WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update Espressif Examples

pull/810/head
gojimmypi 2025-06-11 15:37:14 -07:00
parent 35a24e33d4
commit b9658bc801
No known key found for this signature in database
GPG Key ID: 3D684FA88DC3FAA8
30 changed files with 8300 additions and 702 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/CMakeLists.txt
View File

@ -1,6 +1,6 @@
# [wolfSSL Project]/CMakeLists.txt
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -17,7 +17,7 @@
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
# cmake for WOLFSSH Espressif projects
# cmake for WOLFSSH Espressif projects (echoserver)
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
@ -35,6 +35,13 @@ set(WOLFSSL_USER_SETTINGS ON)
# Assume we have a ESP_ENABLE_WOLFSSH section in user_settings.h
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DESP_ENABLE_WOLFSSH")
# Managed wolfSSL Components prior to 5.7.4 need a manual setting for WOLFSSL_WOLFSSH
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_WOLFSSH")
# Optional:
# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_TERM")
# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DDEBUG_WOLFSSH")
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
#
@ -54,28 +61,28 @@ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DESP_ENABLE_WOLFSSH")
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
message(STATUS "Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
message(STATUS "Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
message(STATUS "Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
@ -83,7 +90,7 @@ endif()
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()
@ -116,7 +123,7 @@ endif()
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()

4
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/README.md
View File

@ -11,13 +11,15 @@ To connect:
ssh -p 22222 jack@192.168.1.32
```
The default password for `jack` is 'fetchapail`.
### Prerequisites
It is assumed the [ESP-IDF environment](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/) has been installed.
### Files Included
- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) .
- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) .
- See [components/wolfssl/include](./components/wolfssl/include/user_settings.h) directory to edit the wolfSSL `user_settings.h`.

331
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssh/CMakeLists.txt
View File

@ -1,6 +1,6 @@
# [wolfSSL Project]/components/wolfssh/CMakeLists.txt
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -17,7 +17,7 @@
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
# cmake for WOLFSSH Espressif projects v5.6.6 r1
# cmake for wolfssh Espressif projects v5.7.6 (template pr)
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
@ -25,6 +25,70 @@
cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_USER_SETTINGS")
set(VERBOSE_COMPONENT_MESSAGES 1)
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
message(STATUS "CMAKE_CURRENT_LIST_DIR = ${CMAKE_CURRENT_LIST_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_LIST_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
# The root of the project is two directories up from here. (we are typically in [project name]components/mywolfssh)
get_filename_component(PROJECT_ROOT "${THIS_DIR}" DIRECTORY) # Up one directory from here is "components"
get_filename_component(PROJECT_ROOT "${PROJECT_ROOT}" DIRECTORY) # up one more directory should be the root of our project
message(STATUS "PROJECT_ROOT = ${PROJECT_ROOT}")
# in case wolfssl user_settings.h is missing, we'll look for one in the ESP32/lib directory:
get_filename_component(LIB_USER_SETTINGS "${PROJECT_ROOT}/../lib/user_settings.h" ABSOLUTE)
message(STATUS "wolfssl user_settings.h lib = ${LIB_USER_SETTINGS}")
get_filename_component(THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH "${PROJECT_ROOT}/components/wolfssl/include" ABSOLUTE)
message(STATUS "wolfssl user_settings.h path = ${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSH_ROOT "c:/some/workspace/wolfssh" )
if ( "${WOLFSSH_ROOT}" STREQUAL "")
set(WOLFSSH_ROOT "$ENV{WOLFSSH_ROOT}" )
endif()
# Optional compiler definitions to help with system name detection (typically printed by app diagnostics)
if( VERBOSE_COMPONENT_MESSAGES )
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message(STATUS "Detected UNIX")
endif()
if(APPLE)
message(STATUS "Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message(STATUS "Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# find the user name to search for possible "wolfssh-username"
# find the user name to search for possible "wolfssh-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
@ -44,7 +108,7 @@ message(STATUS "THIS_USER = ${THIS_USER}")
