKCS7 (PR 7704)
* Add CMake support for WOLFSSL_CUSTOM_CURVES (PR 7962)
* Add left-most wildcard matching support to X509_check_host() (PR 7966)
* Add option to set custom SKID with PKCS7 bundle creation (PR 7954)
* Building wolfSSL as a library with Ada and corrections to Alire manifest
(PR 7303,7940)
* Renesas RX72N support updated (PR 7849)
* New option WOLFSSL_COPY_KEY added to always copy the key to the SSL object
(PR 8005)
* Add the new option WOLFSSL_COPY_CERT to always copy the cert buffer for each
SSL object (PR 7867)
* Add an option to use AES-CBC with HMAC for default session ticket enc/dec.
Defaults to AES-128-CBC with HMAC-SHA256 (PR 7703)
* Memory usage improvements in wc_PRF, sha256 (for small code when many
registers are available) and sp_int objects (PR 7901)
* Change in the configure script to work around ">>" with no command. In older
/bin/sh it can be ambiguous, as used in OSs such as FreeBSD 9.2 (PR 7876)
* Don't attempt to include system headers when not required (PR 7813)
* Certificates: DER encoding of ECC signature algorithm parameter is now
allowed to be NULL with a define (PR 7903)
* SP x86_64 asm: check for AVX2 support for VMs (PR 7979)
* Update rx64n support on gr-rose (PR 7889)
* Update FSP version to v5.4.0 for RA6M4 (PR 7994)
* Update TSIP driver version to v1.21 for RX65N RSK (PR 7993)
* Add a new crypto callback for RSA with padding (PR 7907)
* Replaced the use of pqm4 with wolfSSL implementations of Kyber/MLDSA
(PR 7924)
* Modernized memory fence support for C11 and clang (PR 7938)
* Add a CRL error override callback (PR 7986)
* Extend the X509 unknown extension callback for use with a user context
(PR 7730)
* Additional debug error tracing added with TLS (PR 7917)
* Added runtime support for library call stack traces with
enable-debug-trace-errcodes=backtrace, using libbacktrace (PR 7846)
* Expanded C89 conformance (PR 8077)
* Expanded support for WOLFSSL_NO_MALLOC (PR 8065)
* Added support for cross-compilation of Linux kernel module (PR 7746)
* Updated Linux kernel module with support for kernel 6.11 and 6.12 (PR 7826)
* Introduce WOLFSSL_ASN_ALLOW_0_SERIAL to allow parsing of certificates with a
serial number of 0 (PR 7893)
* Add conditional repository_owner to all wolfSSL GitHub workflows (PR 7871)
### Espressif / Arduino Updates
* Update wolfcrypt settings.h for Espressif ESP-IDF, template update (PR 7953)
* Update Espressif sha, util, mem, time helpers (PR 7955)
* Espressif _thread_local_start and _thread_local_end fix (PR 8030)
* Improve benchmark for Espressif devices (PR 8037)
* Introduce Espressif common CONFIG_WOLFSSL_EXAMPLE_NAME, Kconfig (PR 7866)
* Add wolfSSL esp-tls and Certificate Bundle Support for Espressif ESP-IDF
(PR 7936)
* Update wolfssl Release for Arduino (PR 7775)
### Post Quantum Crypto Updates
* Dilithium: support fixed size arrays in dilithium_key (PR 7727)
* Dilithium: add option to use precalc with small sign (PR 7744)
* Allow Kyber to be built with FIPS (PR 7788)
* Allow Kyber asm to be used in the Linux kernel module (PR 7872)
* Dilithium, Kyber: Update to final specification (PR 7877)
* Dilithium: Support FIPS 204 Draft and Final Draft (PR 7909,8016)
### ARM Assembly Optimizations
* ARM32 assembly optimizations added for ChaCha20 and Poly1305 (PR 8020)
* Poly1305 assembly optimizations improvements for Aarch64 (PR 7859)
* Poly1305 assembly optimizations added for Thumb-2 (PR 7939)
* Adding ARM ASM build option to STM32CubePack (PR 7747)
* Add ARM64 to Visual Studio Project (PR 8010)
* Kyber assembly optimizations for ARM32 and Aarch64 (PR 8040,7998)
* Kyber assembly optimizations for ARMv7E-M/ARMv7-M (PR 7706)
## Fixes
* ECC key load: fixes for certificates with parameters that are not default for
size (PR 7751)
* Fixes for building x86 in Visual Studio for non-windows OS (PR 7884)
* Fix for TLS v1.2 secret callback, incorrectly detecting bad master secret
(PR 7812)
* Fixes for PowerPC assembly use with Darwin and SP math all (PR 7931)
* Fix for detecting older versions of Mac OS when trying to link with
libdispatch (PR 7932)
* Fix for DTLS1.3 downgrade to DTLS1.2 when the server sends multiple handshake
packets combined into a single transmission. (PR 7840)
* Fix for OCSP to save the request if it was stored in ssl->ctx->certOcspRequest
(PR 7779)
* Fix to OCSP for searching for CA by key hash instead of ext. key id (PR 7934)
* Fix for staticmemory and singlethreaded build (PR 7737)
* Fix to not allow Shake128/256 with Xilinx AFALG (PR 7708)
* Fix to support PKCS11 without RSA key generation (PR 7738)
* Fix not calling the signing callback when using PK callbacks + TLS 1.3
(PR 7761)
* Cortex-M/Thumb2 ASM fix label for IAR compiler (PR 7753)
* Fix with PKCS11 to iterate correctly over slotId (PR 7736)
* Stop stripping out the sequence header on the AltSigAlg extension (PR 7710)
* Fix ParseCRL_AuthKeyIdExt with ASN template to set extAuthKeyIdSet value
(PR 7742)
* Use max key length for PSK encrypt buffer size (PR 7707)
* DTLS 1.3 fix for size check to include headers and CID fixes (PR 7912,7951)
* Fix STM32 Hash FIFO and add support for STM32U5A9xx (PR 7787)
* Fix CMake build error for curl builds (PR 8021)
* SP Maths: PowerPC ASM fix to use XOR instead of LI (PR 8038)
* SSL loading of keys/certs: testing and fixes (PR 7789)
* Misc. fixes for Dilithium and Kyber (PR 7721,7765,7803,8027,7904)
* Fixes for building wolfBoot sources for PQ LMS/XMSS (PR 7868)
* Fixes for building with Kyber enabled using CMake and zephyr port (PR 7773)
* Fix for edge cases with session resumption with TLS 1.2 (PR 8097)
* Fix issue with ARM ASM with AES CFB/OFB not initializing the "left" member
(PR 8099)
# wolfSSL Release 5.7.2 (July 08, 2024)
Release 5.7.2 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
NOTE: * --enable-heapmath is being deprecated and will be removed by end of 2024
## Vulnerabilities
* [Medium] CVE-2024-1544
Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls. Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Analyzing the division through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. Thanks to Luca Wilke, Florian Sieck and Thomas Eisenbarth (University of Lübeck) for reporting the vulnerability. Details will appear in the proceedings of CCS 24.
Fixed https://github.com/wolfSSL/wolfssl/pull/7020
* [Medium] CVE-2024-5288
A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations. If performing ECC private key operations in an environment where a malicious user could gain fine control over the device and perform row hammer style attacks it is recommended to update the version of wolfSSL used and to build with WOLFSSL_BLIND_PRIVATE_KEY defined. Thanks to Kemal Derya, M. Caner Tol, Berk Sunar for the report (Vernam Applied Cryptography and Cybersecurity Lab at Worcester Polytechnic Institute)
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7416
* [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS. There are existing sanity checks during a TLS handshake with wolfSSL which mitigate this issue. Thanks to Bing Shi for the report.
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7597
* [Low] CVE-2024-5991
In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the Openssl compatibility function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. While calling without a NULL terminated string is very uncommon, it is still technically allowed. If a caller was attempting to do a name check on a non*NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7604
* [Medium] CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello when downgrading from TLS 1.3.
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7619
* [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received. Found with internal testing.
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7702
* [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt. A revoked CA certificate could incorrectly be loaded into the trusted signers list and used in a repeat connection attempt. Found with internal testing.
Fixed in github pull request https://github.com/wolfSSL/wolfssl/pull/7702
## New Feature Additions
* Added Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 (PR 7622)
* AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM (PR 7569)
* Added CUDA support for AES encryption (PR 7436)
* Added support for gRPC (PR 7445)
* Added function wc_RsaPrivateKeyDecodeRaw to import raw RSA private keys (PR 7608)
* Added crypto callback for SHA-3 (PR 7670)
* Support for Infineon Modus Toolbox with wolfSSL (PR 7369)
* Allow user to send a user_canceled alert by calling wolfSSL_SendUserCanceled (PR 7590)
* C# wrapper SNI support added (PR 7610)
* Quantum-safe algorithm support added to the Linux kernel module (PR 7574)
* Support for NIST 800-56C Option 1 KDF, using the macro WC_KDF_NIST_SP_800_56C added (PR 7589)
* AES-XTS streaming mode added, along with hardware acceleration and kernel module use (PR 7522, 7560, 7424)
* PlatformIO FreeRTOS with ESP build and addition of benchmark and test example applications (PR 7528, 7413, 7559, 7542)
## Enhancements and Optimizations
* Expanded STM32 AES hardware acceleration support for use with STM32H5 (PR 7578)
* Adjusted wc_xmss and wc_lms settings to support use with wolfBoot (PR 7393)
* Added the --enable-rpk option to autotools build for using raw public key support (PR 7379)
* SHA-3 Thumb2, ARM32 assembly implementation added (PR 7667)
* Improvements to RSA padding to expose Pad/Unpad APIs (PR 7612)
* Updates and API additions for supporting socat version 1.8.0.0 (PR 7594)
* cmake build improvements, expanding build options with SINGLE_THREADED and post-quantum algorithms, adjusting the generation of options.h file and using “yes;no” boolean instead of strings (PR 7611, 7546, 7479, 7480, 7380)
* Improvements for Renesas RZ support (PR 7474)
* Improvements to dual algorithm certificates for post-quantum keys (PR 7286)
* Added wolfSSL_SessionIsSetup so the user can check if a session ticket has been sent by the server (PR 7430)
* hostap updates: Implement PACs for EAP-FAST and filter cipher list on TLS version change (PR 7446)
* Changed subject name comparison to match different upper and lower cases (PR 7420)
* Support for DTLS 1.3 downgrade when using PSK (PR 7367)
* Update to static memory build for more generic memory pools used (PR 7418)
* Improved performance of Kyber C implementation (PR 7654)
* Support for ECC_CACHE_CURVE with no malloc (PR 7490)
* Added the configure option --enable-debug-trace-errcodes (macro WOLFSSL_DEBUG_TRACE_ERROR_CODES) which enables more debug tracking of error code values (PR 7634)
* Enhanced wc_MakeRsaKey and wc_RsaKeyToDer to work with WOLFSSL_NO_MALLOC (PR 7362)
* Improvements to assembly implementations of ChaCha20 and Poly1305 ASM for use with MSVC (PR 7319)
* Cortex-M inline assembly labels with unique number appended (PR 7649)
* Added secret logging callback to TLS <= 1.2, enabled with the macro HAVE_SECRET_CALLBACK (PR 7372)
* Made wc_RNG_DRBG_Reseed() a public wolfCrypt API (PR 7386)
* Enabled DES3 support without the DES3 ciphers. To re-enable DES3 cipher suites, use the configure flag --enable-des3-tls-suites (PR 7315)
* Added stubs required for latest nginx (1.25.5) (PR 7449)
* Added option for using a custom salt with the function wc_ecc_ctx_set_own_salt (PR 7552)
* Added PQ files for Windows (PR 7419)
* Enhancements to static memory feature, adding the option for a global heap hint (PR 7478) and build options for a lean or debug setting, enabled with --enable-staticmemory=small or --enable-staticmemory=debug (PR 7597)
* Updated --enable-jni to define SESSION_CERTS for wolfJSSE (PR 7557)
* Exposed DTLS in Ada wrapper and updated examples (PR 7397)
* Added additional minimum TLS extension size sanity checks (PR 7602)
* ESP improvements: updating the examples and libraries, updates for Apple HomeKit SHA/SRP, and fix for endianness with SHA512 software fallback (PR 7607, 7392, 7505, 7535)
* Made the wc_CheckCertSigPubKey API publicly available with the define of the macro WOLFSSL_SMALL_CERT_VERIFY (PR 7599)
* Added an alpha/preview of additional FIPS 140-3 full submission, bringing additional algorithms such as SRTP-KDF, AES-XTS, GCM streaming, AES-CFB, ED25519, and ED448 into the FIPS module boundary (PR 7295)
* XCODE support for v5.2.3 of the FIPS module (PR 7140)
* Expanded OpenSSL compatibility layer and added EC_POINT_hex2point (PR 7191)
## Fixes
* Fixed Kyber control-flow timing leak. Thanks to Antoon Purnal from PQShield for the report
* Fixed the NXP MMCAU HW acceleration for SHA-256 (PR 7389)
* Fixed AES-CFB1 encrypt/decrypt on size (8*x-1) bits (PR 7431)
* Fixed use of %rip with SHA-256 x64 assembly (PR 7409)
* Fixed OCSP response message build for DTLS (PR 7671)
* Handled edge case in wc_ecc_mulmod() with zero (PR 7532)
* Fixed RPK (Raw Public Key) to follow certificate use correctly (PR 7375)
* Added sanity check on record header with QUIC use (PR 7638)
* Added sanity check for empty directory strings in X.509 when parsing (PR 7669)
* Added sanity check on non-conforming serial number of 0 in certificates being parsed (PR 7625)
* Fixed wolfSSL_CTX_set1_sigalgs_list() to make the TLS connection conform to the selected sig hash algorithm (PR 7693)
* Various fixes for dual algorithm certificates including small stack use and support for Certificate Signing Requests (PR 7577)
* Added sanity check for critical policy extension when wolfSSL is built without policy extension support enabled (PR 7388)
* Added sanity check that the ed25519 signature is smaller than the order (PR 7513)
* Fixed Segger emNet to handle non-blocking want read/want write (PR 7581)
# wolfSSL Release 5.7.0 (Mar 20, 2024)
Release 5.7.0 has been developed according to wolfSSL's development and QA
@@ -413,7 +112,7 @@ fixed this omission in several PRs for this release.
* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional `WOLFSSL_CALLBACKS` has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of `WOLFSSL_CALLBACKS` on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
* [Low] CVE-2024-1543: A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “`--enable-aes-bitsliced`” configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “`--enable-aes-bitsliced`” configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
@@ -1067,9 +766,9 @@ Release 5.5.1 of wolfSSL embedded TLS has bug fixes and new features including:
## Enhancements
* DTLSv1.3: Do HRR Cookie exchange by default
* Add wolfSSL_EVP_PKEY_new_CMAC_key to OpenSSL compatible API
* Update ide win10 build files to add missing sp source files
* Improve Workbench docs
* Add wolfSSL_EVP_PKEY_new_CMAC_key to OpenSSL compatible API
* Update ide win10 build files to add missing sp source files
* Improve Workbench docs
* Improve EVP support for CHACHA20_POLY1305
* Improve `wc_SetCustomExtension` documentation
* RSA-PSS with OCSP and add simple OCSP response DER verify test case
@@ -1077,23 +776,23 @@ Release 5.5.1 of wolfSSL embedded TLS has bug fixes and new features including:
* Don't over-allocate memory for DTLS fragments
* Add WOLFSSL_ATECC_TFLXTLS for Atmel port
* SHA-3 performance improvements with x86_64 assembly
* Add code to fallback to S/W if TSIP cannot handle
* Add code to fallback to S/W if TSIP cannot handle
* Improves entropy with VxWorks
* Make time in milliseconds 64-bits for longer session ticket lives
* Support for setting cipher list with bytes
* wolfSSL_set1_curves_list(), wolfSSL_CTX_set1_curves_list() improvements
* Add to RSAES-OAEP key parsing for pkcs7
* Add missing DN nid to work with PrintName()
* SP int: default to 16 bit word size when NO_64BIT defined
* SP int: default to 16 bit word size when NO_64BIT defined
* Limit the amount of fragments we store per a DTLS connection and error out when max limit is reached
* Detect when certificate's RSA public key size is too big and fail on loading of certificate
## Fixes
* Fix for async with OCSP non-blocking in `ProcessPeerCerts`
* Fixes for building with 32-bit and socket size sign/unsigned mismatch
* Fix Windows CMakeList compiler options
* TLS 1.3 Middle-Box compat: fix missing brace
* Configuration consistency fixes for RSA keys and way to force disable of private keys
* Fix Windows CMakeList compiler options
* TLS 1.3 Middle-Box compat: fix missing brace
* Configuration consistency fixes for RSA keys and way to force disable of private keys
* Fix for Aarch64 Mac M1 SP use
* Fix build errors and warnings for MSVC with DTLS 1.3
* Fix HMAC compat layer function for SHA-1
@@ -1101,9 +800,9 @@ Release 5.5.1 of wolfSSL embedded TLS has bug fixes and new features including:
* Check return from call to wc_Time
* SP math: fix build configuration with opensslall
* Fix for async session tickets
* SP int mp_init_size fixes when SP_WORD_SIZE == 8
* SP int mp_init_size fixes when SP_WORD_SIZE == 8
* Ed. function to make public key now checks for if the private key flag is set
* Fix HashRaw WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash
* Fix HashRaw WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash
* Fix for building with PSK only
* Set correct types in wolfSSL_sk_*_new functions
* Sanity check that size passed to mp_init_size() is no more than SP_INT_DIGITS
@@ -1217,7 +916,7 @@ CVE-2020-12966 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb
* Update SP math all to not use sp_int_word when SQR_MUL_ASM is available
### SP Math Fixes
* Fixes for constant time with div function
* Fix casting warnings for Windows builds and assembly changes to support XMM6-15 being non-volatile
* Fix casting warnings for Windows builds and assembly changes to support XMM6-15 being non-volatile
* Fix for div_word when not using div function
* Fixes for user settings with SP ASM and ED/Curve25519 small
* Additional Wycheproof tests ran and fixes
@@ -1397,7 +1096,7 @@ Release 5.3.0 of wolfSSL embedded TLS has bug fixes and new features including:
### Math Library Fixes
* Sanity check with SP math that ECC points ordinates are not greater than modulus length
* Additional sanity checks that _sp_add_d does not error due to overflow
* Wycheproof fixes, testing integration, and fixes for AVX / AArch64 ASM edge case tests
* Wycheproof fixes, testing integration, and fixes for AVX / AArch64 ASM edge case tests
* TFM fp_div_2_ct rework to avoid potential overflow
### Misc.
@@ -1638,7 +1337,7 @@ Release 5.1.0 of wolfSSL embedded TLS has bug fixes and new features including:
###### PORT Fixes
* Building with Android wpa_supplicant and KeyStore
* Setting initial value of CA certificate with TSIP enabled
* Cryptocell ECC build fix and fix with RSA disabled
* Cryptocell ECC build fix and fix with RSA disabled
* IoT-SAFE improvement for Key/File slot ID size, fix for C++ compile, and fixes for retrieving the public key after key generation
###### Math Library Fixes
@@ -1777,7 +1476,7 @@ Release 5.0.0 of wolfSSL embedded TLS has bug fixes and new features including:
- SSL_SESSION_has_ticket()
- SSL_SESSION_get_ticket_lifetime_hint()
- DIST_POINT_new
- DIST_POINT_free
- DIST_POINT_free
- DIST_POINTS_free
- CRL_DIST_POINTS_free
- sk_DIST_POINT_push
@@ -1940,7 +1639,7 @@ Release 4.8.0 of wolfSSL embedded TLS has bug fixes and new features including:
### Vulnerabilities
* [Low] CVE-2021-37155: OCSP request/response verification issue. In the case that the serial number in the OCSP request differs from the serial number in the OCSP response the error from the comparison was not resulting in a failed verification. We recommend users that have wolfSSL version 4.6.0 and 4.7.0 with OCSP enabled update their version of wolfSSL. Version 4.5.0 and earlier are not affected by this report. Thanks to Rainer Mueller-Amersdorffer, Roee Yankelevsky, Barak Gutman, Hila Cohen and Shoshi Berko (from CYMOTIVE Technologies and CARIAD) for the report.
* [Low] CVE-2021-24116: Side-Channel cache look up vulnerability in base64 PEM decoding for versions of wolfSSL 4.5.0 and earlier. Versions 4.6.0 and up contain a fix and do not need to be updated for this report. If decoding a PEM format private key using version 4.5.0 and older of wolfSSL then we recommend updating the version of wolfSSL used. Thanks to Florian Sieck, Jan Wichelmann, Sebastian Berndt and Thomas Eisenbarth for the report.
* [Low] CVE-2021-24116: Side-Channel cache look up vulnerability in base64 PEM decoding for versions of wolfSSL 4.5.0 and earlier. Versions 4.6.0 and up contain a fix and do not need to be updated for this report. If decoding a PEM format private key using version 4.5.0 and older of wolfSSL then we recommend updating the version of wolfSSL used. Thanks to Florian Sieck, Jan Wichelmann, Sebastian Berndt and Thomas Eisenbarth for the report.
### New Feature Additions
###### New Product