#
# When editing component CMake files, consider the following :
#
# NO Managed Componenets: Normal stand-alone app, "as cloned" from github.
# NO Managed Components: Normal stand-alone app, "as cloned" from github.
# There's no notion of staging names (e.g. mywolfssh) regardless of environment settings.
# All of the component source is locall. See settings such s WOLFSSL_ROOT=[your path]
#
@ -59,12 +123,12 @@ message(STATUS "THIS_USER = ${THIS_USER}")
# A partially managed component may also be manually created, when adding a managed component to
# and existing project. For example:
#
# idf.py add-dependency "wolfssl/wolfssh^1.4.15-stable"
# idf.py add-dependency "wolfssl/wolfssh^1.4.18"
#
# Fully Managaged Componenets. This is the typical example as created from the Component Registry:
# Fully Managed Components. This is the typical example as created from the Component Registry:
# For example:
#
# idf.py create-project-from-example "wolfssl/wolfssh^1.4.15-stable:wolfssh_server"
# idf.py create-project-from-example "wolfssl/wolfssh^1.4.18"
#
# In all cases, keep in mind that components other than wolfssl will depend on the wolfssl component.
#
@ -108,7 +172,7 @@ endif()
set(COMPONENT_REQUIRES lwip "${WOLFSSL_COMPONENT_NAME}")
# function: IS_WOLFSSH_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# parameter: DIRECTORY_PARAMETER = the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssh directory, otherwise blank.
function(IS_WOLFSSH_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfssh/ssh.h")
@ -132,9 +196,29 @@ endfunction()
#
function(FIND_WOLFSSH_DIRECTORY OUTPUT_FOUND_WOLFSSH_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSH_DIRECTORY")
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSH_ROOT environment variable is not set. Searching...")
message(STATUS "OUTPUT_FOUND_WOLFSSH_DIRECTORY = ${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}}")
IS_WOLFSSH_SOURCE("${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}}" FOUND_WOLFSSH)
if( FOUND_WOLFSSH )
set(${OUTPUT_FOUND_WOLFSSH_DIRECTORY} ${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}} PARENT_SCOPE)
return()
endif()
message(STATUS "")
if ( "${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}}" STREQUAL "" )
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSH_ROOT environment variable is not set. Searching...")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}" ABSOLUTE)
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSH)
if( FOUND_WOLFSSH )
message(STATUS "Found WOLFSSH_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSH_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSH_ROOT}")
endif()
endif()
else()
# There's a non-blank WOLFSSH_ROOT environment variable. Is it a valid wolfssh directory?
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}" ABSOLUTE)
@ -143,11 +227,11 @@ function(FIND_WOLFSSH_DIRECTORY OUTPUT_FOUND_WOLFSSH_DIRECTORY)
message(STATUS "Found WOLFSSH_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSH_ROOT Environment Variable defined, but path not found: $ENV{WOLFSSH_ROOT}")
message(STATUS "Exit CMake")
#message(STATUS "Exit CMake")
endif()
endif()
# we'll start in the THIS_CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/WOLFSSH
# we'll start in the THIS_CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssh
message(STATUS "THIS_CMAKE_CURRENT_SOURCE_DIR = ${THIS_CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${THIS_CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
@ -156,7 +240,7 @@ function(FIND_WOLFSSH_DIRECTORY OUTPUT_FOUND_WOLFSSH_DIRECTORY)
# loop through all the parents, looking for wolfssh
while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# wolfssh may simply be in a parent directory, such as for local examples in WOLFSSH repo
# wolfssh may simply be in a parent directory, such as for local examples in wolfssh repo
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSH)
if( FOUND_WOLFSSH )
message(STATUS "Found wolfssh in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
@ -178,7 +262,7 @@ function(FIND_WOLFSSH_DIRECTORY OUTPUT_FOUND_WOLFSSH_DIRECTORY)
endif()
endif()
# Next check for no user suffix "WOLFSSH" subdirectory as we recurse up the directory tree
# Next check for no user suffix "wolfssh" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssh)
# if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSH )
@ -206,18 +290,18 @@ endfunction()
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of WOLFSSH in top-level project CMakelists.txt:
# set the root of wolfssh in top-level project CMakelists.txt:
# set(WOLFSSH_ROOT "C:/some path/with/spaces")
# set(WOLFSSH_ROOT "c:/workspace/WOLFSSH-[username]")
# set(WOLFSSH_ROOT "c:/workspace/wolfssh-[username]")
# set(WOLFSSH_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSH_ROOT,
# or assume this is an example 7 subdirectories below:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/WOLFSSH_test/components/WOLFSSH
# The root of WOLFSSH is 7 directories up from here:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssh_test/components/wolfssh
# The root of wolfssh is 7 directories up from here:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "WOLFSSH component CMAKE_BUILD_EARLY_EXPANSION:")
message(STATUS "wolfssh component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES
@ -233,23 +317,117 @@ else()
message(STATUS "************************************************************************************************")
FIND_WOLFSSH_DIRECTORY(WOLFSSH_ROOT)
set(WOLFSSH_ROOT "${WOLFSSH_ROOT}" CACHE STRING "WOLFSSH_ROOT")
if(WOLFSSH_ROOT)
message(STATUS "Found wolfssh directory at: ${WOLFSSH_ROOT}")
else()
message(STATUS "wolfssh directory not found.")