10
Docker/Dockerfile
View File

@@ -6,11 +6,11 @@ USER root
# Set timezone to UTC
RUN ln -snf /usr/share/zoneinfo/UTC /etc/localtime && echo UTC > /etc/timezone
ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev libuv1-dev libpam0g-dev valgrind git linux-headers-generic gcc-multilib g++-multilib libpcap-dev bubblewrap gdb iputils-ping lldb bsdmainutils netcat-traditional binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev libuv1-dev libpam0g-dev valgrind git linux-headers-generic gcc-multilib g++-multilib libpcap-dev bubblewrap gdb iputils-ping lldb bsdmainutils netcat binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
ARG DEPS_UDP_PROXY="wget libevent-dev"
ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump libpsl-dev python3-pandas python3-tabulate libnl-genl-3-dev libcap-ng-dev python3-virtualenv curl jq"
ARG DEPS_TOOLS="ccache clang-tidy maven libfile-util-perl android-tools-adb usbutils shellcheck"
ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump libpsl-dev python3-pandas python3-tabulate libnl-genl-3-dev libcap-ng-dev"
ARG DEPS_TOOLS="ccache clang-tidy maven"
RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
&& apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
&& apt clean -y && rm -rf /var/lib/apt/lists/*
@@ -40,12 +40,10 @@ RUN cd /opt/sources && git clone --single-branch https://github.com/cisco/hash-s
# Install pkixssh to /opt/pkixssh for X509 interop testing with wolfSSH
RUN mkdir /var/empty
RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-15.1.tar.gz | tar xzf - && cd pkixssh-15.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-14.1.1.tar.gz | tar xzf - && cd pkixssh-14.1.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
# Install udp/tcp-proxy
RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
# Install libbacktrace
RUN cd /opt/sources && git clone --depth=1 --single-branch https://github.com/ianlancetaylor/libbacktrace.git && cd libbacktrace && mkdir build && cd build && ../configure && make && make install
# Allow non-root to use tcpdump (will need NET_RAW and NET_ADMIN capability when running the container)
RUN setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/tcpdump

33
Docker/buildAndPush.sh
View File

@@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash
# Assume we're in wolfssl/Docker
WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
@@ -18,37 +18,18 @@ docker build -t wolfssl/wolfssl-builder:${CUR_DATE} ${DOCKER_BUILD_OPTIONS} "${W
docker tag wolfssl/testing-cross-compiler:${CUR_DATE} wolfssl/testing-cross-compiler:latest
if [ $? -eq 0 ]; then
echo "Push containers to DockerHub [y/N]? "
read val
if [ "$val" = "y" ]; then
docker push wolfssl/wolfssl-builder:${CUR_DATE} && docker push wolfssl/wolfssl-builder:latest && \
docker push wolfssl/testing-cross-compiler:${CUR_DATE} && docker push wolfssl/testing-cross-compiler:latest
if [ $? -ne 0 ]; then
echo "Warning: push failed. Continuing"
((NUM_FAILURES++))
fi
fi
echo "Pushing containers to DockerHub"
docker push wolfssl/wolfssl-builder:${CUR_DATE} && docker push wolfssl/wolfssl-builder:latest && \
docker push wolfssl/testing-cross-compiler:${CUR_DATE} && docker push wolfssl/testing-cross-compiler:latest
else
echo "Warning: Build wolfssl/wolfssl-builder failed. Continuing"
((NUM_FAILURES++))
fi
echo "Building wolfssl/wolfCLU:${CUR_DATE}"
DOCKER_ARGS="--pull --build-arg DUMMY=${CUR_DATE} --platform=linux/amd64,linux/arm64,linux/arm/v7 ${WOLFSSL_DIR}/Docker/wolfCLU"
docker buildx build -t wolfssl/wolfclu:${CUR_DATE} ${DOCKER_ARGS} && \
docker buildx build -t wolfssl/wolfclu:latest ${DOCKER_ARGS}
if [ $? -eq 0 ]; then
echo "Push containers to DockerHub [y/N]? "
read val
if [ "$val" = "y" ]; then
docker buildx build ${DOCKER_ARGS} --push -t wolfssl/wolfclu:${CUR_DATE} && \
docker buildx build ${DOCKER_ARGS} --push -t wolfssl/wolfclu:latest
if [ $? -ne 0 ]; then
echo "Warning: push failed. Continuing"
((NUM_FAILURES++))
fi
fi
else
docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:${CUR_DATE} --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU" && \
docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:latest --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU"
if [ $? -ne 0 ]; then
echo "Warning: Build wolfssl/wolfclu failed. Continuing"
((NUM_FAILURES++))
fi

2
Docker/run.sh
View File

@@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash
echo "Running with \"${*}\"..."

10
Docker/wolfCLU/Dockerfile
View File

@@ -1,9 +1,9 @@
ARG DOCKER_BASE_IMAGE=ubuntu
FROM ubuntu AS builder
FROM ubuntu as BUILDER
ARG DEPS_WOLFSSL="build-essential autoconf libtool zlib1g-dev libuv1-dev libpam0g-dev git libpcap-dev libcurl4-openssl-dev bsdmainutils netcat-traditional iputils-ping bubblewrap"
ARG DEPS_WOLFSSL="build-essential autoconf libtool zlib1g-dev libuv1-dev libpam0g-dev git libpcap-dev libcurl4-openssl-dev bsdmainutils netcat iputils-ping bubblewrap"
RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
&& apt install -y ${DEPS_WOLFSSL} \
&& apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} \
&& apt clean -y && rm -rf /var/lib/apt/lists/*
ARG NUM_CPU=16
@@ -18,8 +18,8 @@ RUN git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/
FROM ${DOCKER_BASE_IMAGE}
USER root
COPY --from=builder /usr/local/lib/libwolfssl.so /usr/local/lib/
COPY --from=builder /usr/local/bin/wolfssl* /usr/local/bin/
COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
RUN ldconfig
ENTRYPOINT ["/usr/local/bin/wolfssl"]
LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl

2
Docker/wolfCLU/README.md
View File

@@ -1,6 +1,6 @@
This is a small container that has wolfCLU installed for quick access. To build your own run the following:
```
docker build --pull --build-arg DUMMY=$(date +%s) -t wolfclu .
docker build --pull --build-arg DUMMY=$(date +%s) -t wolfclu .
```
To run the container, you can use:

2
Docker/yocto/buildAndPush.sh
View File

@@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash
# Assume we're in wolfssl/Docker/yocto
WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/../..; pwd)

8
IDE/ARDUINO/Arduino_README_prepend.md
View File

@@ -8,12 +8,6 @@ See the [Arduino-wolfSSL logs](https://downloads.arduino.cc/libraries/logs/githu
## Arduino Releases
This release of wolfSSL is version [5.7.4](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.4-stable).
Version [5.7.2](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable) of the Arduino wolfSSL was published August 3, 2024.
The next Official wolfSSL Arduino Library was [5.7.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable)
The first Official wolfSSL Arduino Library was `5.6.6-Arduino.1`: a slightly modified, post [release 5.6.6](https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable) version update.
The first Official wolfSSL Arduino Library is `5.6.6-Arduino.1`: a slightly modified, post [release 5.6.6](https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable) version update.
See other [wolfSSL releases versions](https://github.com/wolfSSL/wolfssl/releases). The `./wolfssl-arduino.sh INSTALL` [script](https://github.com/wolfSSL/wolfssl/tree/master/IDE/ARDUINO) can be used to install specific GitHub versions as needed.

6
IDE/ARDUINO/README.md
View File

@@ -27,7 +27,7 @@ This option will allow wolfSSL to be installed directly using the native Arduino
## Manually Reformatting wolfSSL as a Compatible Arduino Library
Use [this](./wolfssl-arduino.sh) shell script that will re-organize the wolfSSL library to be
Use [this](./wolfssl-arduino.sh) shell script that will re-organize the wolfSSL library to be
compatible with [Arduino Library Specification](https://arduino.github.io/arduino-cli/0.35/library-specification/)
for projects that use Arduino IDE 1.5.0 or newer.
@@ -55,8 +55,8 @@ from within the `wolfssl/IDE/ARDUINO` directory:
3. `./wolfssl-arduino.sh INSTALL /path/to/repository` (Used to update [arduino-wolfSSL](https://github.com/wolfSSL/arduino-wolfSSL))
- Creates an Arduino Library in `wolfSSL` directory
- Copies that directory contents to the specified `/path/to/repository`
- Adds the [default](../../examples/configs/user_settings_arduino.h) as `user_settings.h`.
- Adds the [default](../../examples/configs/user_settings_arduino.h) as `user_settings.h`.
4. `./wolfssl-arduino.sh INSTALL /path/to/any/other/directory`
- Creates an Arduino Library in `wolfSSL` directory
- Copies that directory contents to the specified `/path/to/any/other/directory`

2
IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
View File

@@ -1,6 +1,6 @@
/* wolfssl_client.ino
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

4
IDE/ARDUINO/sketches/wolfssl_server/README.md
View File

@@ -13,7 +13,7 @@ Additional examples can be found on [wolfSSL/wolfssl-examples](https://github.co
## Connect with an Arduino Sketch
See the companion [Arduino Sketch Client](../wolfssl_client/wolfssl_client.ino).
See the companion [Arduino Sketch Client](../wolfssl_client/wolfssl_client.ino).
## Connect with Linux Client
@@ -35,7 +35,7 @@ press the reset button or power cycle the Arduino before making a connection.
Here's one possible script to test the server from a command-line client:
```bash
#!/usr/bin/env bash
#!/bin/bash
echo "client log " > client_log.txt
counter=1
THIS_ERR=0

2
IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
View File

@@ -1,6 +1,6 @@
/* wolfssl_server.ino
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

51
IDE/ARDUINO/wolfssl-arduino.sh
View File

@@ -20,7 +20,7 @@
# Reminder there's typically no $USER for GitHub actions, but:
# ROOT_DIR="/mnt/c/Users/$USER/Documents/Arduino/libraries"
#
# The company name is "wolfSSL Inc."; There's a space, no comma, and a period after "Inc."
# The company name is "wolfSSL Inc."; Theres a space, no comma, and a period after "Inc."
# The Arduino library name is "wolfssl" (all lower case)
# The Arduino library directory name is "wolfssl" (all lower case)
# The Arduino library include file is "wolfssl.h" (all lower case)
@@ -29,7 +29,7 @@
ROOT_DIR="/wolfssl"
# The Arduino Version will initially have a suffix appended during fine tuning stage.
WOLFSSL_VERSION_ARUINO_SUFFIX=""
WOLFSSL_VERSION_ARUINO_SUFFIX="-Arduino.3"
# For verbose copy, set CP_CMD="-v", otherwise clear it: CP_CMD="cp"
# Do not set to empty string, as copy will fail with this: CP_CMD=""
@@ -65,11 +65,6 @@ if ! [ "$CP_CMD" = "cp " ]; then
fi
fi
if [ "$ROOT_DIR" = "" ]; then
echo "ERROR: ROOT_DIR cannot be blank"
exit 1
fi
# Check environment
if [ -n "$WSL_DISTRO_NAME" ]; then
# we found a non-blank WSL environment distro name
@@ -89,11 +84,6 @@ if [ $# -gt 0 ]; then
if [ "$THIS_OPERATION" = "INSTALL" ]; then
THIS_INSTALL_DIR=$2
if [ "$THIS_INSTALL_DIR" = "/" ]; then
echo "ERROR: THIS_INSTALL_DIR cannot be /"
exit 1
fi
echo "Install is active."
if [ "$THIS_INSTALL_DIR" = "" ]; then
@@ -106,10 +96,10 @@ if [ $# -gt 0 ]; then
else
echo "Installing to $THIS_INSTALL_DIR"
if [ -d "$THIS_INSTALL_DIR/.git" ];then
echo "Target is a GitHub root repository."
echo "Target is a GitHub repository."
THIS_INSTALL_IS_GITHUB="true"
else
echo "Target is NOT a GitHub root directory repository. (e.g. not wolfssl/Arduino-wolfssl)"
echo "Target is NOT a GitHub repository."
fi
fi
else
@@ -310,33 +300,24 @@ echo ""
# Note we should have exited above if a problem was encountered,
# as we'll never want to install a bad library.
if [ "$THIS_OPERATION" = "INSTALL" ]; then
echo "Config:"
echo "cp ../../examples/configs/user_settings_arduino.h ".${ROOT_SRC_DIR}"/user_settings.h"
# Nearly an ordinary copy, but we remove any lines with ">>" (typically edit with caution warning in comments)
grep -v '>>' ../../examples/configs/user_settings_arduino.h > ".${ROOT_SRC_DIR}"/user_settings.h || exit 1
# Show the user_settings.h revision string:
grep "WOLFSSL_USER_SETTINGS_ID" ."${ROOT_SRC_DIR}/user_settings.h"
echo ""
if [ "$THIS_INSTALL_IS_GITHUB" = "true" ]; then
echo "Installing to GitHub directory: $THIS_INSTALL_DIR"
cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
echo "Removing workspace library directory: .$ROOT_DIR"
rm -rf ".$ROOT_DIR"
else
echo "Config:"
echo "cp ../../examples/configs/user_settings_arduino.h ".${ROOT_SRC_DIR}"/user_settings.h"
# Nearly an ordinary copy, but we remove any lines with ">>" (typically edit with caution warning in comments)
grep -v '>>' ../../examples/configs/user_settings_arduino.h > ".${ROOT_SRC_DIR}"/user_settings.h || exit 1
echo "Installing to local directory:"
if [ "$THIS_INSTALL_DIR" = "" ]; then
echo "mv .$ROOT_DIR $ARDUINO_ROOT"
mv ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
# Show the user_settings.h revision string:
grep "WOLFSSL_USER_SETTINGS_ID" ."${ROOT_SRC_DIR}/user_settings.h"
echo ""
echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
else
echo "cp -r .\"$ROOT_DIR\"/* \"$THIS_INSTALL_DIR\""
mkdir -p "$THIS_INSTALL_DIR" || exit 1
cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
fi
echo "Install:"
echo "mv .$ROOT_DIR $ARDUINO_ROOT"
mv ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
fi
fi

4
IDE/AURIX/Cpu0_Main.c
View File

@@ -1,6 +1,6 @@
/* Cpu0_Main.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@@ -63,7 +63,7 @@ int fputc(int ch, FILE *f)
if (ch == (int)'\n') {
int chcr = (int)'\r';
count = 1;
IfxAsclin_Asc_write(&g_asc, &chcr, &count, TIME_INFINITE);
IfxAsclin_Asc_write(&g_asc, &chcr, &count, TIME_INFINITE);
}
count = 1;
IfxAsclin_Asc_write(&g_asc, &ch, &count, TIME_INFINITE);

2
IDE/AURIX/README.md
View File

@@ -9,7 +9,7 @@ Tested Platform:
## Running wolfCrypt on TriCore
1) Add the wolfSSL source and headers to `Libraries/wolfssl`.
1) Add the wolfSSL source and headers to `Libraries/wolfssl`.
- Only the following folders are required: `src`, `wolfcrypt` and `wolfssl`.
- See script to help with producing bundle here: https://github.com/wolfSSL/wolfssl/blob/master/scripts/makedistsmall.sh
2) Add `WOLFSSL_USER_SETTINGS` to the Preprocessing symbols list. C/C++ Build -> Settings -> TASKING C/C++ Compiler -> Preprocessing.

2
IDE/AURIX/user_settings.h
View File

@@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/AURIX/wolf_main.c
View File

@@ -1,6 +1,6 @@
/* wolf_main.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

7
IDE/CRYPTOCELL/main.c
View File

@@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@@ -18,8 +18,8 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfcrypt/test/test.h>
#include <wolfcrypt/benchmark/benchmark.h>
@@ -63,3 +63,4 @@ int main(void)
return 0;
}

3
IDE/CRYPTOCELL/user_settings.h
View File

@@ -1,6 +1,6 @@
/* user_settings.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@@ -401,7 +401,6 @@ extern "C" {
/* prototypes for user heap override functions */
/* Note: Realloc only required for normal math */
/* Note2: XFREE(NULL) must be properly handled */
#include <stddef.h> /* for size_t */
extern void *myMalloc(size_t n, void* heap, int type);
extern void myFree(void *p, void* heap, int type);

2
IDE/ECLIPSE/DEOS/deos_malloc.c
View File

@@ -1,6 +1,6 @@
/* deos_malloc.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

4
IDE/ECLIPSE/DEOS/deos_wolfssl/.project
View File

@@ -240,9 +240,9 @@
<locationURI>WOLFSSL_ROOT/wolfcrypt/src/fe_operations.c</locationURI>
</link>
<link>
<name>wolfcrypt/src/fe_x25519_128.h</name>
<name>wolfcrypt/src/fe_x25519_128.i</name>
<type>1</type>
<locationURI>WOLFSSL_ROOT/wolfcrypt/src/fe_x25519_128.h</locationURI>
<locationURI>WOLFSSL_ROOT/wolfcrypt/src/fe_x25519_128.i</locationURI>
</link>
<link>
<name>wolfcrypt/src/fp_mont_small.i</name>

2
IDE/ECLIPSE/DEOS/tls_wolfssl.c
View File

@@ -1,6 +1,6 @@
/* tls_wolfssl.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/DEOS/tls_wolfssl.h
View File

@@ -1,6 +1,6 @@
/* tls_wolfssl.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/DEOS/user_settings.h
View File

@@ -1,6 +1,6 @@
/* user_setting.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/MICRIUM/client_wolfssl.c
View File

@@ -1,6 +1,6 @@
/* client_wolfssl.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/MICRIUM/client_wolfssl.h
View File

@@ -1,6 +1,6 @@
/* client_wolfssl.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/MICRIUM/server_wolfssl.c
View File

@@ -1,6 +1,6 @@
/* server_wolfssl.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/MICRIUM/server_wolfssl.h
View File

@@ -1,6 +1,6 @@
/* server_wolfssl.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/MICRIUM/user_settings.h
View File

@@ -1,6 +1,6 @@
/* user_setting.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c
View File

@@ -1,6 +1,6 @@
/* wolfsslRunTests.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/RTTHREAD/user_settings.h
View File

@@ -1,6 +1,6 @@
/* user_setting.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/RTTHREAD/wolfssl_test.c
View File

@@ -1,6 +1,6 @@
/* wolfsslRunTests.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

2
IDE/ECLIPSE/SIFIVE/README.md
View File

@@ -1 +1 @@
This folder has moved to `IDE/RISCV/SIFIVE-HIFIVE1`.
This folder has moved to `IDE/RISCV/SIFIVE-HIFIVE1`.

45
IDE/Espressif/ESP-IDF/README.md
View File

@@ -1,12 +1,11 @@
# ESP-IDF Port
These Espressif examples have been created and tested with the latest stable release branch of
ESP-IDF v5.2, v5.3 and the master branch
These Espressif examples have been created and tested with the latest stable release branch of
[ESP-IDF V5.2](https://docs.espressif.com/projects/esp-idf/en/release-v5.2/esp32/get-started/index.html).
The prior version 4.4 ESP-IDF is still supported, however version 5.2 or greater is recommended.
Espressif has [a list of all ESP-IDF versions](Espressifversions.html).
Espressif has [a list of all ESP-IDF versions](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html).
See the latest Espressif Migration Guides.
See the latest [Espressif Migration Guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
## Examples
@@ -35,7 +34,7 @@ looks for the wolfSSL `user_settings.h` in the project as described below.
### File: `sdkconfig.h`
The Espressif `sdkconfig.h`, generated automatically from your `sdkconfig`
file at [build](Espressif api-guides/build-system.html)
file at [build](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html)
time, should be included before any other files.
### File: `user_settings.h`
@@ -102,7 +101,7 @@ of your source code, particularly before the `#include <wolfssl/wolfcrypt/settin
## Requirements
1. [ESP-IDF development framework](https://github.com/espressif/esp-idf)
1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)
## wolfSSL as an Espressif component
@@ -114,7 +113,7 @@ There are various methods available for using wolfSSL as a component:
## Espressif Managed Components
Visit https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/ and see the instructions. Typically:
Visit https://components.espressif.com/components/wolfssl/wolfssl and see the instructions. Typically:
```
idf.py add-dependency "wolfssl/wolfssl^5.6.0-stable"
@@ -141,18 +140,10 @@ See the specific examples for additional details.
This is an alternate method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree
1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree
2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
```
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
. $WRK_IDF_PATH/export.sh
./setup.sh
```
## Setup for Windows
This is an alternate method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
@@ -178,7 +169,7 @@ C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espre
## Configuration
1. The `user_settings.h` can be found in `[project]/components/wolfssl/include/user_settings.h`.
1. The `user_settings.h` can be found in `[project]/components/wolfssl/include/user_settings.h`.
## Configuration (Legacy IDF install)
@@ -192,13 +183,13 @@ C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espre
For question please email [support@wolfssl.com]
Note: This is tested with :
Note: This is tested with :
- OS: Ubuntu 20.04.3 LTS
- Microsoft Windows 10 Pro 10.0.19041 / Windows 11 Pro 22H2 22621.2715
- Visual Studio 2022 17.7.6 with VisualGDB 5.6R9 (build 4777)
- WSL 1 Ubuntu 22.04.3 LTS
- ESP-IDF: ESP-IDF v5.2
- SoC Module : all those supported in ESP-IDF v5.2
- ESP-IDF: ESP-IDF v5.1
- SoC Module : all those supported in ESP-IDF v5.1
## JTAG Debugging Notes
@@ -235,15 +226,3 @@ ftdi layout_signal nSRST -data 0x0020
reset_config srst_push_pull trst_push_pull
```
## Windows long paths
Check "Long Paths Enabled" in Windows registry.
Please set registry HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\LongPathsEnabled to 1.
The operation requires Administrator privileges. Command:
```powershell
powershell -Command "&{ Start-Process -FilePath reg 'ADD HKLM\SYSTEM\CurrentControlSet\Control\FileSystem /v LongPathsEnabled /t REG_DWORD /d 1 /f' -Verb runAs}"
```

2
IDE/Espressif/ESP-IDF/README_32se.md
View File

@@ -10,7 +10,7 @@ Including the following examples:
The `user_settings.h` file enables some of the hardened settings.
## Requirements
1. ESP-IDF development framework: https://github.com/espressif/esp-idf
1. ESP-IDF development framework: https://docs.espressif.com/projects/esp-idf/en/latest/get-started/
2. Microchip CryptoAuthentication Library: https://github.com/MicrochipTech/cryptoauthlib

2
IDE/Espressif/ESP-IDF/compileAllExamples.sh
View File

@@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash
#
# testing script: compileAllExamples
#

2
IDE/Espressif/ESP-IDF/dummy_config_h
View File

@@ -1,6 +1,6 @@
/* config.h - dummy
*
* Copyright (C) 2006-2024 wolfSSL Inc.
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*

17
IDE/Espressif/ESP-IDF/examples/README.md
View File

@@ -12,7 +12,7 @@ These are the core examples for wolfSSL:
- [TLS Client](./wolfssl_client/README.md). See also [CLI Client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client) and [more TLS examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/tls).
- [TLS Server](./wolfssl_server/README.md). See also [CLI Server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
- [TLS Server](./wolfssl_server/README.md). See also [CLI Server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
## Other Espressif wolfSSL Examples
@@ -44,7 +44,7 @@ TLS1.3 Linux Client to Linux Server: `TLS_AES_128_GCM_SHA256` (default)
./examples/client/client -v 4 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
```
TLS1.2 Linux Server
TLS1.2 Linux Server
```
./examples/server/server -v 3 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
```
@@ -71,14 +71,14 @@ There's an additional example that uses wolfSSL installed as a component to the
## Installing wolfSSL for Espressif projects
[Core examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
have a local `components/wolfssl` directory with a special CMakeFile.txt that does not require
[Core examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
have a local `components/wolfssl` directory with a special CMakeFile.txt that does not require
wolfSSL to be installed.
If you want to install wolfSSL, see the setup for [wolfSSL](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF#setup-for-linux)
If you want to install wolfSSL, see the setup for [wolfSSL](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF#setup-for-linux)
and [wolfSSH](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif#setup-for-linux).
The [Espressif Managed Component for wolfSSL](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/)
The [Espressif Managed Component for wolfSSL](https://components.espressif.com/components/wolfssl/wolfssl)
also installs source code locally, instead of pointing to a source repository.
## VisualGDB
@@ -114,4 +114,7 @@ It may be helpful to also delete the `sdkconfig` file. (Save a backup if you've
- esp32.com: [GPIO6,GPIO7,GPIO8,and GPIO9 changed for ESP32-WROOM-32E](https://esp32.com/viewtopic.php?t=29058)
See also the `ESP-FAQ Handbook`.
See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf).

11
IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
View File

@@ -1,13 +1,10 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.3
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.16)
# Optional no watchdog typically used for test & benchmark
add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
@@ -71,12 +68,6 @@ else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# Ensure the this wolfSSL component directory is included
set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
# Not only is a project-level "set(COMPONENTS" not needed here, this will cause
# an unintuitive error about Unknown CMake command "esptool_py_flash_project_args".
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(wolfssl_template)

12
IDE/Espressif/ESP-IDF/examples/template/README.md
View File

@@ -7,11 +7,11 @@ For general information on [wolfSSL examples for Espressif](../README.md), see t
### Prerequisites
It is assumed the [ESP-IDF environment](Espressifget-started/) has been installed.
It is assumed the [ESP-IDF environment](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/) has been installed.
### Files Included
- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) .
- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) .
- See [components/wolfssl/include](./components/wolfssl/include/user_settings.h) directory to edit the wolfSSL `user_settings.h`.
@@ -19,7 +19,7 @@ It is assumed the [ESP-IDF environment](Espressifget-started/) has been installe
- The [components/wolfssl/CMakeLists.txt](./components/wolfssl/CMakeLists.txt) typically does not need to be changed.
- Optional [VisualGDB Project](./VisualGDB/README.md) for Visual Studio using ESP32 and ESP-IDF v5.2. See also [template](../template/VisualGDB/README.md) for other devices.
- Optional [VisualGDB Project](./VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj) for Visual Studio using ESP32 and ESP-IDF v5.1.
- Edit the project [CMakeLists.txt](./CMakeLists.txt) to optionally point this project's wolfSSL component source code at a different directory:
@@ -30,12 +30,12 @@ set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
## Getting Started:
Here's an example using the command-line [idf.py](Espressifapi-guides/tools/idf-py.html).
Here's an example using the command-line [idf.py](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-py.html).
Edit your `WRK_IDF_PATH`to point to your ESP-IDF install directory.
```
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
echo "Run export.sh from ${WRK_IDF_PATH}"
. ${WRK_IDF_PATH}/export.sh
@@ -53,7 +53,7 @@ idf.py flash -p /dev/ttyS19 -b 115200
idf.py flash -p /dev/ttyS19 -b 115200 monitor
```
Press `Ctrl+]` to exit `idf.py monitor`. See [additional monitor keyboard commands](Espressifapi-guides/tools/idf-monitor.html).
Press `Ctrl+]` to exit `idf.py monitor`. See [additional monitor keyboard commands](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-monitor.html).
## Other Examples:

644
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
View File

@@ -1,163 +1,34 @@
#
# Copyright (C) 2006-2024 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
# cmake for wolfssl Espressif projects
#
# Version 5.7.2 Espressif ESP-IDF integration
# Version 5.6.0.011 for detect test/benchmark
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
message(STATUS "Begin wolfssl ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
cmake_minimum_required(VERSION 3.16)
set(VERBOSE_COMPONENT_MESSAGES 1)
# Optional requires include:
# set(THIS_ESP_TLS "esp-tls")
set(THIS_ESP_TLS "")
# function: IS_ESP_IDF_COMPONENT
# output: RESULT = 1 (true) if this component is located in the ESP-IDF components
# otherwise 0 (false)
function( IS_ESP_IDF_COMPONENT RESULT )
# NOTE: Component location is based on the location of the CMakeList.txt
# and *not* the location of the wolfSSL source code. (which may be anywhere)
# Normalize the paths to remove any trailing slashes
get_filename_component(NORMALIZED_IDF_PATH "${IDF_PATH}" REALPATH)
get_filename_component(NORMALIZED_TEST_PATH "${COMPONENT_DIR}" REALPATH)
# Check if the test path starts with the IDF_PATH
string(FIND "${NORMALIZED_TEST_PATH}" "${NORMALIZED_IDF_PATH}" pos)
if(${pos} EQUAL 0)
message(STATUS "${COMPONENT_DIR} is within IDF_PATH.")
set(${RESULT} 1 PARENT_SCOPE)
else()
message(STATUS "${COMPONENT_DIR} is not within IDF_PATH.")
set(${RESULT} 0 PARENT_SCOPE)
endif()
endfunction()
# Determine if this cmake file is located in the ESP-IDF component directory or not,
# and if so, if it is being ignored (allowing the use of a local project one, instead).
IS_ESP_IDF_COMPONENT( IS_WOLSSL_ESP_IDF_COMPONENT )
if( IS_WOLSSL_ESP_IDF_COMPONENT )
message(STATUS "This wolfSSL is a component in ESP-IDF.")
if ( CONFIG_IGNORE_ESP_IDF_WOLFSSL_COMPONENT )
idf_component_register()
message(STATUS "Warning: wolfSSL component in ESP-IDF is being ignored.")
return()
endif()
endif()
if( "${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}" STREQUAL "" )
# nothing to do
else()
# Only forward slashes, or double backslashes are supported.
# By the time we get here the sdkconfig file has a value for wolfSSL source code root.
string(REPLACE "\\" "/" CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
message(STATUS "Cleaned wolfssl path: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
endif()
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
# set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSL_ROOT "c:/test/my_wolfssl" )
if ( "${WOLFSSL_ROOT}" STREQUAL "")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
endif()
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# Optional compiler definitions to help with system name detection (typically printed by app diagnostics)
if(VERBOSE_COMPONENT_MESSAGES)
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# Don't include lwip requirement for benchmark and test apps.
if( ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark") OR ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_test") )
message(STATUS "Not including lwip for ${CMAKE_PROJECT_NAME}")
else()
# benchmark and test do not need wifi, everything else probably does:
set(COMPONENT_REQUIRES lwip "${THIS_ESP_TLS}") # we typically don't need lwip directly in wolfssl component
endif()
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
# find the user name to search for possible "wolfssl-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
@@ -180,25 +51,6 @@ else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# ENVIRONMENT_VAR_TO_MACRO
# Check environment variable name EVARPARAM as [name]
# If defined, and has a value of EVARVALUE as [value],
# then assign a compiler definition "-D[name]=[value]"
function(ENVIRONMENT_VAR_TO_MACRO EVARPARAM EVARVALUE)
# If the EVARPARAM environment variable name is set to EVARVALUE,
# set the compiler flag definition to enable CSV output.
if ( "$ENV{${EVARPARAM}}" STREQUAL "${EVARVALUE}")
message(STATUS "Appending compile definition: -D${EVARPARAM}=${EVARVALUE}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D${EVARPARAM}=${EVARVALUE}")
else()
if(DEFINED ENV{${EVARPARAM}})
message(STATUS "Environment variable ${EVARPARAM} detected but set to $ENV{${EVARPARAM}}, not appending compile definition.")
else()
message(STATUS "Environment variable ${EVARPARAM} not detected, not appending compile definition.")
endif()
endif()
endfunction()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
@@ -216,8 +68,7 @@ endfunction()
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function( IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER
RESULT )
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
@@ -225,71 +76,27 @@ function( IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER
endif()
endfunction()
# *********************************************************************************************
# function: FIND_WOLFSSL_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
#
# Example usage:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
# *********************************************************************************************
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if ( "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" STREQUAL "" )
# The parameter is empty, so we certainly need to search.
# First, see if there's an environment variable. This takes highest priority (unless already found as hard-coded, above)
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
# Next, if not found, see if wolfSSL was selected for ESP-TLS Kconfig
if(CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT)
set(CURRENT_SEARCH_DIR ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
message(STATUS "WOLFSSL_ROOT found in sdkconfig/KConfig: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
else()
message(STATUS "wolfSSL not defined in [Component Config] [wolfssl]. Continuing search...")
# If not specified as a search hint in OUTPUT_FOUND_WOLFSSL_DIRECTORY:
# This wolfSSL component CMakeLists.txt may be found EITHER in:
# 1) local project component
# 2) ESP-IDF share components
# We'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
# That option might find wolfSSL source code as a copy in the component directory (e.g. Managed Components)
# Unless cmake is in the ESP-IDF, in which case it is unlikely to find wolfSSL source in any parent.
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
endif() # CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT
endif() # check environment var blank
else()
message(STATUS "Parameter found for FIND_WOLFSSL_DIRECTORY")
message(STATUS "Setting wolfSSL search directory to: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
set(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif() # parameter empty
# Check to see if we found a path in environment or config settings, above.
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "Source for wolfSSL not specified in path nor config settings.")
# We'll continue the search by recursing up the directory tree, below.
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
# Setting found! Does it contain a valid path?
string(REPLACE "\\" "/" CURRENT_SEARCH_DIR ${CURRENT_SEARCH_DIR})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found wolfSSL source code via setting: ${CURRENT_SEARCH_DIR}")
message(STATUS "Found WOLFSSL_ROOT via Environment Variable: ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
else()
if(WIN32)
message(STATUS "When specifying a path for Windows, use forward slahes, or double backslashes.")
endif()
message(STATUS "CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT sdkconfig setting = ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
message(STATUS "WOLFSSL_ROOT Variable defined, but source code not found: ${CURRENT_SEARCH_DIR}")
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
# we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
@@ -307,47 +114,16 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
return()
endif()
# Maintain CURRENT_SEARCH_DIR, but check various suffixes with CURRENT_SEARCH_DIR_ALT
if( THIS_USER )
# Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
if ( FOUND_WOLFSSL )
# if we already found the source, skip attempt of "wolfssl-master"
else()
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-master)
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in master-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
endif()
if ( FOUND_WOLFSSL )
# if we already found the source, skip attempt of "wolfssl"
else()
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
message(STATUS "Looking in ${CURRENT_SEARCH_DIR_ALT}")
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
if ( FOUND_WOLFSSL )
message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
return()
endif()
endif()
@@ -367,8 +143,7 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# When the parent is current directory, cannot go any further. We didn't find wolfssl.
# When the search directory is empty, we'll give up.
# when the search directory is empty, we'll give up
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
@@ -379,58 +154,17 @@ endfunction()
# Example usage:
#
# Simply find the WOLFSSL_DIRECTORY by searching parent directories:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
#
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check for environment variable that may be assigned to macros
ENVIRONMENT_VAR_TO_MACRO("GENERATE_MACHINE_PARSEABLE_REPORT" "1")
ENVIRONMENT_VAR_TO_MACRO("WOLFSSL_BENCHMARK_FIXED_CSV" "1")
# Optional variable inspection
if (0)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
message(STATUS "ALL VARIABLES BEGIN")
message(STATUS "")
foreach (_variableName ${_variableNames})
message(STATUS "${_variableName}=${${_variableName}}")
endforeach()
message(STATUS "")
message(STATUS "ALL VARIABLES END")
message(STATUS "")
endif()
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
# There's no esp_timer, no driver components for the ESP8266
message(STATUS "Early expansion EXCLUDES esp_timer for esp8266: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver for esp8266: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
set(THIS_ESP_TLS "")
else()
message(STATUS "Early expansion includes esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion includes driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
set(THIS_ESP_TLS "esp-tls")
# Let the app know that we've included the esp-tls component requirement.
# This is critical for use the the esp-tls component. See wolfssl esp_crt_bundle.c file.
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_REQUIRED_ESP_TLS=1")
endif()
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
# esp_timer
# driver # this will typically only be needed for wolfSSL benchmark
)
else()
@@ -439,99 +173,48 @@ else()
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
if ( "${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
# There's no esp_timer, no driver components for the ESP8266
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
else()
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
endif()
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
IS_WOLFSSL_SOURCE("${WOLFSSL_ROOT}" FOUND_WOLFSSL)
if(FOUND_WOLFSSL)
message(STATUS "Found WOLFSSL_ROOT via CMake specification.")
else()
# WOLFSSL_ROOT Path specified in CMakeLists.txt is not a valid path
message(FATAL_ERROR "WOLFSSL_ROOT CMake Variable defined, but path not found: ${WOLFSSL_ROOT}\n"
"Try correcting WOLFSSL_ROOT in your project CMakeFile.txt or setting environment variable.")
# Abort CMake after fatal error.
endif()
message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "Source code for wolfSSL still not found.")
message(STATUS "Searching from project home: ${CMAKE_HOME_DIRECTORY} ...")
set(WOLFSSL_ROOT "${CMAKE_HOME_DIRECTORY}")
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
endif()
if(WOLFSSL_ROOT)
message(STATUS "Confirmed wolfssl directory at: ${WOLFSSL_ROOT}")
else()
# Try to allow a more intuitive error that the source code was not found in cmake:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_WARNING_SOURCE_NOT_FOUND")
message(STATUS "Failed: wolfssl source code directory not found.")
message(STATUS "NEW wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(STATUS "")
message(STATUS "")
message(STATUS "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
message(STATUS "")
message(STATUS "")
# Abort CMake after fatal error. (or not?)
message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
"Try setting WOLFSSL_ROOT environment variable or git clone.")
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
# During regression tests, optionally copy source locally and use: set(USE_LOCAL_TEST_BENCH 1)
set(USE_LOCAL_TEST_BENCH 0)
if(NOT USE_LOCAL_TEST_BENCH)
if( "${CMAKE_PROJECT_NAME}" STREQUAL "hello-world" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/benchmark")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( "${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/benchmark")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( "${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_test" )
message(STATUS "Include ${WOLFSSL_ROOT}/wolfcrypt/test")
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
endif()
if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
endif()
message(STATUS "WOLFSSL_EXTRA_PROJECT_DIR = ${WOLFSSL_EXTRA_PROJECT_DIR}")
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
# wolfSSL user_settings.h may be in the local project.
# TODO check if exists and possibly set to ESP-IDF
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
file(GLOB EXCLUDE_ASM *.S)
file(GLOB EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
@@ -554,12 +237,11 @@ else()
message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(STATUS "Please use wolfSSL in either local project or Espressif components, but not both.")
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
@@ -609,7 +291,6 @@ else()
message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
"${WOLFSSL_ROOT}/include/user_settings.h "
" (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
# Abort CMake after fatal error.
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
@@ -666,9 +347,7 @@ else()
# depending on the environment, we may need to swap backslashes with forward slashes
string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
if(WOLFSSL_ROOT)
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
endif()
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
if(IS_DIRECTORY "${RTOS_IDF_PATH}")
message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
@@ -681,14 +360,13 @@ else()
message(STATUS "Could not find RTOS path")
endif()
endif()
message(STATUS "THIS_IDF_PATH = $THIS_IDF_PATH")
# wolfSSL-specific include directories
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of local project wolfssl user_settings.h
"./include" # this is the location of wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/port/Espressif\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
"${THIS_IDF_PATH}/components/esp_event/include"
@@ -696,7 +374,7 @@ else()
"${THIS_IDF_PATH}/components/esp_wifi/include"
)
# Optionally include cryptoauthlib if present
if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
endif()
@@ -705,7 +383,7 @@ else()
list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
# Some files are known to be included elsewhere, or not used for Espressif
set(COMPONENT_SRCEXCLUDE
"\"${WOLFSSL_ROOT}/src/bio.c\""
"\"${WOLFSSL_ROOT}/src/conf.c\""
@@ -721,8 +399,6 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
@@ -733,7 +409,6 @@ else()
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${WOLFSSL_ROOT}/examples\"" # Examples are distributed in Managed Components, but not part of a project.
"\"${EXCLUDE_ASM}\""
)
@@ -755,144 +430,22 @@ else()
# see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
#
set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
if(WOLFSSL_ROOT)
# Only register the component if we found wolfSSL source.
# This is important to allow Cmake to finish to completion, otherwise the UI
# may not be able to display the Kconfig settings to fix a bad or missing source.
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
else()
# Register the component simply to allow CMake to complete, but there's no wolfSSL source.
# Expect many other errors, but the project should at least be loadable and UI can edit Kconfig settings.
idf_component_register()
message(STATUS "Warning: wolfSSL component not registered as no source code found (WOLFSSL_ROOT is blank)")
endif()
# function(WOLFSSL_INIT_CERT_BUNDLE)
if( CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
AND NOT CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
AND NOT ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
)
if (CMAKE_BUILD_EARLY_EXPANSION)
message(ERROR "Bundle Cert initialization must occur during CMAKE_BUILD_EARLY_EXPANSION")
endif()
# reminder: we need a value for wolfSSL root first!
if( "${WOLFSSL_ROOT}" STREQUAL "" )
message(ERROR "Certificate bundles need a value for WOLFSSL_ROOT")
endif()
set(WOLFSSL_ESP_CRT_BUNDLE_DIR ${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle)
message(STATUS "WOLFSSL_ESP_CRT_BUNDLE_DIR=${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
if(EXISTS "${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
set(bundle_name "x509_crt_bundle_wolfssl")
# For now the certs are in the same directory
set(DEFAULT_CRT_DIR "${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
# Generate custom certificate bundle using the generate_cert_bundle utility
set(GENERATE_CERT_BUNDLEPY ${python} ${WOLFSSL_ESP_CRT_BUNDLE_DIR}/gen_crt_bundle.py)
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
elseif(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
list(APPEND args --filter ${DEFAULT_CRT_DIR}/cmn_crt_authorities.csv)
endif()
# Add deprecated root certs if enabled. This config is not visible if the default cert
# bundle is not selected
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_deprecated.pem)
endif()
if(CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE)
get_filename_component(custom_bundle_path
${CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH} ABSOLUTE BASE_DIR "${project_dir}")
list(APPEND crt_paths ${custom_bundle_path})
message(STATUS "Using a custom wolfSSL bundle path: ${custom_bundle_path}")
else()
message(STATUS "Not using a custom wolfSSL bundle path.")
endif()
list(APPEND args --input ${crt_paths} -q)
message(STATUS "CMAKE_CURRENT_BINARY_DIR: ${CMAKE_CURRENT_BINARY_DIR}")
get_filename_component(crt_bundle
${bundle_name}
ABSOLUTE BASE_DIR "${CMAKE_CURRENT_BINARY_DIR}")
message(STATUS "Setting up bundle generate: ${GENERATE_CERT_BUNDLEPY} ${args}")
message(STATUS "Depends on custom bundle path: ${custom_bundle_path}")
message(STATUS "crt_bundle ${crt_bundle}")
message(STATUS "COMPONENT_LIB ${COMPONENT_LIB}")
message(STATUS "GENERATE_CERT_BUNDLEPY ${GENERATE_CERT_BUNDLEPY}")
message(STATUS "args ${args}")
message(STATUS "cert_bundle ${cert_bundle}")
# Generate bundle according to config
# File is generated at build time, not cmake load
add_custom_command(OUTPUT ${crt_bundle}
COMMAND ${GENERATE_CERT_BUNDLEPY} ARGS ${args}
DEPENDS ${custom_bundle_path}
VERBATIM)
if(EXISTS "${crt_bundle}")
message(STATUS "Bundle file exists from prior build: ${crt_bundle}")
else()
message(STATUS "Bundle file expected during next build: ${crt_bundle}")
endif()
# Reminder the file is generated at build time, not cmake load time.
message(STATUS "wolfSSL Cert Bundle File to be created at build time in: ${crt_bundle}")
add_custom_target(custom_wolfssl_bundle DEPENDS ${cert_bundle})
# the wolfSSL crtificate bundle is baked into wolfSSL
add_dependencies(${COMPONENT_LIB} custom_wolfssl_bundle)
# COMPONENT_LIB may vary: __idf_wolfssl, __idf_esp_wolfssl, etc
# target_add_binary_data(__idf_wolfssl ${crt_bundle} BINARY)
target_add_binary_data(${COMPONENT_LIB} ${crt_bundle} BINARY)
set_property(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
APPEND PROPERTY ADDITIONAL_CLEAN_FILES
"${crt_bundle}")
else()
message(STATUS "WARNING: CONFIG_WOLFSSL_CERTIFICATE_BUNDLE enabled but directory not found: ${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
endif()
endif()
# endfunction() # WOLFSSL_INIT_CERT_BUNDLE
# Some optional diagnostics. Verbose ones are truncated.
if (VERBOSE_COMPONENT_MESSAGES)
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
)
# some optional diagnostics
if (1)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
message(STATUS "")
message(STATUS "ALL VARIABLES BEGIN")
message(STATUS "")
foreach (_variableName ${_variableNames})
if ( ("${_variableName}" STREQUAL "bootloader_binary_files")
OR ("${_variableName}" STREQUAL "Component paths")
OR ("${_variableName}" STREQUAL "component_targets")
OR ("${_variableName}" STREQUAL "__COMPONENT_TARGETS")
OR ("${_variableName}" STREQUAL "CONFIGS_LIST")
OR ("${_variableName}" STREQUAL "__CONFIG_VARIABLES")
OR ("${_variableName}" STREQUAL "val")
OR ("${_variableName}" MATCHES "^__idf_")
)
# Truncate the displayed value:
string(SUBSTRING "${${_variableName}}" 0 70 truncatedValue)
message(STATUS "${_variableName} = ${truncatedValue} ... (truncated)")
else()
message(STATUS "${_variableName}=${${_variableName}}")
endif()
message(STATUS "${_variableName}=${${_variableName}}")
endforeach()
message(STATUS "")
message(STATUS "ALL VARIABLES END")
@@ -900,12 +453,6 @@ endif()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
message(STATUS "DETECTED_PROJECT_NAME=${CMAKE_PROJECT_NAME}")
message(STATUS "COMPONENT_TARGET=${COMPONENT_TARGET}")
target_compile_definitions(${COMPONENT_TARGET} PRIVATE DETECTED_PROJECT_NAME="${CMAKE_PROJECT_NAME}")
if( "${CMAKE_PROJECT_NAME}" STREQUAL "esp_http_client_example" )
target_compile_definitions(${COMPONENT_TARGET} PRIVATE APP_ESP_HTTP_CLIENT_EXAMPLE="y")
endif()
endif() # CMAKE_BUILD_EARLY_EXPANSION
@@ -961,80 +508,31 @@ endfunction() # LIBWOLFSSL_SAVE_INFO
# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
# see wolfcrypt\src\port\Espressif\esp32_utl.c
if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
if(NOT CMAKE_BUILD_EARLY_EXPANSION)
set (git_cmd "git")
message(STATUS "Adding macro definitions:")
# LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd}
"show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_WOLFSSL_ROOT "${WOLFSSL_ROOT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config complete!")
message(STATUS "************************************************************************************************")
endif()
# Ensure flag "-DWOLFSSL_ESPIDF" is already in CMAKE_C_FLAGS if not yet found from project
string(FIND "${CMAKE_C_FLAGS}" "-DWOLFSSL_ESPIDF" FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF)
if(FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF EQUAL -1)
# Flag not found, append it
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_ESPIDF")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
endif()
if(WOLFSSL_ROOT)
message(STATUS "Using wolfSSL in ${WOLFSSL_ROOT}")
# PlatformIO does not process script from from the Espressif cmake process.
# We need to know where wolfSSL source code was found, so save it in the
# PIO_WOLFSSL_ROOT environment variable to later be read by extra_script.py
set(ENV{PIO_WOLFSSL_ROOT} "${WOLFSSL_ROOT}")
message(STATUS "PIO_WOLFSSL_ROOT = $ENV{PIO_WOLFSSL_ROOT}")
message(STATUS "PLATFORMIO_BUILD_DIR = $ENV{PLATFORMIO_BUILD_DIR}")
# See esp-tls Kconfig; menu "ESP-TLS", ESP_TLS_LIBRARY_CHOOSE
if(CONFIG_ESP_TLS_USING_WOLFSSL)
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
message(STATUS "This version of wolfSSL is not supported on the ESP8266 esp-tls at this time. Check ESP-TLS config")
else()
message(STATUS "wolfSSL will be used for ESP-TLS")
endif()
else()
message(STATUS "WARNING: wolfSSL NOT selected for ESP-TLS. Features and performance will be limited.")
endif()
else()
message(STATUS "")
message(STATUS "Consider setting WOLFSSL_ROOT environment variable, use Kconfig setting, or set manually in this cmake file, above.")
message(STATUS "")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "ERROR: Could not find wolfSSL Source Code")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
endif()
message(STATUS "************************************************************************************************")
message(STATUS "wolfSSL component config complete!")
message(STATUS "************************************************************************************************")