# Abort. We need wolfmqtt _somewhere_.
message(FATAL_ERROR "Could not find wolfssh in ${WOLFSSH_ROOT}.\n"
"Try setting WOLFSSH_ROOT environment variable or git clone.")
# Check to see if we're already in wolfssh, and only if WOLFSSH_ROOT not specified
if ("${WOLFSSH_ROOT}" STREQUAL "")
# wolfssh examples are 7 directories deep from wolfssh repo root
# 1 2 3 4 5 6 7
set(THIS_RELATIVE_PATH "../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
# we're already in wolfssh examples!
get_filename_component(WOLFSSH_ROOT "${THIS_SEARCH_PATH}" ABSOLUTE)
message(STATUS "Using wolfssh example with root ${WOLFSSH_ROOT}")
else()
# We're in some other repo such as wolfssh, so we'll search for an
# adjacent-level directory for wolfssh. (8 directories up, then down one)
#
# For example wolfssh examples:
# C:\workspace\wolfssh-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssh
#
# For example wolfSSH examples:
# C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\WOLFSSH
#
# 1 2 3 4 5 6 7 8
set(THIS_RELATIVE_PATH "../../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching next in path = ${THIS_SEARCH_PATH}")
endif()
endif()
# search other possible locations
if ("${WOLFSSH_ROOT}" STREQUAL "")
# there's not a hard-coded WOLFSSH_ROOT value above, so let's see if we can find it.
if( "$ENV{WOLFSSH_ROOT}" STREQUAL "" )
message(STATUS "Environment Variable WOLFSSH_ROOT not set. Will search common locations.")
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
# find the user name to search for possible "wolfssh-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
message(STATUS "could not find USER or USERNAME")
else()
# the bash user is not blank, so we'll use it.
set(THIS_USER "$ENV{USERNAME}")
endif()
else()
# the bash user is not blank, so we'll use it.
set(THIS_USER "$ENV{USER}")
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# This same makefile is used for both the wolfssh component, and other
# components that may depend on wolfssh, such as wolfssh. Therefore
# we need to determine if this makefile is in the wolfssh repo, or
# some other repo.
if( "{THIS_USER}" STREQUAL "" )
# This is highly unusual to not find a user name.
# In this case, we'll just search for a "wolfssh" directory:
message(STATUS "No username found!")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/wolfssh" ABSOLUTE)
else()
# We found an environment USER name!
# The first place to look for wolfssh will be in a user-clone called "wolfssh-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssh-${THIS_USER} directory.")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/wolfssh-${THIS_USER}" ABSOLUTE)
if( EXISTS "${WOLFSSH_ROOT}" )
message(STATUS "Found wolfssh in user-suffix ${WOLFSSH_ROOT}")
else()
# If there's not a user-clone called "wolfssh-[username]",
# perhaps there's simply a git clone called "wolfssh"?
message(STATUS "Did not find wolfssh-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/wolfssh" ABSOLUTE)
if( EXISTS "${WOLFSSH_ROOT}" )
message(STATUS "Found wolfssh in standard ${WOLFSSH_ROOT}")
else()
# Things are looking pretty bleak. We'll likely not be able to compile.
message(STATUS "Did not find wolfssh in ${WOLFSSH_ROOT}")
endif()
endif()
endif()
else()
# there's an environment variable, so use it.
set(WOLFSSH_ROOT "$ENV{WOLFSSH_ROOT}")
if( EXISTS "${WOLFSSH_ROOT}" )
get_filename_component(WOLFSSH_ROOT "$ENV{WOLFSSH_ROOT}" ABSOLUTE)
message(STATUS "Found WOLFSSH_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSH_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSH_ROOT}")
endif()
endif()
# end of search for WOLFSSH component root
else()
# There's already a value assigned; we won't search for anything else.
message(STATUS "Found user-specified WOLFSSH_ROOT value.")