523
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/Kconfig
View File

@@ -1,523 +0,0 @@
# Kconfig template
#
# Copyright (C) 2006-2024 wolfSSL Inc. All rights reserved.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
# Kconfig File Version 5.7.2.001 for esp-idf integration
# Kconfig Format Rules
#
# See:
# https://docs.espressif.com/projects/esp-idf/en/stable/esp32/api-reference/kconfig.html
#
# Format rules for Kconfig files are as follows:
#
# Option names in any menus should have consistent prefixes. The prefix
# currently should have at least 3 characters.
#
# The unit of indentation should be 4 spaces. All sub-items belonging to a
# parent item are indented by one level deeper. For example, menu is indented
# by 0 spaces, config menu by 4 spaces, help in config by 8 spaces, and the
# text under help by 12 spaces.
#
# No trailing spaces are allowed at the end of the lines.
#
# The maximum length of options is NOT 50 characters as documented.
# kconfcheck will complain that options should be 40 at most.
#
# Fix option lengths first. Superfluous errors on other lines may occur.
#
# The maximum length of lines is 120 characters.
#
# python -m kconfcheck <path_to_kconfig_file>
#
# ---------------------------------------------------------------------------------------------------------------------
# Begin main wolfSSL configuration menu
# ---------------------------------------------------------------------------------------------------------------------
# See ESP-IDF esp-tls component for config TLS_STACK_WOLFSSL
menu "wolfSSL"
menu "Hardening"
config ESP_WOLFSSL_WC_NO_HARDEN
bool "Disable wolfSSL hardening"
default n
help
Sets WC_NO_HARDEN
config ESP_WOLFSSL_TFM_TIMING_RESISTANT
bool "Enable TFM Timing Resistant Code"
default n
help
Sets TFM_TIMING_RESISTANT.
endmenu # Hardening
config ESP_WOLFSSL_ENABLE_BENCHMARK
bool "Enable wolfSSL Benchmark Library"
default n
help
Enables wolfcrypt/benchmark/benchmark.c code for benchmark metrics. Disables NO_CRYPT_BENCHMARK.
menu "Benchmark Debug"
config ESP_DEBUG_WOLFSSL_BENCHMARK_TIMING
bool "Enable benchmark timing debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Enable wolfssl debug for benchmark metric timing (CPU Cycles, RTOS ticks, etc).
config ESP_WOLFSSL_BENCHMARK_TIMER_DEBUG
bool "Enable benchmark timer debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Turn on timer debugging (used when CPU cycles not available)
endmenu # Benchmark Debug
# -----------------------------------------------------------------------------------------------------------------
# wolfCrypt Test
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ENABLE_TEST
bool "Enable wolfCrypt Test Library"
default n
help
Enables wolfcrypt/test/test.c code for testing. Disables NO_CRYPT_TEST.
menu "wolfCrypt tests"
config WOLFSSL_HAVE_WOLFCRYPT_TEST_OPTIONS
bool "Enable wolfCrypt Test Options"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables HAVE_WOLFCRYPT_TEST_OPTIONS
config TEST_ESPIDF_ALL_WOLFSSL
bool "Enable all features to use in tests"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables TEST_ESPIDF_ALL_WOLFSSL
endmenu # wolfCrypt tests
# -----------------------------------------------------------------------------------------------------------------
# Apple HomeKit Options
# -----------------------------------------------------------------------------------------------------------------
menu "Apple HomeKit"
config WOLFSSL_APPLE_HOMEKIT
bool "Enable Apple HomeKit options"
default n
help
Enables FP_MAX_BITS (8192 * 2), SRP, ChaCha, Poly1305, Base64 encoding needed for Apple HomeKit.
endmenu # Apple HomeKit
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_DISABLE_MY_ECC
bool "Disable ECC in my project"
default "n"
help
ECC is enabled by default. Select this option to disable.
config ESP_WOLFSSL_ENABLE_MY_USE_RSA
bool "Enable RSA in my project"
default "n"
help
RSA is disabled by default. Select this option to enable.
config ESP_WOLFSSL_BENCHMARK
bool "Enable wolfSSL Benchmark"
default n
help
Enables user settings relevant to benchmark code
config ESP_TLS_USING_WOLFSSL_SPECIFIED
bool "Use the specified wolfssl for ESP-TLS"
default Y
help
Includes wolfSSL from specified directory (not using esp-wolfssl).
config ESP_WOLFSSL_NO_USE_FAST_MATH
bool "Disable FAST_MATH library and all ESP32 Hardware Acceleration"
select ESP_WOLFSSL_NO_HW
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
menu "Protocol Config"
config WOLFSSL_HAVE_ALPN
bool "Enable ALPN (Application Layer Protocol Negotiation) in wolfSSL"
default y
config WOLFSSL_ALLOW_TLS13
bool "Allow TLS 1.3"
default y
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_ALLOW_TLS12
bool "Allow TLS 1.2"
default n
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_HAVE_TLS_EXTENSIONS
bool "Enable TLS Extensions"
default y
help
Sets HAVE_TLS_EXTENSIONS which is needed for TLS 1.3, SNI, ALPN, and more.
config WOLFSSL_ALT_CERT_CHAINS
bool "Enable Alternate Certificate Chains"
default n
help
The option relaxes the default strict wolfSSL certificate chain processing. This
will typically need to be enabled when loading only a CA file. Typically solves
the -188 ASN_NO_SIGNER_E error. Use with caution.
config WOLFSSL_HAVE_OCSP
bool "Enable OCSP (Online Certificate Status Protocol) in wolfSSL"
default n
help
Sets HAVE_OCSP
endmenu # Protocol Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config TLS_STACK_WOLFSSL
# Invisible option that locks TLS_STACK_WOLFSSL to ESP_TLS_USING_WOLFSSL
bool
default n
select FREERTOS_ENABLE_BACKWARD_COMPATIBILITY
help
Includes wolfSSL in ESP-TLS so that it can be compiled with wolfSSL as its SSL/TLS library.
Enabled when wolfSSL is selected in ESP_TLS_LIBRARY_CHOOSE.
menu "wolfSSL ESP-TLS"
depends on ESP_TLS_USING_WOLFSSL
menu "Certificate Bundle"
depends on ESP_TLS_USING_WOLFSSL
config WOLFSSL_CERTIFICATE_BUNDLE
bool "Enable trusted root certificate bundle"
default y if ESP_TLS_USING_WOLFSSL
default n
depends on ESP_TLS_USING_WOLFSSL
help
Enable support for large number of default root certificates
When enabled this option allows user to store default as well
as customer specific root certificates in compressed format rather
than storing full certificate. For the root certificates the public key and the subject name
will be stored.
config WOLFSSL_NO_ASN_STRICT
bool "Relax Certificate ASN Strict Checks"
default n
depends on ESP_TLS_USING_WOLFSSL
help
Allows sub-optimal certificate ASN checks. Unless using a bundle with known issues,
it is recommended to NOT enable this.
config WOLFSSL_ASN_ALLOW_0_SERIAL
bool "Allow cert missing an ASN Serial Number"
default y
depends on ESP_TLS_USING_WOLFSSL
help
Although not recommended, there may be certificates in the bundle that are missing
a serial number. This option allows the missing value without having to fully
disable strict ASN checking with WOLFSSL_NO_ASN_STRICT.
choice WOLFSSL_DEFAULT_CERTIFICATE_BUNDLE
bool "Default certificate bundle options"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
bool "Use the full default certificate bundle"
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN
bool "Use only the most common certificates from the default bundles"
help
Use only the most common certificates from the default bundles, reducing the size with 50%,
while still having around 99% coverage.
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
bool "Do not use the default certificate bundle"
endchoice
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default n
bool "Add custom certificates to the default bundle"
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH
depends on WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
string "Custom certificate bundle path"
help
Name of the custom certificate directory or file. This path is evaluated
relative to the project root directory.
config WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST
bool "Add deprecated root certificates"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL && !WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
help
Include the deprecated list of root certificates in the bundle.
This list gets updated when a certificate is removed from the Mozilla's
NSS root certificate store. This config can be enabled if you would like
to ensure that none of the certificates that were deployed in the product
are affected because of the update to bundle. In turn, enabling this
config keeps expired, retracted certificates in the bundle and it may
pose a security risk.
- Deprecated cert list may grow based based on sync with upstream bundle
- Deprecated certs would be be removed in ESP-IDF (next) major release
config WOLFSSL_CERTIFICATE_BUNDLE_MAX_CERTS
int "Maximum no of certificates allowed in certificate bundle"
default 200
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
endmenu
endmenu # wolfSSL ESP-TLS
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
bool "Modify default hardware acceleration settings"
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
Typically used for debugging, analysis, or optimizations. The default
hardware acceleration features can be each manually adjusted.
menu "wolfSSL Hardware Acceleration"
config ESP_WOLFSSL_NO_ESP32_CRYPT
bool "Disable all ESP32 Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_ESP32_CRYPT.
Consider disabling FASTMATH (other libraries are faster in software and smaller)
config ESP_WOLFSSL_NO_HW_AES
bool "Disable all ESP32 AES Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.When selected defines: NO_HW_AES
config ESP_WOLFSSL_NO_HW_HASH
bool "Disable all ESP32 SHA Hash Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_HASH
config ESP_WOLFSSL_NO_HW_RSA_PRI
bool "Disable all ESP32 RSA Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI
config ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
bool "Disable all ESP32 Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MP_MUL
config ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
bool "Disable all ESP32 Modular Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MULMOD
config ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
bool "Disable all ESP32 RSA Exponential Math Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.
Select this option to force disable: NO_HW_RSA_PRI_EXPTMOD
config ESP_WOLFSSL_DEBUG_ESP_HW_MULTI_RSAMAX_BITS
bool "Enable debugging of RSA Multiplication operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
multiplication operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
config ESP_WOLFSSL_DEBUG_ESP_HW_MOD_RSAMAX_BITS
bool "Enable debugging of RSA Modular operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
modular math operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
endmenu # wolfSSL Hardware Acceleration
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Experimental Options"
config ESP_WOLFSSL_EXPERIMENTAL_SETTINGS
bool "Enable wolfSSL Experimental Settings"
default n
help
Enables experimental settings for wolfSSL. See documentation.
config ESP_WOLFSSL_ENABLE_KYBER
bool "Enable wolfSSL Kyber"
default n
help
Enable debugging messages for wolfSSL. See user_settings.h for additional debug options.
endmenu # wolfSSL Experimental Options
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Debug Options"
config ESP_WOLFSSL_DEBUG_WOLFSSL
bool "Enable wolfSSL Debugging"
default n
help
Enable debugging messages for wolfSSL. See user_settings.h for additional debug options.
config ESP_WOLFSSL_TEST_LOOP
bool "Run test apps in a loop until failure"
default y
help
Enable a loop wrapper for benchmark, http_client, and wolfssl test apps.
endmenu # wolfSSL Debug Options
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Customization"
config CUSTOM_SETTING_WOLFSSL_ROOT
string "Enter a path for wolfSSL source code"
default "~/workspace/wolfssl"
help
This option lets you specify a directory for the wolfSSL source code (typically a git clone).
Enter the path using forward slashes (e.g., C:/myfolder/mysubfolder) or double backslashes
(e.g., C:\\myfolder\\mysubfolder).
endmenu # wolfSSL Customization
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Component Config"
config IGNORE_ESP_IDF_WOLFSSL_COMPONENT
bool "Ignore the ESP-IDF component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the esp-idf/components directory. Requires wolfssl as a local component.
config IGNORE_LOCAL_WOLFSSL_COMPONENT
bool "Ignore the local component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the local project components directory.
Requires wolfssl as a ESP-IDF component.
endmenu # Component Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Utility Config"
config USE_WOLFSSL_ESP_SDK_TIME
bool "Enable wolfSSL time helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
config USE_WOLFSSL_ESP_SDK_WIFI
bool "Enable wolfSSL WiFi helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
endmenu # Utility Config
endmenu # wolfSSL
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfSSH"
config ESP_ENABLE_WOLFSSH
bool "Enable wolfSSH options"
default n
help
Enables WOLFSSH_TERM, WOLFSSL_KEY_GEN, WOLFSSL_PTHREADS, WOLFSSH_TEST_SERVER, WOLFSSH_TEST_THREADING
config ESP_WOLFSSL_DEBUG_WOLFSSH
bool "Enable wolfSSH debugging"
default n
help
Enable wolfSSH debugging macro. See user_settings.h
endmenu # wolfSSH
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfMQTT"
config ESP_ENABLE_WOLFMQTT
bool "Enable wolfMQTT options"
default n
help
Enables WOLFMQTT
config ESP_WOLFSSL_DEBUG_WOLFMQTT
bool "Enable wolfMQTT debugging"
default n
help
Enable wolfMQTT debugging macro. See user_settings.h
endmenu # wolfMQTT
# ---------------------------------------------------------------------------------------------------------------------

162
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/README.md
View File

@@ -1,162 +0,0 @@
# wolfSSL Espressif Component
This is the directory for wolfSSL as an Espressif ESP-IDF component.
Other options are available, such as installing wolfSSL as a local _project_ component using the [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/).
Enabling this wolfSSL ESP-IDF component allows other ESP-IDF libraries such as those that depend on [ESP-TLS](https://github.com/espressif/esp-idf/tree/master/components/esp-tls)
to also use the wolfSSL library. (See [github.com/wolfSSL/wolfssl](https://github.com/wolfSSL/wolfssl))
The wolfSSL source code is not included here. Instead, the `idf.py menuconfig` option can be used to configure the
`sdkconfig` file setting: `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` to point to the desired wolfSSL code.
## Directory Contents
This directory must contain, at a minimum:
- `CMakeLists.txt`
- `./include/user_settings.h`
The directory should also contain:
- `Kconfig`
- `component.mk`
The directory may contain wolfSSL source, for example with a [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/),
or if the `setup.sh` script was used from [wolfSSL/IDE/Espressif/ESP-IDF](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF).
Under normal circumstances when the wolfSSL source is not included here, the `CMakeLists.txt` will search for it in this order:
- A hard-coded `WOLFSSL_ROOT` cmake variable.
- `WOLFSSL_ROOT` Environment Variable
- The `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` value in the `sdkconfig` file, from the `Kconfig` option.
- Any parent directories, up to the root (if this directory is in the ESP-IDF components)
- Any parent directories, up to the root (if this directory is a project component)
While recursing up the directory tree, the following names of wolfSSL directories will be considered:
- `wolfssl-[current user name]`
- `wolfssl-master`
- `wolfssl`
## Getting Started
See the `Espressif Getting Started Guide`.
```
# Set environment variable to ESP-IDF location
# For example, VisualGDB in WSL
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-master/esp-idf/v5.3-master
# Or wherever the ESP-IDF is installed:
WRK_IDF_PATH=~/esp/esp-idf
echo "Run export.sh from ${WRK_IDF_PATH}"
. ${WRK_IDF_PATH}/export.sh
cd [your project]
idf.py menuconfig
```
Enable wolfSSL to be used in the ESP-TLS:
```
Component config --->
ESP-TLS --->
Choose SSL/TLS library for ESP-TLS (See help for more Info)
(X) wolfSSL (License info in wolfSSL directory README)
```
Adjust wolfSSL settings, such as path to source code as needed:
```
Component config --->
wolfSSL --->
[*] Include wolfSSL in ESP-TLS
[*] Use the specified wolfssl for ESP-TLS
(~/workspace/wolfssl) Enter a path for wolfSSL source code
```
## Configuration
All settings for wolfSSL are adjusted in the [include/user_settings.h](./include/user_settings.h) file.
The `user_settings.h` file should not be included directly. Instead, `#include <wolfssl/wolfcrypt/settings.h>`
before any other wolfSSL headers, like this:
```c
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
/* wolfSSL */
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#if defined(WOLFSSL_USER_SETTINGS)
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF)
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
#error "Problem with wolfSSL user_settings. " \
"Check components/wolfssl/include " \
"and confirm WOLFSSL_USER_SETTINGS is defined, " \
"typically in the component CMakeLists.txt"
#endif
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
```
## Examples
See the wolfSSL examples:
- [wolfSSL Core Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
- [wolfSSL Additional Examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
- [wolfSSH Core Examples](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif/ESP-IDF/examples)
- [wolfSSH Additional Examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
- [wolfMQTT Examples](https://github.com/wolfSSL/wolfMQTT/tree/master/IDE/Espressif/ESP-IDF/examples)
## Platforms
The ESP-IDF wolfSSL is also available for PlatformIO:
- [Release wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl)
- [Staging / Preview wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl-staging)
The wolfSSL library can also be used for Espressif with Arduino:
- [arduino.cc/reference/en/libraries/wolfssl](https://www.arduino.cc/reference/en/libraries/wolfssl/)
- [github.com/wolfSSL/Arduino-wolfSSL](https://github.com/wolfSSL/Arduino-wolfSSL)
## Additional Information
- [wolfSSL Documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html) and [docs/espressif](https://www.wolfssl.com/docs/espressif/)
- [wolfSSL FAQ](https://www.wolfssl.com/docs/frequently-asked-questions-faq/)
- [wolfSSL Products](https://www.wolfssl.com/products/)
- [www.wolfssl.com/espressif](https://www.wolfssl.com/espressif/)
- [More...](https://www.wolfssl.com/?s=espressif)
## Contact
Have a specific request or questions? We'd love to hear from you! Please contact us at support@wolfssl.com or open an issue on GitHub.
## Licensing and Support
wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use under the GPLv2 (or at your option any later version) or a standard commercial license. For our users who cannot use wolfSSL under GPLv2 (or any later version), a commercial license to wolfSSL and wolfCrypt is available.
See the LICENSE.txt, visit wolfssl.com/license, contact us at licensing@wolfssl.com or call +1 425 245 8247
View Commercial Support Options: [wolfssl.com/products/support-and-maintenance](wolfssl.com/products/support-and-maintenance)

296
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/component.mk
View File

@@ -1,296 +0,0 @@
#
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
$(info *********** wolfssl component ************)
#
# Component Makefile
#
#
# The Espressif Managed Components are only for newer versions of the ESP-IDF
# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
# https://components.espressif.com/
#
# Usage:
#
# make flash
#
# make flash ESPPORT=/dev/ttyS55
#
# make flash ESPBAUD=9600
#
# make monitor ESPPORT=COM1
#
# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
#
# export ESPPORT=/dev/ttyS55
#
# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
#
# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# Note that 4 source files created by autogen are excluded here.
#
# See these files commented out, below. Adjust as needed for your application:
#
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o
# NOTICE: the WOLFSSL_ROOT setting MUST be relative!
# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables
# In the wolfSSL GitHub examples for Espressif:
# https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples
# When this wolfssl component.mk makefile is in [project]/components/wolfssl
# The root is 7 directories up from here (the location of of this component.mk):
WOLFSSL_ROOT := ../../../../../../..
# To set the location of a different location, it is best to use relative paths.
#
# Set WOLFSSL_ROOT to a relative path from the current component directory.
# For example, if the wolfssl_client is copied from the examples to test:
#
# cp -r /IDE/Espressif/ESP-IDF/examples/wolfssl_client/* /mnt/c/test/demo
#
# we run make in /mnt/c/test/demo
# component is in /mnt/c/test/demo/components/wolfssl
# wolfssl is in /mnt/c/workspace/wolfssl-master
#
# "/mnt/c" is 4 directories up:
# 2 for `./test/demo` from where we run `make`, plus
# 2 more from the location of `component.mk` located
# in `[current directory]/components/wolfssl`.
#
# Thus we need 4 parent reference to find the relative path to wolfSSL:
# WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
# Optional CFLAGS (make works without these; for reference only)
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
abs_WOLFSSL_ROOT := $(shell realpath $(WOLFSSL_ROOT))
# print-wolfssl-path-value:
# @echo "WOLFSSL_ROOT defined: $(WOLFSSL_ROOT)"
# @echo "WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT)"
$(info WOLFSSL_ROOT defined: $(WOLFSSL_ROOT))
$(info WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT))
# NOTE: The wolfSSL include directory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# wolfSSL
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src
# wolfcrypt
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
# Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)/wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/aes_gcm_x86_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/src/bio.o
##
## wolfSSL
##
COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o
# COMPONENT_OBJS += src/conf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o
# COMPONENT_OBJS += src/pk.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o
# COMPONENT_OBJS += src/x509.o
# COMPONENT_OBJS += src/x509_str.o
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
##
## wolfcrypt test (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
##
## wolfcrypt
##
## COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
$(info ********** end wolfssl component **********)

552
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
View File

@@ -1,4 +1,4 @@
/* wolfssl-component include/user_settings.h
/* user_settings.h
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
@@ -18,52 +18,19 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#define WOLFSSL_ESPIDF_COMPONENT_VERSION 0x01
/* The Espressif project config file. See also sdkconfig.defaults */
#include "sdkconfig.h"
/* This user_settings.h is for Espressif ESP-IDF
*
* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.7.0-1
*
* Do not include any wolfssl headers here.
* Do not include any wolfssl headers here
*
* When editing this file:
* ensure all examples match. The template example is the reference.
* ensure wolfssl_test and wolfssl_benchmark settings match.
*/
/* Naming convention: (see also esp32-crypt.h for the reference source).
*
* CONFIG_
* This prefix indicates the setting came from the sdkconfig / Kconfig.
*
* May or may not be related to wolfSSL.
*
* The name after this prefix must exactly match that in the Kconfig file.
*
* WOLFSSL_
* Typical of many, but not all wolfSSL macro names.
*
* Applies to all wolfSSL products such as wolfSSH, wolfMQTT, etc.
*
* May or may not have a corresponding sdkconfig / Kconfig control.
*
* ESP_WOLFSSL_
* These are NOT valid wolfSSL macro names. These are names only used in
* the ESP-IDF Kconfig files. When parsed, they will have a "CONFIG_"
* suffix added. See next section.
*
* CONFIG_ESP_WOLFSSL_
* This is a wolfSSL-specific macro that has been defined in the ESP-IDF
* via the sdkconfig / menuconfig. Any text after this prefix should
* exactly match an existing wolfSSL macro name.
*
* Applies to all wolfSSL products such as wolfSSH, wolfMQTT, etc.
*
* These macros may also be specific to only the project or environment,
* and possibly not used anywhere else in the wolfSSL libraries.
*/
/* The Espressif project config file. See also sdkconfig.defaults */
#include "sdkconfig.h"
/* The Espressif sdkconfig will have chipset info.
**
@@ -79,250 +46,33 @@
#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/* Test various user_settings between applications by selecting example apps
* in `idf.py menuconfig` for Example wolfSSL Configuration settings: */
/* Turn on messages that are useful to see only in examples. */
#define WOLFSSL_EXAMPLE_VERBOSITY
/* Paths can be long, ensure the entire value printed during debug */
#define WOLFSSL_MAX_ERROR_SZ 500
/* wolfSSL Examples: set macros used in example applications.
*
* These Settings NOT available in ESP-IDF (e.g. esp-tls)
*
* Any settings needed by ESP-IDF components should be explicitly set,
* and not by these example-specific settings via CONFIG_WOLFSSL_EXAMPLE_n
*
* ESP-IDF settings should be Kconfig "CONFIG_[name]" values when possible. */
#if defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE)
/* See https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/template */
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
/* #define USE_WOLFSSL_ESP_SDK_WIFI */
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TEST)
/* See https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_test */
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
/* #define USE_WOLFSSL_ESP_SDK_WIFI */
#define TEST_ESPIDF_ALL_WOLFSSL
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_BENCHMARK)
/* See https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark */
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
/* #define USE_WOLFSSL_ESP_SDK_WIFI */
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT)
/* See https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_client */
#define USE_WOLFSSL_ESP_SDK_WIFI
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER)
/* See https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_server */
#define USE_WOLFSSL_ESP_SDK_WIFI
/* wolfSSH Examples */
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE)
/* See https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif/ESP-IDF/examples/wolfssh_template */
#define USE_WOLFSSL_ESP_SDK_WIFI
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER)
/* See https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif/ESP-IDF/examples/wolfssh_echoserver */
#define USE_WOLFSSL_ESP_SDK_WIFI
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_ESP32_SSH_SERVER)
/* See https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif/ESP32/ESP32-SSH-Server */
#define USE_WOLFSSL_ESP_SDK_WIFI
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_ESP8266_SSH_SERVER)
/* See https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif/ESP8266/ESP8266-SSH-Server */
#define USE_WOLFSSL_ESP_SDK_WIFI
/* wolfMQTT Examples */
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE)
/* See https://github.com/wolfSSL/wolfMQTT/tree/master/IDE/Espressif/ESP-IDF/examples/wolfmqtt_template */
#define USE_WOLFSSL_ESP_SDK_WIFI
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_AWS_IOT_MQTT)
/* See https://github.com/wolfSSL/wolfMQTT/tree/master/IDE/Espressif/ESP-IDF/examples/AWS_IoT_MQTT */
#define USE_WOLFSSL_ESP_SDK_WIFI
/* wolfTPM Examples */
#elif defined(CONFIG_WOLFTPM_EXAMPLE_NAME_ESPRESSIF)
/* See https://github.com/wolfSSL/wolfTPM/tree/master/IDE/Espressif */
#define USE_WOLFSSL_ESP_SDK_WIFI
/* Apple HomeKit Examples */
#elif defined(CONFIG_WOLFSSL_APPLE_HOMEKIT)
/* See https://github.com/AchimPieters/esp32-homekit-demo */
/* no example selected */
#elif defined(CONFIG_WOLFSSL_EXAMPLE_NAME_NONE)
/* We'll assume the app needs to use wolfSSL sdk lib function */
#define USE_WOLFSSL_ESP_SDK_WIFI
/* Other applications detected by cmake */
#elif defined(APP_ESP_HTTP_CLIENT_EXAMPLE)
/* The wolfSSL Version of the client example */
#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32C2)
/* Less memory available, so smaller key sizes: */
#define FP_MAX_BITS (4096 * 2)
#else
#define FP_MAX_BITS (8192 * 2)
#endif
#define HAVE_ALPN
#define HAVE_SNI
#define OPENSSL_EXTRA_X509_SMALL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define OPENSSL_EXTRA
#ifndef WOLFSSL_ALWAYS_VERIFY_CB
#define WOLFSSL_ALWAYS_VERIFY_CB
#endif
#ifndef WOLFSSL_VERIFY_CB_ALL_CERTS
#define WOLFSSL_VERIFY_CB_ALL_CERTS
#endif
#ifndef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
#elif defined(APP_ESP_HTTP_CLIENT)
/* The ESP-IDF Version */
#define FP_MAX_BITS (8192 * 2)
#define HAVE_ALPN
#define HAVE_SNI
#define OPENSSL_EXTRA_X509_SMALL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define OPENSSL_EXTRA
#ifndef WOLFSSL_ALWAYS_VERIFY_CB
#define WOLFSSL_ALWAYS_VERIFY_CB
#endif
#ifndef WOLFSSL_VERIFY_CB_ALL_CERTS
#define WOLFSSL_VERIFY_CB_ALL_CERTS
#endif
#ifndef KEEP_PEER_CERT
#define KEEP_PEER_CERT
#endif
#else
#ifdef WOLFSSL_ESPIDF
/* #warning "App config undetected" */
#endif
/* the code is older or does not have application name defined. */
#endif /* Example wolfSSL Configuration app settings */
/* We don't use WiFi, so don't compile in the esp-sdk-lib WiFi helpers: */
#define NO_ESP_SDK_WIFI
/* Experimental Kyber */
#ifdef CONFIG_WOLFSSL_ENABLE_KYBER
#if 0
/* Kyber typically needs a minimum 10K stack */
#define WOLFSSL_EXPERIMENTAL_SETTINGS
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_WC_KYBER
#define WOLFSSL_SHA3
#if defined(CONFIG_IDF_TARGET_ESP8266)
/* With limited RAM, we'll disable some of the Kyber sizes: */
#define WOLFSSL_NO_KYBER1024
#define WOLFSSL_NO_KYBER768
#define NO_SESSION_CACHE
#endif
#endif
/* Pick a cert buffer size: */
/* #define USE_CERT_BUFFERS_2048 */
/* #define USE_CERT_BUFFERS_1024 */
#define USE_CERT_BUFFERS_2048
/* The Espressif sdkconfig will have chipset info.
**
** Some possible values:
**
** CONFIG_IDF_TARGET_ESP32
** CONFIG_IDF_TARGET_ESP32S2
** CONFIG_IDF_TARGET_ESP32S3
** CONFIG_IDF_TARGET_ESP32C3
** CONFIG_IDF_TARGET_ESP32C6
*/
/* Optionally enable Apple HomeKit from compiler directive or Kconfig setting */
#if defined(WOLFSSL_APPLE_HOMEKIT) || defined(CONFIG_WOLFSSL_APPLE_HOMEKIT)
/* SRP is known to need 8K; slow on some devices */
#define FP_MAX_BITS (8192 * 2)
#define WOLFCRYPT_HAVE_SRP
#define HAVE_CHACHA
#define HAVE_POLY1305
#define WOLFSSL_BASE64_ENCODE
#endif /* Apple HomeKit settings */
/* Used by ESP-IDF components: */
#if defined(CONFIG_ESP_TLS_USING_WOLFSSL)
/* The ESP-TLS */
#ifndef FP_MAX_BITS
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684) || \
defined(CONFIG_IDF_TARGET_ESP8266)
/* Optionally set smaller size here */
#define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS
#else
#define FP_MAX_BITS (4096 * 2)
#endif
#endif
#define HAVE_ALPN
#ifndef CONFIG_IDF_TARGET_ESP8266
/* Unless installed in the ESP8266 RTOS SDK locally, the wolfSSL
* API for SNI will not be seen in the components/esp-tls layer.
* Only enable SNI for non-ESP8266 targets by default: */
#define HAVE_SNI
#endif
#define OPENSSL_EXTRA_X509_SMALL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#endif
/* Optionally enable some wolfSSH settings */
#if defined(ESP_ENABLE_WOLFSSH) || defined(CONFIG_ESP_ENABLE_WOLFSSH)
/* The default SSH Windows size is massive for an embedded target.
* Limit it: */
#define DEFAULT_WINDOW_SZ 2000
/* These may be defined in cmake for other examples: */
#undef WOLFSSH_TERM
#define WOLFSSH_TERM
/* optional debug */
/* #undef DEBUG_WOLFSSH */
/* #define DEBUG_WOLFSSH */
#undef WOLFSSL_KEY_GEN
#define WOLFSSL_KEY_GEN
#undef WOLFSSL_PTHREADS
#define WOLFSSL_PTHREADS
#define WOLFSSH_TEST_SERVER
#define WOLFSSH_TEST_THREADING
#endif /* ESP_ENABLE_WOLFSSH */
/* Not yet using WiFi lib, so don't compile in the esp-sdk-lib WiFi helpers: */
/* #define USE_WOLFSSL_ESP_SDK_WIFI */
/*
* ONE of these Espressif chip families will be detected from sdkconfig:
*
* WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*
* following ifdef detection only for syntax highlighting:
*/
#ifdef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESPWROOM32SE
#endif
#ifdef WOLFSSL_ESP8266
#undef WOLFSSL_ESP8266
#endif
#ifdef WOLFSSL_ESP32
#undef WOLFSSL_ESP32
#endif
#undef WOLFSSL_ESPWROOM32SE
#undef WOLFSSL_ESP8266
#undef WOLFSSL_ESP32
/* See below for chipset detection from sdkconfig.h */
/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
#define SINGLE_THREADED
/* #define SINGLE_THREADED */
/* Small session cache saves a lot of RAM for ClientCache and SessionCache.
/* SMALL_SESSION_CACHE saves a lot of RAM for ClientCache and SessionCache.
* Memory requirement is about 5KB, otherwise 20K is needed when not specified.
* If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
* When really desperate or no TLS used, try NO_SESSION_CACHE. */
@@ -342,6 +92,9 @@
/* RSA_LOW_MEM: Half as much memory but twice as slow. */
#define RSA_LOW_MEM
/* optionally turn off SHA512/224 SHA512/256 */
/* #define WOLFSSL_NOSHA512_224 */
/* #define WOLFSSL_NOSHA512_256 */
@@ -356,40 +109,14 @@
#define BENCH_EMBEDDED
/* TLS 1.3 */
#ifdef CONFIG_WOLFSSL_ALLOW_TLS13
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_HKDF
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
/* May be required */
#ifndef HAVE_AEAD
#endif
/* Required for ECC */
#define HAVE_SUPPORTED_CURVES
/* Required for RSA */
#define WC_RSA_PSS
/* TLS 1.3 normally requires HAVE_FFDHE */
#if defined(HAVE_FFDHE_2048) || \
defined(HAVE_FFDHE_3072) || \
defined(HAVE_FFDHE_4096) || \
defined(HAVE_FFDHE_6144) || \
defined(HAVE_FFDHE_8192)
#else
#define HAVE_FFDHE_2048
/* #error "TLS 1.3 requires HAVE_FFDHE_[nnnn]" */
#endif
#endif
#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
defined(CONFIG_IDF_TARGET_ESP8684)
/* Optionally set smaller size here */
#define HAVE_FFDHE_4096
#else
#define HAVE_FFDHE_4096
#endif
#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
#define NO_FILESYSTEM
@@ -406,64 +133,29 @@
/* when you want to use SHA384 */
#define WOLFSSL_SHA384
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
#define WOLFSSL_SHA3
/* ED25519 requires SHA512 */
#define HAVE_ED25519
/* Some features not enabled for ESP8266: */
#if defined(CONFIG_IDF_TARGET_ESP8266) || \
defined(CONFIG_IDF_TARGET_ESP32C2)
/* Some known low-memory devices have features not enabled by default. */
/* TODO determine low memory configuration for ECC. */
#else
/* when you want to use SHA512 */
#define WOLFSSL_SHA512
/* when you want to use SHA3 */
/* #define WOLFSSL_SHA3 */
/* ED25519 requires SHA512 */
#define HAVE_ED25519
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#endif
#if defined(CONFIG_IDF_TARGET_ESP8266) || defined(CONFIG_IDF_TARGET_ESP32C2)
#define MY_USE_ECC 0
#define MY_USE_RSA 1
#else
#define MY_USE_ECC 1
#define MY_USE_RSA 0
#endif
#define HAVE_ED25519
/* We can use either or both ECC and RSA, but must use at least one. */
#if MY_USE_ECC || MY_USE_RSA
#if MY_USE_ECC
/* ---- ECDSA / ECC ---- */
#define HAVE_ECC
#define HAVE_CURVE25519
#define HAVE_ED25519
#define WOLFSSL_SHA512
/*
#define HAVE_ECC384
#define CURVE25519_SMALL
*/
#else
#define WOLFSSH_NO_ECC
/* WOLFSSH_NO_ECDSA is typically defined automatically,
* here for clarity: */
#define WOLFSSH_NO_ECDSA
#endif
#if MY_USE_RSA
/* ---- RSA ----- */
/* #define RSA_LOW_MEM */
/* DH disabled by default, needed if ECDSA/ECC also turned off */
#define HAVE_DH
#else
#define WOLFSSH_NO_RSA
#endif
#else
#error "Either RSA or ECC must be enabled"
#endif
/* Optional OpenSSL compatibility */
/* #define OPENSSL_EXTRA */
/* Optional OPENSSL compatibility */
#define OPENSSL_EXTRA
/* #Optional HAVE_PKCS7 */
/* #define HAVE_PKCS7 */
@@ -506,11 +198,8 @@
/* #define XTIME time */
/* Adjust wait-timeout count if you see timeout in RSA HW acceleration.
* Set to very large number and enable WOLFSSL_HW_METRICS to determine max. */
#ifndef ESP_RSA_TIMEOUT_CNT
#define ESP_RSA_TIMEOUT_CNT 0xFF0000
#endif
/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x349F00
/* hash limit for test.c */
#define HASH_SIZE_LIMIT
@@ -519,7 +208,7 @@
#define USE_FAST_MATH
/***** Use SP_MATH *****/
/* #undef USE_FAST_MATH */
/* #undef USE_FAST_MATH */
/* #define SP_MATH */
/* #define WOLFSSL_SP_MATH_ALL */
/* #define WOLFSSL_SP_RISCV32 */
@@ -528,14 +217,6 @@
/* #undef USE_FAST_MATH */
/* #define USE_INTEGER_HEAP_MATH */
/* Just syntax highlighting to check math libraries: */
#if defined(SP_MATH) || \
defined(USE_INTEGER_HEAP_MATH) || \
defined(USE_INTEGER_HEAP_MATH) || \
defined(USE_FAST_MATH) || \
defined(WOLFSSL_SP_MATH_ALL) || \
defined(WOLFSSL_SP_RISCV32)
#endif
#define WOLFSSL_SMALL_STACK
@@ -543,32 +224,18 @@
#define HAVE_VERSION_EXTENDED_INFO
/* #define HAVE_WC_INTROSPECTION */
#ifndef NO_SESSION_CACHE
#define HAVE_SESSION_TICKET
#endif
#define HAVE_SESSION_TICKET
/* #define HAVE_HASHDRBG */
#if 0
/* Example for additional cert functions */
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_CERT_EXT
#define WOLFSSL_SYS_CA_CERTS
#define WOLFSSL_CERT_TEXT
/* command-line options
--enable-keygen
--enable-certgen
--enable-certreq
--enable-certext
--enable-asn-template
*/
#endif
#define WOLFSSL_CERT_TEXT
#define WOLFSSL_ASN_TEMPLATE
@@ -588,62 +255,10 @@
--enable-asn-template
*/
/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm */
/*
#define WOLFSSL_SM2
#define WOLFSSL_SM3
#define WOLFSSL_SM4
*/
#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
/* SM settings, possible cipher suites:
TLS13-AES128-GCM-SHA256
TLS13-CHACHA20-POLY1305-SHA256
TLS13-SM4-GCM-SM3
TLS13-SM4-CCM-SM3
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-GCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-CCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CBC-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-GCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "ECDHE-ECDSA-SM4-CCM-SM3"
#define WOLFSSL_ESP32_CIPHER_SUITE "TLS13-SM4-GCM-SM3:" \
"TLS13-SM4-CCM-SM3:"
*/
#undef WOLFSSL_BASE16
#define WOLFSSL_BASE16 /* required for WOLFSSL_SM2 */
#undef WOLFSSL_SM4_ECB
#define WOLFSSL_SM4_ECB
#undef WOLFSSL_SM4_CBC
#define WOLFSSL_SM4_CBC
#undef WOLFSSL_SM4_CTR
#define WOLFSSL_SM4_CTR
#undef WOLFSSL_SM4_GCM
#define WOLFSSL_SM4_GCM
#undef WOLFSSL_SM4_CCM
#define WOLFSSL_SM4_CCM
#define HAVE_POLY1305
#define HAVE_CHACHA
#undef HAVE_AESGCM
#define HAVE_AESGCM
#else
/* default settings */
#define USE_CERT_BUFFERS_2048
#endif
/* Chipset detection from sdkconfig.h
* Default is HW enabled unless turned off.
* Uncomment lines to force SW instead of HW acceleration */
#if defined(CONFIG_IDF_TARGET_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
#if defined(CONFIG_IDF_TARGET_ESP32)
#define WOLFSSL_ESP32
/* Alternatively, if there's an ECC Secure Element present: */
/* #define WOLFSSL_ESPWROOM32SE */
@@ -765,16 +380,12 @@
#define WOLFSSL_ESP8266
/* There's no hardware encryption on the ESP8266 */
/* Consider using the ESP32-C2/C3/C6 */
/* Consider using the ESP32-C2/C3/C6
* See https://www.espressif.com/en/products/socs/esp32-c2 */
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
#define NO_WOLFSSL_ESP32_CRYPT_AES
#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
#ifndef FP_MAX_BITS
/* FP_MAX_BITS matters in wolfssl_test, not just TLS setting. */
/* MIN_FFDHE_FP_MAX_BITS = (MIN_FFDHE_BITS * 2); see settings.h */
#define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS
#endif
/***** END CONFIG_IDF_TARGET_ESP266 *****/
#elif defined(CONFIG_IDF_TARGET_ESP8684)
@@ -786,7 +397,7 @@
/***** END CONFIG_IDF_TARGET_ESP8684 *****/
#else
/* Anything else encountered, disable HW acceleration */
/* Anything else encountered, disable HW accleration */
#warning "Unexpected CONFIG_IDF_TARGET_NN value"
#define NO_ESP32_CRYPT
#define NO_WOLFSSL_ESP32_CRYPT_HASH
@@ -824,33 +435,18 @@
/* Debug options:
See wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h for details on debug options
optionally increase error message size for very long paths.
#define WOLFSSL_MAX_ERROR_SZ 500
Turn wolfSSL debugging on/off:
wolfSSL_Debugging_ON();
wolfSSL_Debugging_OFF();
#define ESP_VERIFY_MEMBLOCK
#define DEBUG_WOLFSSL
#define DEBUG_WOLFSSL_VERBOSE
#define DEBUG_WOLFSSL_SHA_MUTEX
#define WOLFSSL_DEBUG_IGNORE_ASN_TIME
#define WOLFSSL_DEBUG_CERT_BUNDLE
#define WOLFSSL_DEBUG_CERT_BUNDLE_NAME
#define WOLFSSL_ESP32_CRYPT_DEBUG
#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
#define NO_RECOVER_SOFTWARE_CALC
#define WOLFSSL_TEST_STRAY 1
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
#define WOLFSSL_ESP32_HW_LOCK_DEBUG
#define WOLFSSL_DEBUG_MUTEX
#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
#define WOLFSSL_DEBUG_ESP_HW_MOD_RSAMAX_BITS
#define WOLFSSL_DEBUG_ESP_HW_MULTI_RSAMAX_BITS
#define ESP_DISABLE_HW_TASK_LOCK
#define ESP_MONITOR_HW_TASK_LOCK
#define USE_ESP_DPORT_ACCESS_READ_BUFFER
See wolfcrypt/benchmark/benchmark.c for debug and other settings:
@@ -862,8 +458,7 @@ Turn on timer debugging (used when CPU cycles not available)
*/
/* Pause in a loop rather than exit. */
/* #define WOLFSSL_ESPIDF_ERROR_PAUSE */
/* #define WOLFSSL_ESP32_HW_LOCK_DEBUG */
#define WOLFSSL_ESPIDF_ERROR_PAUSE
#define WOLFSSL_HW_METRICS
@@ -912,12 +507,6 @@ Turn on timer debugging (used when CPU cycles not available)
* There are various certificate examples in this header file:
* https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
*
* To use the sample certificates in code (not recommended for production!):
*
* #if defined(USE_CERT_BUFFERS_2048) || defined(USE_CERT_BUFFERS_1024)
* #include <wolfssl/certs_test.h>
* #endif
*
* To use the sets of macros below, define *one* of these:
*
* USE_CERT_BUFFERS_1024 - ECC 1024 bit encoded ASN1
@@ -995,8 +584,7 @@ Turn on timer debugging (used when CPU cycles not available)
#define WOLFSSL_BASE16
#else
#if defined(USE_CERT_BUFFERS_2048)
#define USE_CERT_BUFFERS_256
/* Be sure to include in app when using example certs: */
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_2048
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
@@ -1017,8 +605,7 @@ Turn on timer debugging (used when CPU cycles not available)
#define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
#elif defined(USE_CERT_BUFFERS_1024)
#define USE_CERT_BUFFERS_256
/* Be sure to include in app when using example certs: */
/* Be sure to include in app when using example certs: */
/* #include <wolfssl/certs_test.h> */
#define CTX_CA_CERT ca_cert_der_1024
#define CTX_CA_CERT_SIZE sizeof_ca_cert_der_1024
@@ -1042,34 +629,3 @@ Turn on timer debugging (used when CPU cycles not available)
#error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
#endif
#endif /* Conditional key and cert constant names */
/******************************************************************************
** Sanity Checks
******************************************************************************/
#if defined(CONFIG_ESP_MAIN_TASK_STACK_SIZE)
#if defined(WOLFCRYPT_HAVE_SRP)
#if defined(FP_MAX_BITS)
#if FP_MAX_BITS < (8192 * 2)
#define ESP_SRP_MINIMUM_STACK_8K (24 * 1024)
#else
#define ESP_SRP_MINIMUM_STACK_8K (28 * 1024)
#endif
#else
#error "Please define FP_MAX_BITS when using WOLFCRYPT_HAVE_SRP."
#endif
#if (CONFIG_ESP_MAIN_TASK_STACK_SIZE < ESP_SRP_MINIMUM_STACK)
#warning "WOLFCRYPT_HAVE_SRP enabled with small stack size"
#endif
#endif
#else
#warning "CONFIG_ESP_MAIN_TASK_STACK_SIZE not defined!"
#endif
/* See settings.h for some of the possible hardening options:
*
* #define NO_ESPIDF_DEFAULT
* #define WC_NO_CACHE_RESISTANT
* #define WC_AES_BITSLICED
* #define HAVE_AES_ECB
* #define HAVE_AES_DIRECT
*/