endif() # WOLFSSH_ROOT user defined
# After all the logic above, does our WOLFSSH_ROOT actually exist?
if( EXISTS "${WOLFSSH_ROOT}" )
message(STATUS "WOLFSSH_ROOT = ${WOLFSSH_ROOT}")
else()
# Abort. We need WOLFSSH _somewhere_.
message(FATAL_ERROR "Could not find WOLFSSH in ${WOLFSSH_ROOT}. Try setting environment variable or git clone.")
# Abort. We need wolfssh _somewhere_.
message(FATAL_ERROR "Could not find wolfssh in ${WOLFSSH_ROOT}. Try setting environment variable or git clone.")
endif()
@ -270,86 +448,97 @@ else()
message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
#
# Check to see if there's both a local copy and EDP-IDF copy of the WOLFSSH and/or wolfssh components.
# Check to see if there's both a local copy and EDP-IDF copy of the wolfssh and/or wolfssh components.
#
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/WOLFSSH/" )
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssh/" )
#
# WOLFSSH found in both ESP-IDF and local project - needs to be resolved by user
# wolfssh found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(STATUS "Error: Found components/WOLFSSH in both local project and IDF_PATH")
message(STATUS "Error: Found components/wolfssh in both local project and IDF_PATH")
message(STATUS "")
message(STATUS "To proceed: ")
message(STATUS "")
message(STATUS "Remove either the local project component: ${WOLFSSH_PROJECT_DIR} ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/WOLFSSH/ ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssh/ ")
message(STATUS "")
message(FATAL_ERROR "Please use WOLFSSH in either local project or Espressif components, but not both.")
message(FATAL_ERROR "Please use wolfssh in either local project or Espressif components, but not both.")
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(STATUS "Please use wolfSSL in either local project or Espressif components, but not both.")
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_MULTI_INSTALL_WARNING")
else()
if( EXISTS "$ENV{IDF_PATH}/components/WOLFSSH/" )
if( EXISTS "$ENV{IDF_PATH}/components/wolfssh/" )
#
# WOLFSSH found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
# wolfssh found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
#
message(STATUS "")
message(STATUS "Using components/WOLFSSH in IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "Using components/wolfssh in IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "")
else()
#
# WOLFSSH is not an ESP-IDF component.
# We need to now determine if it is local and if so if it is part of the WOLFSSH repo,
# or if WOLFSSH is simply installed as a local component.
# wolfssh is not an ESP-IDF component.
# We need to now determine if it is local and if so if it is part of the wolfssh repo,
# or if wolfssh is simply installed as a local component.
#
message(STATUS "Looking at WOLFSSH_PROJECT_DIR = '${WOLFSSH_PROJECT_DIR}'")
if( EXISTS "${WOLFSSH_PROJECT_DIR}" )
#
# WOLFSSH found in local project.
# wolfssh found in local project.
#
if( EXISTS "${WOLFSSH_PROJECT_DIR}/wolfcrypt/" )
if( EXISTS "${WOLFSSH_PROJECT_DIR}/wolfssh/" )
message(STATUS "")
message(STATUS "Using installed project ./components/WOLFSSH in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "Using installed project ./components/wolfssh in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "")