2
IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
View File

@@ -1,5 +1,5 @@
# wolfSSL Espressif Example Project/main CMakeLists.txt
# v1.1
# v1.0
#
# wolfssl template
#

123
IDE/Espressif/ESP-IDF/examples/template/main/Kconfig.projbuild
View File

@@ -1,123 +0,0 @@
# Kconfig main
#
# Copyright (C) 2006-2024 wolfSSL Inc. All rights reserved.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
# Kconfig File Version 5.7.2.001 for wolfssl_template
menu "Example wolfSSL Configuration"
choice WOLFSSL_EXAMPLE_CHOOSE
prompt "Choose Example (See wolfssl/include/user_settings.h)"
default WOLFSSL_EXAMPLE_NAME_NONE
help
The user settings file can be adjusted to specific wolfSSL examples.
config WOLFSSL_EXAMPLE_NAME_TEMPLATE
bool "wolfSSL Template"
help
The sample template app compiles in wolfSSL and prints the current wolfSSL Version. Nothing more.
config WOLFSSL_EXAMPLE_NAME_TEST
bool "wolfSSL Test"
help
This app tests all cryptographic functions currently enabled. See also Benchmark performance app.
config WOLFSSL_EXAMPLE_NAME_BENCHMARK
bool "wolfSSL Benchmark"
help
Benchmark performance app. See also cryptographic test.
config WOLFSSL_EXAMPLE_NAME_TLS_CLIENT
bool "TLS Client"
help
TLS Client Example app. Needs WiFi and a listening server on port 11111.
config WOLFSSL_EXAMPLE_NAME_TLS_SERVER
bool "TLS Server"
help
TLS Server Example app. Needs WiFi. More interesting with a TLS client using port 11111.
config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
bool "SSH Template App"
help
Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
See wolfSSL/wolfssh on GitHub.
config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
bool "SSH Echo Server"
help
See wolfSSL/wolfssh on GitHub.
config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
bool "SSH Echo Server"
help
See wolfSSL/wolfssh on GitHub.
config WOLFSSL_EXAMPLE_NAME_ESP32_SSH_SERVER
bool "SSH to UART Server for the ESP32"
help
See wolfSSL/wolfssh-examples on GitHub.
config WOLFSSL_EXAMPLE_NAME_ESP8266_SSH_SERVER
bool "SSH to UART Server for the ESP8266"
help
See wolfSSL/wolfssh-examples on GitHub.
config WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE
bool "MQTT Template"
help
See wolfSSL/wolfmqtt on GitHub.
config WOLFSSL_EXAMPLE_NAME_WOLFMQTT_AWS_IOT_MQTT
bool "MQTT AWS IoT"
help
See wolfSSL/wolfmqtt on GitHub.
config WOLFTPM_EXAMPLE_NAME_ESPRESSIF
bool "TPM Test Example for the ESP32"
help
See wolfSSL/wolfTPM on GitHub.
config WOLFSSL_APPLE_HOMEKIT
bool "Apple HomeKit for the ESP32"
help
See AchimPieters/esp32-homekit-demo on GitHub.
config WOLFSSL_EXAMPLE_NAME_NONE
bool "Other"
help
A specific example app is not defined.
endchoice
config WOLFSSL_TARGET_HOST
string "Target host"
default "127.0.0.1"
help
host address for the example to connect
config WOLFSSL_TARGET_PORT
int "Target port"
default 11111
help
host port for the example to connect
endmenu

3
IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
View File

@@ -18,10 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef _MAIN_H_
#define _MAIN_H_
void app_main(void);
#endif

5
IDE/Espressif/ESP-IDF/examples/template/main/main.c
View File

@@ -50,11 +50,6 @@ void app_main(void)
#ifdef WOLFSSL_ESPIDF_VERBOSE_EXIT_MESSAGE
int ret = 0;
#endif
#if !defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE)
ESP_LOGW(TAG, "Warning: Example wolfSSL misconfigured? Check menuconfig.");
#endif
ESP_LOGI(TAG, "Hello wolfSSL!");
#ifdef HAVE_VERSION_EXTENDED_INFO

127
IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
View File

@@ -1,142 +1,25 @@
# Set the known example app config to template example (see user_settings.h)
CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE=y
# Some wolfSSL helpers
CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y
# FreeRTOS ticks at 1ms interval
CONFIG_FREERTOS_UNICORE=y
CONFIG_FREERTOS_HZ=1000
CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
#
# Default main stack size. See user_settings.h
# Default main stack size
#
# This is typically bigger than needed for stack size.
# Units are words, not bytes. See user_settings.h
# This is typically way bigger than needed for stack size. See user_settings.h
#
# For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
# When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
CONFIG_ESP_MAIN_TASK_STACK_SIZE=3584
CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
# Legacy stack size for older ESP-IDF versions
CONFIG_MAIN_TASK_STACK_SIZE=3584
#
# Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled
CONFIG_NEWLIB_NANO_FORMAT=n
#
# Watchdog Timers
#
# We don't want to have the watchdog timeout during tests & benchmarks
#
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n
CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n
# Panic & Watchdog
CONFIG_ESP_INT_WDT_TIMEOUT_MS=10000
CONFIG_ESP_TASK_WDT_EN=n
CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y
CONFIG_ESP_INT_WDT=n
# ESP8266 Watchdog:
CONFIG_TASK_WDT=n
CONFIG_TASK_WDT_PANIC=n
# ESP8266 WDT
# CONFIG_ESP_PANIC_PRINT_REBOOT is not set
CONFIG_ESP_PANIC_PRINT_REBOOT=n
CONFIG_ESP_PANIC_PRINT_HALT=y
# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
# ESP8266 Memory
CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
CONFIG_HEAP_DISABLE_IRAM=y
# Performance
# CONFIG_COMPILER_OPTIMIZATION_PERF=y
# Set max CPU frequency (falls back as needed for lower maximum)
CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
# Enable wolfSSL TLS in esp-tls
CONFIG_ESP_TLS_USING_WOLFSSL=y
CONFIG_TLS_STACK_WOLFSSL=y
# Bundles take up flash space and are disabled unless otherwise known to be needed
CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
# CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y
# CONFIG_ESP_WOLFSSL_SMALL_CERT_VERIFY=y
# CONFIG_ESP_TLS_INSECURE=y
# Disable mbedTLS
CONFIG_ESP_TLS_USING_MBEDTLS=n
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n
# Some wolfSSL helpers
CONFIG_USE_WOLFSSL_ESP_SDK_TIME=n
# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
# ESP8266 Memory
CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
CONFIG_HEAP_DISABLE_IRAM=y
# Performance
# CONFIG_COMPILER_OPTIMIZATION_PERF=y
# Ensure mbedTLS options are disabled
# CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n
# CONFIG_MBEDTLS_TLS_CLIENT_ONLY=n
# CONFIG_MBEDTLS_TLS_SERVER=n
# CONFIG_MBEDTLS_TLS_CLIENT=n
# CONFIG_MBEDTLS_HARDWARE_AES=n
# CONFIG_MBEDTLS_HARDWARE_MPI=n
# CONFIG_MBEDTLS_HARDWARE_SHA=n
# CONFIG_MBEDTLS_ROM_MD5=n
# CONFIG_MBEDTLS_SSL_RENEGOTIATION=n
# CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=n
# CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1=n
# CONFIG_MBEDTLS_SSL_ALPN=n
# CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=n
# CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n
# The same-name config is used for both WiFi and client/server TLS, so we cannot disable:
# CONFIG_MBEDTLS_TLS_ENABLED=n
# CONFIG_MBEDTLS_TLS_DISABLED=y
CONFIG_MAIN_TASK_STACK_SIZE=10500
#
# Compiler options
#
CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
# CONFIG_COMPILER_OPTIMIZATION_SIZE is not set
# CONFIG_COMPILER_OPTIMIZATION_PERF is not set
# CONFIG_COMPILER_OPTIMIZATION_NONE is not set
CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT is not set
# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_DISABLE is not set
CONFIG_COMPILER_FLOAT_LIB_FROM_GCCLIB=y
CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
# CONFIG_COMPILER_OPTIMIZATION_CHECKS_SILENT is not set
CONFIG_COMPILER_HIDE_PATHS_MACROS=y
# CONFIG_COMPILER_CXX_EXCEPTIONS is not set
# CONFIG_COMPILER_CXX_RTTI is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_NONE is not set
CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
# CONFIG_COMPILER_STACK_CHECK_MODE_STRONG is not set
# CONFIG_COMPILER_STACK_CHECK_MODE_ALL is not set
CONFIG_COMPILER_STACK_CHECK=y
# CONFIG_COMPILER_WARN_WRITE_STRINGS is not set
# CONFIG_COMPILER_SAVE_RESTORE_LIBCALLS is not set
# CONFIG_COMPILER_DISABLE_GCC12_WARNINGS is not set
# CONFIG_COMPILER_DUMP_RTL_FILES is not set
# end of Compiler options
# We don't know that the min is actually v2,
# but this is the earliest tested.
CONFIG_ESP32C3_REV_MIN_2=y
#
# Partition Table

30
IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults.esp8266
View File

@@ -1,30 +0,0 @@
# ESP8266 WDT
# CONFIG_ESP_PANIC_PRINT_REBOOT is not set
CONFIG_ESP_PANIC_PRINT_REBOOT=n
CONFIG_ESP_PANIC_PRINT_HALT=y
# Enable wolfSSL TLS in esp-tls (not yet supported in RTOS SDK 3.4
CONFIG_ESP_TLS_USING_WOLFSSL=n
CONFIG_TLS_STACK_WOLFSSL=n
# Bundles take up flash space and are disabled unless otherwise known to be needed
CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
# CONFIG_ESP_WOLFSSL_SMALL_CERT_VERIFY=y
# CONFIG_ESP_TLS_INSECURE=y
# Disable mbedTLS
CONFIG_ESP_TLS_USING_MBEDTLS=y
CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n
# ESP8266 Memory
CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
CONFIG_HEAP_DISABLE_IRAM=y
# ESP8266 Watchdog:
CONFIG_TASK_WDT=n
CONFIG_TASK_WDT_PANIC=n
# ESP8266 WDT
# CONFIG_ESP_PANIC_PRINT_REBOOT is not set
CONFIG_ESP_PANIC_PRINT_REBOOT=n
CONFIG_ESP_PANIC_PRINT_HALT=y

67
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
View File

@@ -1,13 +1,11 @@
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.3
# v1.0
#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
cmake_minimum_required(VERSION 3.16)
# Optional no watchdog typically used for test & benchmark
add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
@@ -22,58 +20,19 @@ add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
# Linux: ~/workspace
# Windows: C:\workspace
#
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
# Check that there are not conflicting wolfSSL components
# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
# The local component wolfSSL directory will be in ./components/wolfssl
if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
# These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
# add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
# So we'll error out and let the user decide how to proceed:
message(WARNING "\nFound wolfSSL components in\n"
"./managed_components/wolfssl__wolfssl\n"
"and\n"
"./components/wolfssl\n"
"in project directory: \n"
"${CMAKE_HOME_DIRECTORY}")
message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
"If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
"or rename the idf_component.yml file typically found in ./main/")
else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# Ensure the this wolfSSL component directory is included
set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
# Optionally specify a location for wolfSSL component source code
# set(WOLFSSL_ROOT "c:/mydir/wolfssl" )
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
# set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
#
#if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
# message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
# set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
#else()
# message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
#endif()
# Not only is a project-level "set(COMPONENTS" not needed here, this will cause
# an unintuitive error about Unknown CMake command "esptool_py_flash_project_args".

46
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
View File

@@ -7,9 +7,8 @@ For general information on [wolfSSL examples for Espressif](../README.md), see t
## Espressif ESP Component Registry
See the wolfSSL namespace and additional details:
See the wolfSSL namespace at [components.espressif.com](https://components.espressif.com/components?q=wolfssl)
https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/
## Windows COM Port
@@ -39,7 +38,9 @@ using the VisualGDB extension.
The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
ChipSet | ESP-IDF v4.4 | ESP-IDF v5.2 |
-------- |------------- |------------- |
ChipSet | ESP-IDF v4.4 | ESP-IDF v5.1 |
-------- |------------- |------------- |
ESP32 | x | |
ESP32-S2 | | |
@@ -61,12 +62,11 @@ See the [feature request](https://sysprogs.com/w/forums/topic/feature-request-sh
## ESP-IDF Commandline
1. `idf.py menuconfig` to configure the program.
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
BENCH_ARG : argument that you want to use. Default is "-lng 0"
The list of arguments can be found in help. See [benchmark/README.md](https://github.com/wolfSSL/wolfssl/blob/master/wolfcrypt/benchmark/README.md)
Features to be benchmarked are enabled in the `user_settings.h`.
BENCH_ARG : argument that you want to use. Default is "-lng 0"
The list of argument can be find in help.
When you want to run the benchmark program
@@ -89,33 +89,13 @@ git fetch
git pull
git submodule update --init --recursive
# pick your workspace location
# cd ~/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
# cd /mnt/c/workspace/wolfssl-master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
# The ESP8266 uses a completely different toolchain:
WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4
# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
# Pick ESP-IDF toolchain install directory
WRK_IDF_PATH=~/esp/esp-idf
# ESP-IDF v4.x uses toolchain v8.4
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-8.4/esp-idf/v4.4.1
# ESP-IDF v5.0 with toolchain v12.4
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-12.4/esp-idf/v5.0
# ESP-IDF v5.0 to v5.2.1 uses toolchain v12.4
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-12.4/esp-idf/v5.0
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-12.4/esp-idf/v5.1
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-12.4/esp-idf/v5.2.1
# The most recent version:
# ESP-IDF v5.2 uses toolchain v13.2
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
WRK_IDF_PATH=~/esp/esp-idf
. $WRK_IDF_PATH/export.sh
@@ -130,9 +110,9 @@ idf.py build flash -p /dev/ttyS20 -b 115200 monitor
## Example Output
Note the default wolfSSL `user_settings.h` is configured by default to be the most
Note the default wolfSSL `user_settings.h` is configured by default to be the most
compatible across the widest ranges of targets. Contact wolfSSL at support@wolfssl.com
for help in optimizing for your particular application, or see the
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:

421
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
View File

@@ -1,85 +1,35 @@
#
# Copyright (C) 2006-2024 wolfSSL Inc.
# Copyright (C) 2006-2024 wolfSSL Inc.
#
# This file is part of wolfSSL.
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
# cmake for wolfssl Espressif projects
#
# Version 5.7.2 Espressif ESP-IDF integration
# Version 5.7.0 template update + THIS_IDF_PATH
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
message(STATUS "Begin wolfssl ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
cmake_minimum_required(VERSION 3.16)
set(VERBOSE_COMPONENT_MESSAGES 1)
# Optional requires include:
# set(THIS_ESP_TLS "esp-tls")
set(THIS_ESP_TLS "")
# function: IS_ESP_IDF_COMPONENT
# output: RESULT = 1 (true) if this component is located in the ESP-IDF components
# otherwise 0 (false)
function( IS_ESP_IDF_COMPONENT RESULT )
# NOTE: Component location is based on the location of the CMakeList.txt
# and *not* the location of the wolfSSL source code. (which may be anywhere)
# Normalize the paths to remove any trailing slashes
get_filename_component(NORMALIZED_IDF_PATH "${IDF_PATH}" REALPATH)
get_filename_component(NORMALIZED_TEST_PATH "${COMPONENT_DIR}" REALPATH)
# Check if the test path starts with the IDF_PATH
string(FIND "${NORMALIZED_TEST_PATH}" "${NORMALIZED_IDF_PATH}" pos)
if(${pos} EQUAL 0)
message(STATUS "${COMPONENT_DIR} is within IDF_PATH.")
set(${RESULT} 1 PARENT_SCOPE)
else()
message(STATUS "${COMPONENT_DIR} is not within IDF_PATH.")
set(${RESULT} 0 PARENT_SCOPE)
endif()
endfunction()
# Determine if this cmake file is located in the ESP-IDF component directory or not,
# and if so, if it is being ignored (allowing the use of a local project one, instead).
IS_ESP_IDF_COMPONENT( IS_WOLSSL_ESP_IDF_COMPONENT )
if( IS_WOLSSL_ESP_IDF_COMPONENT )
message(STATUS "This wolfSSL is a component in ESP-IDF.")
if ( CONFIG_IGNORE_ESP_IDF_WOLFSSL_COMPONENT )
idf_component_register()
message(STATUS "Warning: wolfSSL component in ESP-IDF is being ignored.")
return()
endif()
endif()
if( "${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}" STREQUAL "" )
# nothing to do
else()
# Only forward slashes, or double backslashes are supported.
# By the time we get here the sdkconfig file has a value for wolfSSL source code root.
string(REPLACE "\\" "/" CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
message(STATUS "Cleaned wolfssl path: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
endif()
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
# set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
@@ -92,7 +42,7 @@ if ( "${WOLFSSL_ROOT}" STREQUAL "")
endif()
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
@@ -156,7 +106,7 @@ if( ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark") OR ("${CMAKE_PROJECT_
message(STATUS "Not including lwip for ${CMAKE_PROJECT_NAME}")
else()
# benchmark and test do not need wifi, everything else probably does:
set(COMPONENT_REQUIRES lwip "${THIS_ESP_TLS}") # we typically don't need lwip directly in wolfssl component
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
endif()
# find the user name to search for possible "wolfssl-username"
@@ -180,25 +130,6 @@ else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# ENVIRONMENT_VAR_TO_MACRO
# Check environment variable name EVARPARAM as [name]
# If defined, and has a value of EVARVALUE as [value],
# then assign a compiler definition "-D[name]=[value]"
function(ENVIRONMENT_VAR_TO_MACRO EVARPARAM EVARVALUE)
# If the EVARPARAM environment variable name is set to EVARVALUE,
# set the compiler flag definition to enable CSV output.
if ( "$ENV{${EVARPARAM}}" STREQUAL "${EVARVALUE}")
message(STATUS "Appending compile definition: -D${EVARPARAM}=${EVARVALUE}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D${EVARPARAM}=${EVARVALUE}")
else()
if(DEFINED ENV{${EVARPARAM}})
message(STATUS "Environment variable ${EVARPARAM} detected but set to $ENV{${EVARPARAM}}, not appending compile definition.")
else()
message(STATUS "Environment variable ${EVARPARAM} not detected, not appending compile definition.")
endif()
endif()
endfunction()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
@@ -216,8 +147,7 @@ endfunction()
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function( IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER
RESULT )
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
@@ -236,56 +166,26 @@ function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if ( "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" STREQUAL "" )
# The parameter is empty, so we certainly need to search.
# First, see if there's an environment variable. This takes highest priority (unless already found as hard-coded, above)
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
# Next, if not found, see if wolfSSL was selected for ESP-TLS Kconfig
if(CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT)
set(CURRENT_SEARCH_DIR ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
message(STATUS "WOLFSSL_ROOT found in sdkconfig/KConfig: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
else()
message(STATUS "wolfSSL not defined in [Component Config] [wolfssl]. Continuing search...")
# If not specified as a search hint in OUTPUT_FOUND_WOLFSSL_DIRECTORY:
# This wolfSSL component CMakeLists.txt may be found EITHER in:
# 1) local project component
# 2) ESP-IDF share components
# We'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
# That option might find wolfSSL source code as a copy in the component directory (e.g. Managed Components)
# Unless cmake is in the ESP-IDF, in which case it is unlikely to find wolfSSL source in any parent.
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
endif() # CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT
endif() # check environment var blank
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
else()
message(STATUS "Parameter found for FIND_WOLFSSL_DIRECTORY")
message(STATUS "Setting wolfSSL search directory to: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
set(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif() # parameter empty
# Check to see if we found a path in environment or config settings, above.
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "Source for wolfSSL not specified in path nor config settings.")
# We'll continue the search by recursing up the directory tree, below.
else()
# Setting found! Does it contain a valid path?
string(REPLACE "\\" "/" CURRENT_SEARCH_DIR ${CURRENT_SEARCH_DIR})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
get_filename_component(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found wolfSSL source code via setting: ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
message(STATUS "Found WOLFSSL_ROOT via prior specification.")
else()
if(WIN32)
message(STATUS "When specifying a path for Windows, use forward slahes, or double backslashes.")
endif()
message(STATUS "CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT sdkconfig setting = ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
message(STATUS "WOLFSSL_ROOT Variable defined, but source code not found: ${CURRENT_SEARCH_DIR}")
message(FATAL_ERROR "WOLFSSL_ROOT Variable defined, but path not found: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif()
endif()
@@ -386,11 +286,6 @@ endfunction()
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check for environment variable that may be assigned to macros
ENVIRONMENT_VAR_TO_MACRO("GENERATE_MACHINE_PARSEABLE_REPORT" "1")
ENVIRONMENT_VAR_TO_MACRO("WOLFSSL_BENCHMARK_FIXED_CSV" "1")
# Optional variable inspection
if (0)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
@@ -407,20 +302,15 @@ endif()
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
# There's no esp_timer, no driver components for the ESP8266
message(STATUS "Early expansion EXCLUDES esp_timer for esp8266: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver for esp8266: ${THIS_INCLUDE_DRIVER}")
message(STATUS "Early expansion EXCLUDES esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
set(THIS_ESP_TLS "")
else()
message(STATUS "Early expansion includes esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion includes driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
set(THIS_ESP_TLS "esp-tls")
# Let the app know that we've included the esp-tls component requirement.
# This is critical for use the the esp-tls component. See wolfssl esp_crt_bundle.c file.
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_REQUIRED_ESP_TLS=1")
endif()
if(CMAKE_BUILD_EARLY_EXPANSION)
@@ -428,9 +318,8 @@ if(CMAKE_BUILD_EARLY_EXPANSION)
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
${THIS_INCLUDE_TIMER}
${THIS_INCLUDE_DRIVER} # this will typically only be needed for wolfSSL benchmark
)
else()
@@ -439,15 +328,6 @@ else()
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
if ( "${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
# There's no esp_timer, no driver components for the ESP8266
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
else()
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
endif()
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
@@ -461,9 +341,7 @@ else()
# Abort CMake after fatal error.
endif()
else()
message(STATUS "Source code for wolfSSL still not found.")
message(STATUS "Searching from project home: ${CMAKE_HOME_DIRECTORY} ...")
set(WOLFSSL_ROOT "${CMAKE_HOME_DIRECTORY}")
message(STATUS "Searching for wolfSL source code...")
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
endif()
@@ -471,18 +349,11 @@ else()
if(WOLFSSL_ROOT)
message(STATUS "Confirmed wolfssl directory at: ${WOLFSSL_ROOT}")
else()
# Try to allow a more intuitive error that the source code was not found in cmake:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_WARNING_SOURCE_NOT_FOUND")
message(STATUS "Failed: wolfssl source code directory not found.")
message(STATUS "Failed: wolfssl directory not found.")
# Abort. We need wolfssl _somewhere_.
message(STATUS "")
message(STATUS "")
message(STATUS "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
message(STATUS "")
message(STATUS "")
# Abort CMake after fatal error. (or not?)
message(FATAL_ERROR "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
# Abort CMake after fatal error.
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
@@ -508,24 +379,22 @@ else()
endif()
endif()
message(STATUS "WOLFSSL_EXTRA_PROJECT_DIR = ${WOLFSSL_EXTRA_PROJECT_DIR}")
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
# wolfSSL user_settings.h may be in the local project.
# TODO check if exists and possibly set to ESP-IDF
# wolfSSL user_settings.h is in the local project.
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
# add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -558,7 +427,8 @@ else()
message(STATUS "**************************************************************************************")
message(STATUS "")
message(STATUS "Please use wolfSSL in either local project or Espressif components, but not both.")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
# Abort CMake after fatal error.
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
@@ -666,9 +536,7 @@ else()
# depending on the environment, we may need to swap backslashes with forward slashes
string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
if(WOLFSSL_ROOT)
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
endif()
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
if(IS_DIRECTORY "${RTOS_IDF_PATH}")
message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
@@ -684,7 +552,7 @@ else()
message(STATUS "THIS_IDF_PATH = $THIS_IDF_PATH")
# wolfSSL-specific include directories
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of local project wolfssl user_settings.h
"./include" # this is the location of wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
@@ -733,7 +601,6 @@ else()
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${WOLFSSL_ROOT}/examples\"" # Examples are distributed in Managed Components, but not part of a project.
"\"${EXCLUDE_ASM}\""
)
@@ -755,120 +622,15 @@ else()
# see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
#
set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
if(WOLFSSL_ROOT)
# Only register the component if we found wolfSSL source.
# This is important to allow Cmake to finish to completion, otherwise the UI
# may not be able to display the Kconfig settings to fix a bad or missing source.
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
else()
# Register the component simply to allow CMake to complete, but there's no wolfSSL source.
# Expect many other errors, but the project should at least be loadable and UI can edit Kconfig settings.
idf_component_register()
message(STATUS "Warning: wolfSSL component not registered as no source code found (WOLFSSL_ROOT is blank)")
endif()
# function(WOLFSSL_INIT_CERT_BUNDLE)
if( CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
AND NOT CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
AND NOT ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
)
if (CMAKE_BUILD_EARLY_EXPANSION)
message(ERROR "Bundle Cert initialization must occur during CMAKE_BUILD_EARLY_EXPANSION")
endif()
# reminder: we need a value for wolfSSL root first!
if( "${WOLFSSL_ROOT}" STREQUAL "" )
message(ERROR "Certificate bundles need a value for WOLFSSL_ROOT")
endif()
set(WOLFSSL_ESP_CRT_BUNDLE_DIR ${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle)
message(STATUS "WOLFSSL_ESP_CRT_BUNDLE_DIR=${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
if(EXISTS "${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
set(bundle_name "x509_crt_bundle_wolfssl")
# For now the certs are in the same directory
set(DEFAULT_CRT_DIR "${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
# Generate custom certificate bundle using the generate_cert_bundle utility
set(GENERATE_CERT_BUNDLEPY ${python} ${WOLFSSL_ESP_CRT_BUNDLE_DIR}/gen_crt_bundle.py)
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
elseif(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
list(APPEND args --filter ${DEFAULT_CRT_DIR}/cmn_crt_authorities.csv)
endif()
# Add deprecated root certs if enabled. This config is not visible if the default cert
# bundle is not selected
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_deprecated.pem)
endif()
if(CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE)
get_filename_component(custom_bundle_path
${CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH} ABSOLUTE BASE_DIR "${project_dir}")
list(APPEND crt_paths ${custom_bundle_path})
message(STATUS "Using a custom wolfSSL bundle path: ${custom_bundle_path}")
else()
message(STATUS "Not using a custom wolfSSL bundle path.")
endif()
list(APPEND args --input ${crt_paths} -q)
message(STATUS "CMAKE_CURRENT_BINARY_DIR: ${CMAKE_CURRENT_BINARY_DIR}")
get_filename_component(crt_bundle
${bundle_name}
ABSOLUTE BASE_DIR "${CMAKE_CURRENT_BINARY_DIR}")
message(STATUS "Setting up bundle generate: ${GENERATE_CERT_BUNDLEPY} ${args}")
message(STATUS "Depends on custom bundle path: ${custom_bundle_path}")
message(STATUS "crt_bundle ${crt_bundle}")
message(STATUS "COMPONENT_LIB ${COMPONENT_LIB}")
message(STATUS "GENERATE_CERT_BUNDLEPY ${GENERATE_CERT_BUNDLEPY}")
message(STATUS "args ${args}")
message(STATUS "cert_bundle ${cert_bundle}")
# Generate bundle according to config
# File is generated at build time, not cmake load
add_custom_command(OUTPUT ${crt_bundle}
COMMAND ${GENERATE_CERT_BUNDLEPY} ARGS ${args}
DEPENDS ${custom_bundle_path}
VERBATIM)
if(EXISTS "${crt_bundle}")
message(STATUS "Bundle file exists from prior build: ${crt_bundle}")
else()
message(STATUS "Bundle file expected during next build: ${crt_bundle}")
endif()
# Reminder the file is generated at build time, not cmake load time.
message(STATUS "wolfSSL Cert Bundle File to be created at build time in: ${crt_bundle}")
add_custom_target(custom_wolfssl_bundle DEPENDS ${cert_bundle})
# the wolfSSL crtificate bundle is baked into wolfSSL
add_dependencies(${COMPONENT_LIB} custom_wolfssl_bundle)
# COMPONENT_LIB may vary: __idf_wolfssl, __idf_esp_wolfssl, etc
# target_add_binary_data(__idf_wolfssl ${crt_bundle} BINARY)
target_add_binary_data(${COMPONENT_LIB} ${crt_bundle} BINARY)
set_property(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
APPEND PROPERTY ADDITIONAL_CLEAN_FILES
"${crt_bundle}")
else()
message(STATUS "WARNING: CONFIG_WOLFSSL_CERTIFICATE_BUNDLE enabled but directory not found: ${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
endif()
endif()
# endfunction() # WOLFSSL_INIT_CERT_BUNDLE
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
# Some optional diagnostics. Verbose ones are truncated.
if (VERBOSE_COMPONENT_MESSAGES)
@@ -900,12 +662,6 @@ endif()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
message(STATUS "DETECTED_PROJECT_NAME=${CMAKE_PROJECT_NAME}")
message(STATUS "COMPONENT_TARGET=${COMPONENT_TARGET}")
target_compile_definitions(${COMPONENT_TARGET} PRIVATE DETECTED_PROJECT_NAME="${CMAKE_PROJECT_NAME}")
if( "${CMAKE_PROJECT_NAME}" STREQUAL "esp_http_client_example" )
target_compile_definitions(${COMPONENT_TARGET} PRIVATE APP_ESP_HTTP_CLIENT_EXAMPLE="y")
endif()
endif() # CMAKE_BUILD_EARLY_EXPANSION
@@ -961,80 +717,33 @@ endfunction() # LIBWOLFSSL_SAVE_INFO
# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
# see wolfcrypt\src\port\Espressif\esp32_utl.c
if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
if(NOT CMAKE_BUILD_EARLY_EXPANSION)
set (git_cmd "git")
message(STATUS "Adding macro definitions:")
# LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd}
"show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_WOLFSSL_ROOT "${WOLFSSL_ROOT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config complete!")
message(STATUS "************************************************************************************************")
endif()
# Ensure flag "-DWOLFSSL_ESPIDF" is already in CMAKE_C_FLAGS if not yet found from project
string(FIND "${CMAKE_C_FLAGS}" "-DWOLFSSL_ESPIDF" FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF)
if(FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF EQUAL -1)
# Flag not found, append it
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_ESPIDF")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
endif()
if(WOLFSSL_ROOT)
message(STATUS "Using wolfSSL in ${WOLFSSL_ROOT}")
# PlatformIO does not process script from from the Espressif cmake process.
# We need to know where wolfSSL source code was found, so save it in the
# PIO_WOLFSSL_ROOT environment variable to later be read by extra_script.py
set(ENV{PIO_WOLFSSL_ROOT} "${WOLFSSL_ROOT}")
message(STATUS "PIO_WOLFSSL_ROOT = $ENV{PIO_WOLFSSL_ROOT}")
message(STATUS "PLATFORMIO_BUILD_DIR = $ENV{PLATFORMIO_BUILD_DIR}")
# See esp-tls Kconfig; menu "ESP-TLS", ESP_TLS_LIBRARY_CHOOSE
if(CONFIG_ESP_TLS_USING_WOLFSSL)
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
message(STATUS "This version of wolfSSL is not supported on the ESP8266 esp-tls at this time. Check ESP-TLS config")
else()
message(STATUS "wolfSSL will be used for ESP-TLS")
endif()
else()
message(STATUS "WARNING: wolfSSL NOT selected for ESP-TLS. Features and performance will be limited.")
endif()
else()
message(STATUS "")
message(STATUS "Consider setting WOLFSSL_ROOT environment variable, use Kconfig setting, or set manually in this cmake file, above.")
message(STATUS "")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "ERROR: Could not find wolfSSL Source Code")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
endif()
message(STATUS "************************************************************************************************")
message(STATUS "wolfSSL component config complete!")
message(STATUS "************************************************************************************************")