#
# Note we already checked above and confirmed there's not another WOLFSSH installed in the ESP-IDF components.
# Note we already checked above and confirmed there's not another wolfssh installed in the ESP-IDF components.
#
# We won't do anything else here, as it will be assumed the original install completed successfully.
#
else() # full WOLFSSH not installed in local project
else() # full wolfssh not installed in local project
#
# This is the developer repo mode. WOLFSSH will be assumed to be not installed to ESP-IDF nor local project
# In this configuration, we are likely running a WOLFSSH example found directly in the repo.
# This is the developer repo mode. wolfssh will be assumed to be not installed to ESP-IDF nor local project
# In this configuration, we are likely running a wolfssh example found directly in the repo.
#
message(STATUS "")
message(STATUS "Using developer repo ./components/WOLFSSH in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "Using developer repo ./components/wolfssh in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "")
message(STATUS "************************************************************************************************")
# When in developer mode, we are typically running WOLFSSH examples such as benchmark or test directories.
# However, the as-cloned or distributed WOLFSSH does not have the ./include/ directory, so we'll add it as needed.
# When in developer mode, we are typically running wolfssh examples such as benchmark or test directories.
# However, the as-cloned or distributed wolfssh does not have the ./include/ directory, so we'll add it as needed.
#
# first check if there's a [root]/include/user_settings.h
if( EXISTS "${WOLFSSH_ROOT}/include/user_settings.h" )
message(FATAL_ERROR "Found stray WOLFSSH user_settings.h in "
message(FATAL_ERROR "Found stray wolfssh user_settings.h in "
"${WOLFSSH_ROOT}/include/user_settings.h "
" (please move it to ${WOLFSSH_PROJECT_DIR}/include/user_settings.h )")
" (please move it to ${WOLFSSH_PROJECT_DIR}/components/wolfssl/include/user_settings.h )")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSH_PROJECT_DIR}/include/user_settings.h" )
message(STATUS "Using existing WOLFSSH user_settings.h in "
"${WOLFSSH_PROJECT_DIR}/include/user_settings.h")
if( EXISTS "${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}/user_settings.h" )
message(STATUS "Using existing wolfssh user_settings.h in "
"${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
else()
message(STATUS "Installing WOLFSSH user_settings.h to "
"${WOLFSSH_PROJECT_DIR}/include/user_settings.h")
# file(COPY "${WOLFSSH_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
# DESTINATION "${CMAKE_HOME_DIRECTORY}/WOLFSSH/include/")
if(EXISTS "${LIB_USER_SETTINGS}" )
message(STATUS "Installing wolfssh user_settings.h to "
"${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
file(COPY "${LIB_USER_SETTINGS}"
DESTINATION "${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
if( EXISTS "${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}/user_settings.h" )
message(STATUS "Confirmed wolfssl user_settings.h in ${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
else()
message(ERROR "ERROR: Failed to copy wolfssl user_settings.h from ${LIB_USER_SETTINGS} to ${LIB_USER_SETTINGS}")
endif()
else()
message(ERROR "wolfssl user_settings.h not in project, and not found in ${LIB_USER_SETTINGS}")
endif()
endif()
endif() # user_settings.h
@ -358,19 +547,19 @@ else()
endif()
else()
# we did not find a ./components/WOLFSSH/include/ directory from this pass of cmake.
# we did not find a ./components/wolfssh/include/ directory from this pass of cmake.
if($WOLFSSH_FOUND_IDF)
message(STATUS "")
message(STATUS "WARNING: WOLFSSH not found.")
message(STATUS "WARNING: wolfssh not found.")
message(STATUS "")
else()
# probably needs to be re-parsed by Espressif
message(STATUS "WOLFSSH found IDF. Project Source:${PROJECT_SOURCE_DIR}")
message(STATUS "wolfssh found IDF. Project Source:${PROJECT_SOURCE_DIR}")
endif() # else we have not found ESP-IDF yet
endif() # else not a local WOLFSSH component
endif() # else not a local wolfssh component
endif() #else not an ESP-IDF component
endif() # else not local copy and EDP-IDF WOLFSSH
endif() # else not local copy and EDP-IDF wolfssh
# RTOS_IDF_PATH is typically:
@ -459,17 +648,17 @@ else()
message(STATUS "")
endif()
# target_sources(WOLFSSH PRIVATE "\"${WOLFSSH_ROOT}/WOLFSSH/\"" "\"${WOLFSSH_ROOT}/WOLFSSH/wolfcrypt\"")
# target_sources(wolfssh PRIVATE "\"${WOLFSSH_ROOT}/wolfssh/\"" "\"${WOLFSSH_ROOT}/wolfssh/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION
# check to see if there's both a local copy and EDP-IDF copy of the WOLFSSH components
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/WOLFSSH/" )
# check to see if there's both a local copy and EDP-IDF copy of the wolfssh components
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssh/" )
message(STATUS "")
message(STATUS "")
message(STATUS "********************************************************************")
message(STATUS "WARNING: Found components/WOLFSSH in both local project and IDF_PATH")
message(STATUS "WARNING: Found components/wolfssh in both local project and IDF_PATH")
message(STATUS "********************************************************************")
message(STATUS "")
endif()
@ -539,6 +728,6 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
LIBWOLFSSH_SAVE_INFO(LIBWOLFSSH_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "WOLFSSH component config complete!")