523
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/Kconfig
View File

@@ -1,523 +0,0 @@
# Kconfig template
#
# Copyright (C) 2006-2024 wolfSSL Inc. All rights reserved.
#
# This file is part of wolfSSL.
#
# wolfSSL is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# wolfSSL is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
# Kconfig File Version 5.7.2.001 for esp-idf integration
# Kconfig Format Rules
#
# See:
# https://docs.espressif.com/projects/esp-idf/en/stable/esp32/api-reference/kconfig.html
#
# Format rules for Kconfig files are as follows:
#
# Option names in any menus should have consistent prefixes. The prefix
# currently should have at least 3 characters.
#
# The unit of indentation should be 4 spaces. All sub-items belonging to a
# parent item are indented by one level deeper. For example, menu is indented
# by 0 spaces, config menu by 4 spaces, help in config by 8 spaces, and the
# text under help by 12 spaces.
#
# No trailing spaces are allowed at the end of the lines.
#
# The maximum length of options is NOT 50 characters as documented.
# kconfcheck will complain that options should be 40 at most.
#
# Fix option lengths first. Superfluous errors on other lines may occur.
#
# The maximum length of lines is 120 characters.
#
# python -m kconfcheck <path_to_kconfig_file>
#
# ---------------------------------------------------------------------------------------------------------------------
# Begin main wolfSSL configuration menu
# ---------------------------------------------------------------------------------------------------------------------
# See ESP-IDF esp-tls component for config TLS_STACK_WOLFSSL
menu "wolfSSL"
menu "Hardening"
config ESP_WOLFSSL_WC_NO_HARDEN
bool "Disable wolfSSL hardening"
default n
help
Sets WC_NO_HARDEN
config ESP_WOLFSSL_TFM_TIMING_RESISTANT
bool "Enable TFM Timing Resistant Code"
default n
help
Sets TFM_TIMING_RESISTANT.
endmenu # Hardening
config ESP_WOLFSSL_ENABLE_BENCHMARK
bool "Enable wolfSSL Benchmark Library"
default n
help
Enables wolfcrypt/benchmark/benchmark.c code for benchmark metrics. Disables NO_CRYPT_BENCHMARK.
menu "Benchmark Debug"
config ESP_DEBUG_WOLFSSL_BENCHMARK_TIMING
bool "Enable benchmark timing debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Enable wolfssl debug for benchmark metric timing (CPU Cycles, RTOS ticks, etc).
config ESP_WOLFSSL_BENCHMARK_TIMER_DEBUG
bool "Enable benchmark timer debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Turn on timer debugging (used when CPU cycles not available)
endmenu # Benchmark Debug
# -----------------------------------------------------------------------------------------------------------------
# wolfCrypt Test
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ENABLE_TEST
bool "Enable wolfCrypt Test Library"
default n
help
Enables wolfcrypt/test/test.c code for testing. Disables NO_CRYPT_TEST.
menu "wolfCrypt tests"
config WOLFSSL_HAVE_WOLFCRYPT_TEST_OPTIONS
bool "Enable wolfCrypt Test Options"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables HAVE_WOLFCRYPT_TEST_OPTIONS
config TEST_ESPIDF_ALL_WOLFSSL
bool "Enable all features to use in tests"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables TEST_ESPIDF_ALL_WOLFSSL
endmenu # wolfCrypt tests
# -----------------------------------------------------------------------------------------------------------------
# Apple HomeKit Options
# -----------------------------------------------------------------------------------------------------------------
menu "Apple HomeKit"
config WOLFSSL_APPLE_HOMEKIT
bool "Enable Apple HomeKit options"
default n
help
Enables FP_MAX_BITS (8192 * 2), SRP, ChaCha, Poly1305, Base64 encoding needed for Apple HomeKit.
endmenu # Apple HomeKit
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_DISABLE_MY_ECC
bool "Disable ECC in my project"
default "n"
help
ECC is enabled by default. Select this option to disable.
config ESP_WOLFSSL_ENABLE_MY_USE_RSA
bool "Enable RSA in my project"
default "n"
help
RSA is disabled by default. Select this option to enable.
config ESP_WOLFSSL_BENCHMARK
bool "Enable wolfSSL Benchmark"
default n
help
Enables user settings relevant to benchmark code
config ESP_TLS_USING_WOLFSSL_SPECIFIED
bool "Use the specified wolfssl for ESP-TLS"
default Y
help
Includes wolfSSL from specified directory (not using esp-wolfssl).
config ESP_WOLFSSL_NO_USE_FAST_MATH
bool "Disable FAST_MATH library and all ESP32 Hardware Acceleration"
select ESP_WOLFSSL_NO_HW
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
menu "Protocol Config"
config WOLFSSL_HAVE_ALPN
bool "Enable ALPN (Application Layer Protocol Negotiation) in wolfSSL"
default y
config WOLFSSL_ALLOW_TLS13
bool "Allow TLS 1.3"
default y
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_ALLOW_TLS12
bool "Allow TLS 1.2"
default n
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_HAVE_TLS_EXTENSIONS
bool "Enable TLS Extensions"
default y
help
Sets HAVE_TLS_EXTENSIONS which is needed for TLS 1.3, SNI, ALPN, and more.
config WOLFSSL_ALT_CERT_CHAINS
bool "Enable Alternate Certificate Chains"
default n
help
The option relaxes the default strict wolfSSL certificate chain processing. This
will typically need to be enabled when loading only a CA file. Typically solves
the -188 ASN_NO_SIGNER_E error. Use with caution.
config WOLFSSL_HAVE_OCSP
bool "Enable OCSP (Online Certificate Status Protocol) in wolfSSL"
default n
help
Sets HAVE_OCSP
endmenu # Protocol Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config TLS_STACK_WOLFSSL
# Invisible option that locks TLS_STACK_WOLFSSL to ESP_TLS_USING_WOLFSSL
bool
default n
select FREERTOS_ENABLE_BACKWARD_COMPATIBILITY
help
Includes wolfSSL in ESP-TLS so that it can be compiled with wolfSSL as its SSL/TLS library.
Enabled when wolfSSL is selected in ESP_TLS_LIBRARY_CHOOSE.
menu "wolfSSL ESP-TLS"
depends on ESP_TLS_USING_WOLFSSL
menu "Certificate Bundle"
depends on ESP_TLS_USING_WOLFSSL
config WOLFSSL_CERTIFICATE_BUNDLE
bool "Enable trusted root certificate bundle"
default y if ESP_TLS_USING_WOLFSSL
default n
depends on ESP_TLS_USING_WOLFSSL
help
Enable support for large number of default root certificates
When enabled this option allows user to store default as well
as customer specific root certificates in compressed format rather
than storing full certificate. For the root certificates the public key and the subject name
will be stored.
config WOLFSSL_NO_ASN_STRICT
bool "Relax Certificate ASN Strict Checks"
default n
depends on ESP_TLS_USING_WOLFSSL
help
Allows sub-optimal certificate ASN checks. Unless using a bundle with known issues,
it is recommended to NOT enable this.
config WOLFSSL_ASN_ALLOW_0_SERIAL
bool "Allow cert missing an ASN Serial Number"
default y
depends on ESP_TLS_USING_WOLFSSL
help
Although not recommended, there may be certificates in the bundle that are missing
a serial number. This option allows the missing value without having to fully
disable strict ASN checking with WOLFSSL_NO_ASN_STRICT.
choice WOLFSSL_DEFAULT_CERTIFICATE_BUNDLE
bool "Default certificate bundle options"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
bool "Use the full default certificate bundle"
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN
bool "Use only the most common certificates from the default bundles"
help
Use only the most common certificates from the default bundles, reducing the size with 50%,
while still having around 99% coverage.
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
bool "Do not use the default certificate bundle"
endchoice
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default n
bool "Add custom certificates to the default bundle"
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH
depends on WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
string "Custom certificate bundle path"
help
Name of the custom certificate directory or file. This path is evaluated
relative to the project root directory.
config WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST
bool "Add deprecated root certificates"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL && !WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
help
Include the deprecated list of root certificates in the bundle.
This list gets updated when a certificate is removed from the Mozilla's
NSS root certificate store. This config can be enabled if you would like
to ensure that none of the certificates that were deployed in the product
are affected because of the update to bundle. In turn, enabling this
config keeps expired, retracted certificates in the bundle and it may
pose a security risk.
- Deprecated cert list may grow based based on sync with upstream bundle
- Deprecated certs would be be removed in ESP-IDF (next) major release
config WOLFSSL_CERTIFICATE_BUNDLE_MAX_CERTS
int "Maximum no of certificates allowed in certificate bundle"
default 200
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
endmenu
endmenu # wolfSSL ESP-TLS
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
bool "Modify default hardware acceleration settings"
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
Typically used for debugging, analysis, or optimizations. The default
hardware acceleration features can be each manually adjusted.
menu "wolfSSL Hardware Acceleration"
config ESP_WOLFSSL_NO_ESP32_CRYPT
bool "Disable all ESP32 Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_ESP32_CRYPT.
Consider disabling FASTMATH (other libraries are faster in software and smaller)
config ESP_WOLFSSL_NO_HW_AES
bool "Disable all ESP32 AES Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.When selected defines: NO_HW_AES
config ESP_WOLFSSL_NO_HW_HASH
bool "Disable all ESP32 SHA Hash Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_HASH
config ESP_WOLFSSL_NO_HW_RSA_PRI
bool "Disable all ESP32 RSA Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI
config ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
bool "Disable all ESP32 Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MP_MUL
config ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
bool "Disable all ESP32 Modular Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MULMOD
config ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
bool "Disable all ESP32 RSA Exponential Math Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.
Select this option to force disable: NO_HW_RSA_PRI_EXPTMOD
config ESP_WOLFSSL_DEBUG_ESP_HW_MULTI_RSAMAX_BITS
bool "Enable debugging of RSA Multiplication operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
multiplication operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
config ESP_WOLFSSL_DEBUG_ESP_HW_MOD_RSAMAX_BITS
bool "Enable debugging of RSA Modular operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
modular math operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
endmenu # wolfSSL Hardware Acceleration
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Experimental Options"
config ESP_WOLFSSL_EXPERIMENTAL_SETTINGS
bool "Enable wolfSSL Experimental Settings"
default n
help
Enables experimental settings for wolfSSL. See documentation.
config ESP_WOLFSSL_ENABLE_KYBER
bool "Enable wolfSSL Kyber"
default n
help
Enable debugging messages for wolfSSL. See user_settings.h for additional debug options.
endmenu # wolfSSL Experimental Options
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Debug Options"
config ESP_WOLFSSL_DEBUG_WOLFSSL
bool "Enable wolfSSL Debugging"
default n
help
Enable debugging messages for wolfSSL. See user_settings.h for additional debug options.
config ESP_WOLFSSL_TEST_LOOP
bool "Run test apps in a loop until failure"
default y
help
Enable a loop wrapper for benchmark, http_client, and wolfssl test apps.
endmenu # wolfSSL Debug Options
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Customization"
config CUSTOM_SETTING_WOLFSSL_ROOT
string "Enter a path for wolfSSL source code"
default "~/workspace/wolfssl"
help
This option lets you specify a directory for the wolfSSL source code (typically a git clone).
Enter the path using forward slashes (e.g., C:/myfolder/mysubfolder) or double backslashes
(e.g., C:\\myfolder\\mysubfolder).
endmenu # wolfSSL Customization
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Component Config"
config IGNORE_ESP_IDF_WOLFSSL_COMPONENT
bool "Ignore the ESP-IDF component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the esp-idf/components directory. Requires wolfssl as a local component.
config IGNORE_LOCAL_WOLFSSL_COMPONENT
bool "Ignore the local component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the local project components directory.
Requires wolfssl as a ESP-IDF component.
endmenu # Component Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Utility Config"
config USE_WOLFSSL_ESP_SDK_TIME
bool "Enable wolfSSL time helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
config USE_WOLFSSL_ESP_SDK_WIFI
bool "Enable wolfSSL WiFi helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
endmenu # Utility Config
endmenu # wolfSSL
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfSSH"
config ESP_ENABLE_WOLFSSH
bool "Enable wolfSSH options"
default n
help
Enables WOLFSSH_TERM, WOLFSSL_KEY_GEN, WOLFSSL_PTHREADS, WOLFSSH_TEST_SERVER, WOLFSSH_TEST_THREADING
config ESP_WOLFSSL_DEBUG_WOLFSSH
bool "Enable wolfSSH debugging"
default n
help
Enable wolfSSH debugging macro. See user_settings.h
endmenu # wolfSSH
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfMQTT"
config ESP_ENABLE_WOLFMQTT
bool "Enable wolfMQTT options"
default n
help
Enables WOLFMQTT
config ESP_WOLFSSL_DEBUG_WOLFMQTT
bool "Enable wolfMQTT debugging"
default n
help
Enable wolfMQTT debugging macro. See user_settings.h
endmenu # wolfMQTT
# ---------------------------------------------------------------------------------------------------------------------

162
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/README.md
View File

@@ -1,162 +0,0 @@
# wolfSSL Espressif Component
This is the directory for wolfSSL as an Espressif ESP-IDF component.
Other options are available, such as installing wolfSSL as a local _project_ component using the [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/).
Enabling this wolfSSL ESP-IDF component allows other ESP-IDF libraries such as those that depend on [ESP-TLS](https://github.com/espressif/esp-idf/tree/master/components/esp-tls)
to also use the wolfSSL library. (See [github.com/wolfSSL/wolfssl](https://github.com/wolfSSL/wolfssl))
The wolfSSL source code is not included here. Instead, the `idf.py menuconfig` option can be used to configure the
`sdkconfig` file setting: `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` to point to the desired wolfSSL code.
## Directory Contents
This directory must contain, at a minimum:
- `CMakeLists.txt`
- `./include/user_settings.h`
The directory should also contain:
- `Kconfig`
- `component.mk`
The directory may contain wolfSSL source, for example with a [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/),
or if the `setup.sh` script was used from [wolfSSL/IDE/Espressif/ESP-IDF](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF).
Under normal circumstances when the wolfSSL source is not included here, the `CMakeLists.txt` will search for it in this order:
- A hard-coded `WOLFSSL_ROOT` cmake variable.
- `WOLFSSL_ROOT` Environment Variable
- The `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` value in the `sdkconfig` file, from the `Kconfig` option.
- Any parent directories, up to the root (if this directory is in the ESP-IDF components)
- Any parent directories, up to the root (if this directory is a project component)
While recursing up the directory tree, the following names of wolfSSL directories will be considered:
- `wolfssl-[current user name]`
- `wolfssl-master`
- `wolfssl`
## Getting Started
See the `Espressif Getting Started Guide`.
```
# Set environment variable to ESP-IDF location
# For example, VisualGDB in WSL
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-master/esp-idf/v5.3-master
# Or wherever the ESP-IDF is installed:
WRK_IDF_PATH=~/esp/esp-idf
echo "Run export.sh from ${WRK_IDF_PATH}"
. ${WRK_IDF_PATH}/export.sh
cd [your project]
idf.py menuconfig
```
Enable wolfSSL to be used in the ESP-TLS:
```
Component config --->
ESP-TLS --->
Choose SSL/TLS library for ESP-TLS (See help for more Info)
(X) wolfSSL (License info in wolfSSL directory README)
```
Adjust wolfSSL settings, such as path to source code as needed:
```
Component config --->
wolfSSL --->
[*] Include wolfSSL in ESP-TLS
[*] Use the specified wolfssl for ESP-TLS
(~/workspace/wolfssl) Enter a path for wolfSSL source code
```
## Configuration
All settings for wolfSSL are adjusted in the [include/user_settings.h](./include/user_settings.h) file.
The `user_settings.h` file should not be included directly. Instead, `#include <wolfssl/wolfcrypt/settings.h>`
before any other wolfSSL headers, like this:
```c
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
/* wolfSSL */
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#if defined(WOLFSSL_USER_SETTINGS)
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF)
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
#error "Problem with wolfSSL user_settings. " \
"Check components/wolfssl/include " \
"and confirm WOLFSSL_USER_SETTINGS is defined, " \
"typically in the component CMakeLists.txt"
#endif
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
```
## Examples
See the wolfSSL examples:
- [wolfSSL Core Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
- [wolfSSL Additional Examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
- [wolfSSH Core Examples](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif/ESP-IDF/examples)
- [wolfSSH Additional Examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
- [wolfMQTT Examples](https://github.com/wolfSSL/wolfMQTT/tree/master/IDE/Espressif/ESP-IDF/examples)
## Platforms
The ESP-IDF wolfSSL is also available for PlatformIO:
- [Release wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl)
- [Staging / Preview wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl-staging)
The wolfSSL library can also be used for Espressif with Arduino:
- [arduino.cc/reference/en/libraries/wolfssl](https://www.arduino.cc/reference/en/libraries/wolfssl/)
- [github.com/wolfSSL/Arduino-wolfSSL](https://github.com/wolfSSL/Arduino-wolfSSL)
## Additional Information
- [wolfSSL Documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html) and [docs/espressif](https://www.wolfssl.com/docs/espressif/)
- [wolfSSL FAQ](https://www.wolfssl.com/docs/frequently-asked-questions-faq/)
- [wolfSSL Products](https://www.wolfssl.com/products/)
- [www.wolfssl.com/espressif](https://www.wolfssl.com/espressif/)
- [More...](https://www.wolfssl.com/?s=espressif)
## Contact
Have a specific request or questions? We'd love to hear from you! Please contact us at support@wolfssl.com or open an issue on GitHub.
## Licensing and Support
wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use under the GPLv2 (or at your option any later version) or a standard commercial license. For our users who cannot use wolfSSL under GPLv2 (or any later version), a commercial license to wolfSSL and wolfCrypt is available.
See the LICENSE.txt, visit wolfssl.com/license, contact us at licensing@wolfssl.com or call +1 425 245 8247
View Commercial Support Options: [wolfssl.com/products/support-and-maintenance](wolfssl.com/products/support-and-maintenance)

347
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
View File

@@ -18,8 +18,6 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
$(info *********** wolfssl component ************)
#
# Component Makefile
#
@@ -50,246 +48,193 @@ $(info *********** wolfssl component ************)
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# Note that 4 source files created by autogen are excluded here.
#
# See these files commented out, below. Adjust as needed for your application:
#
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o
# In the wolfSSL GitHub examples for Espressif,
# the root is 7 directories up from here:
WOLFSSL_ROOT := ../../../../../../../
# NOTICE: the WOLFSSL_ROOT setting MUST be relative!
# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables
# In the wolfSSL GitHub examples for Espressif:
# https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples
# When this wolfssl component.mk makefile is in [project]/components/wolfssl
# The root is 7 directories up from here (the location of of this component.mk):
WOLFSSL_ROOT := ../../../../../../..
# To set the location of a different location, it is best to use relative paths.
#
# Set WOLFSSL_ROOT to a relative path from the current component directory.
# For example, if the wolfssl_client is copied from the examples to test:
#
# cp -r /IDE/Espressif/ESP-IDF/examples/wolfssl_client/* /mnt/c/test/demo
#
# we run make in /mnt/c/test/demo
# component is in /mnt/c/test/demo/components/wolfssl
# wolfssl is in /mnt/c/workspace/wolfssl-master
#
# "/mnt/c" is 4 directories up:
# 2 for `./test/demo` from where we run `make`, plus
# 2 more from the location of `component.mk` located
# in `[current directory]/components/wolfssl`.
#
# Thus we need 4 parent reference to find the relative path to wolfSSL:
# WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
# Optional CFLAGS (make works without these; for reference only)
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
abs_WOLFSSL_ROOT := $(shell realpath $(WOLFSSL_ROOT))
# print-wolfssl-path-value:
# @echo "WOLFSSL_ROOT defined: $(WOLFSSL_ROOT)"
# @echo "WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT)"
$(info WOLFSSL_ROOT defined: $(WOLFSSL_ROOT))
$(info WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT))
# NOTE: The wolfSSL include directory (e.g. user_settings.h) is
# NOTE: The wolfSSL include diretory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT).
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfssl/wolfcrypt/port/Espressif
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)wolfcrypt/benchmark
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# wolfSSL
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src
# wolfcrypt
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
# WOLFSSL_ROOT := ""
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)src
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src/port/atmel
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/benchmark
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/test
COMPONENT_SRCDIRS += include
# Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)/wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/aes_gcm_x86_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/src/bio.o
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)wolfcrypt/src/aes_gcm_x86_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)src/bio.o
##
## wolfSSL
##
COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o
COMPONENT_OBJS := $(WOLFSSL_ROOT)src/bio.o
# COMPONENT_OBJS += src/conf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/ocsp.o
# COMPONENT_OBJS += src/pk.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)src/wolfio.o
# COMPONENT_OBJS += src/x509.o
# COMPONENT_OBJS += src/x509_str.o
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/asn.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/async.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/evp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sakke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/selftest.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_kyber.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_kyber_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wc_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfcrypt_first.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfcrypt_last.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/benchmark/benchmark.o
##
## wolfcrypt test (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
## COMPONENT_OBJS += $(WOLFSSL_ROOT)wolfcrypt/test/test.o
##
## wolfcrypt
##
# COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src
$(info ********** end wolfssl component **********)

Some files were not shown because too many files have changed in this diff Show More