message(STATUS "wolfssh component config complete!")
message(STATUS "************************************************************************************************")
endif()

3
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssh/README.md 100644
View File

@ -0,0 +1,3 @@
# wolfSSH Component
All related settings are in the wolfSSL component.

721
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -18,30 +18,195 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.7.0 template update + THIS_IDF_PATH
# Version 5.8.0 Espressif ESP-IDF + PlatformIO integration (2)
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
message(STATUS "Begin wolfssl ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
cmake_minimum_required(VERSION 3.16)
set(VERBOSE_COMPONENT_MESSAGES 1)
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
# set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSL_ROOT "c:/test/my_wolfssl" )
# set(WOLFSSL_ROOT "c:/workspace/my_wolfssl" )
if ( "${WOLFSSL_ROOT}" STREQUAL "")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
endif()
set(VERBOSE_COMPONENT_MESSAGES 1)
# Optional requires include:
# set(THIS_ESP_TLS "esp-tls")
set(THIS_ESP_TLS "")
# LIBWOLFSSL_CMAKE_OUTPUT can be printed at runtime
set(LIBWOLFSSL_CMAKE_OUTPUT "")
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "Skipping libwolfssl_output.h update during CMAKE_BUILD_EARLY_EXPANSION")
else()
# Initialize a new libwolfssl_output.h in the cmake build directory.
if( EXISTS "${CMAKE_BINARY_DIR}/libwolfssl_output.h")
# The next WRITE replaces a file.
# This is here to remove any ambiguity on file removal & generation.
file(REMOVE "${CMAKE_BINARY_DIR}/libwolfssl_output.h")
endif()
file(WRITE "${CMAKE_BINARY_DIR}/libwolfssl_output.h"
"/* libwolfssl_output.h generated by wolfssl component */\n"
"#ifndef _LIBWOLFSSL_OUTPUT_H_\n"
"\n"
"#define _LIBWOLFSSL_OUTPUT_H_\n\n")
endif()
# Append messages with:
# LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_CMAKE_OUTPUT "${LIBWOLFSSL_CMAKE_OUTPUT}\n"message" "0")
# See function: APPEND_LIBWOLFSSL_CMAKE_OUTPUT
# function: IS_ESP_IDF_COMPONENT
# output: RESULT = 1 (true) if this component is located in the ESP-IDF components
# otherwise 0 (false)
function( IS_ESP_IDF_COMPONENT
RESULT)
# NOTE: Component location is based on the location of the CMakeList.txt
# and *not* the location of the wolfSSL source code. (which may be anywhere)
# Normalize the paths to remove any trailing slashes
get_filename_component(NORMALIZED_IDF_PATH "${IDF_PATH}" REALPATH)
get_filename_component(NORMALIZED_TEST_PATH "${COMPONENT_DIR}" REALPATH)
# Check if the test path starts with the IDF_PATH
string(FIND "${NORMALIZED_TEST_PATH}" "${NORMALIZED_IDF_PATH}" pos)
if(${pos} EQUAL 0)
message(STATUS "${COMPONENT_DIR} is within IDF_PATH.")
set(${RESULT} 1 PARENT_SCOPE)
else()
message(STATUS "${COMPONENT_DIR} is not within IDF_PATH.")
set(${RESULT} 0 PARENT_SCOPE)
endif()
endfunction()
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUTPUT THIS_VAR VAR_RESULT)
#
# Save the THIS_VAR as a string in a macro called VAR_OUTPUT
#
# VAR_OUTPUT: the name of the macro to define
# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
#
function ( LIBWOLFSSL_SAVE_INFO VAR_OUTPUT THIS_VAR VAR_RESULT )
# is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
# if we had a successful operation, save the THIS_VAR in VAR_OUTPUT
if(${IS_VALID_VALUE})
if(0)
# Optional debug
message(STATUS "Looking for LF in ${THIS_VAR}")
endif()
# Check if the text to print in THIS_VAR is multi-line
string(REPLACE "\n" ";" LINES "${THIS_VAR}")
list(LENGTH LINES LINE_COUNT)
# Save var to "libwolfssl_output.h" header if multi-line, otherwise a simple compile def
if(LINE_COUNT GREATER 1)
message(STATUS "Setting HAVE_LIBWOLFSSL_OUTPUT_HEADER=1 for ${VAR_OUTPUT}")
add_compile_definitions(HAVE_LIBWOLFSSL_OUTPUT_HEADER=1)
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "#undef ${VAR_OUTPUT}\n")
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "#define ${VAR_OUTPUT} \\\n")
# Split into lines
string(REPLACE "\n" ";" LINES "${THIS_VAR}")
foreach(LINE IN LISTS LINES)
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "\"${LINE}\\n\" \\\n")
endforeach()
# Final empty line to close the macro
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "\n")
message(STATUS "COMPONENT_LIB=${COMPONENT_LIB}")
target_include_directories(${COMPONENT_LIB} PRIVATE "${CMAKE_BINARY_DIR}")
else()
message(STATUS "No HAS_LIBWOLFSSL_OUTPUT_HEADER")
# We should not have any, but just to be sure:
# Strip newline chars in THIS_VAR parameter and save in VAR_VALUE
string(REPLACE "\n" "" VAR_VALUE "${THIS_VAR}")
# we'll could percolate the value to the parent for possible later use
# set(${VAR_OUTPUT} ${VAR_VALUE} PARENT_SCOPE)
# but we're only using it here in this function
set(${VAR_OUTPUT} ${VAR_VALUE})
# we'll print what we found to the console
message(STATUS "Found ${VAR_OUTPUT}=${VAR_VALUE}")
# the interesting part is defining the VAR_OUTPUT name a value to use in the app
add_compile_definitions(${VAR_OUTPUT}=\"${VAR_VALUE}\")
endif()
else()
# if we get here, check the execute_process command and parameters.
message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
set(${VAR_OUTPUT} "Unknown")
endif()
endfunction() # LIBWOLFSSL_SAVE_INFO
#
# APPEND_LIBWOLFSSL_CMAKE_OUTPUT(THIS_MESSAGE OUTPUT_VALUE)
#
# Append the text in THIS_MESSAGE to LIBWOLFSSL_CMAKE_OUTPUT.
# String is available at runtime in app
#
function( APPEND_LIBWOLFSSL_CMAKE_OUTPUT
THIS_MESSAGE )
# Normally, we'd simply print a message:
message(STATUS "${THIS_MESSAGE}")
# But here we'll pass the entire LIBWOLFSSL_CMAKE_OUTPUT as a string definition to the app
set(LIBWOLFSSL_CMAKE_OUTPUT "${LIBWOLFSSL_CMAKE_OUTPUT}\n${THIS_MESSAGE}" PARENT_SCOPE)
# We don't call LIBWOLFSSL_SAVE_INFO here as it would add duplicate definitions
# See single instance at the end of this file.
endfunction()
# Determine if this cmake file is located in the ESP-IDF component directory or not,
# and if so, if it is being ignored (allowing the use of a local project one, instead).
IS_ESP_IDF_COMPONENT( IS_WOLSSL_ESP_IDF_COMPONENT )
if( IS_WOLSSL_ESP_IDF_COMPONENT )
message(STATUS "This wolfSSL is a component in ESP-IDF.")
if ( CONFIG_IGNORE_ESP_IDF_WOLFSSL_COMPONENT )
idf_component_register()
message(STATUS "Warning: wolfSSL component in ESP-IDF is being ignored.")
return()
endif()
endif()
if( "${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}" STREQUAL "" )
# nothing to do
else()
# Only forward slashes, or double backslashes are supported.
# By the time we get here the sdkconfig file has a value for wolfSSL source code root.
string(REPLACE "\\" "/" CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
message(STATUS "Cleaned wolfssl path: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
endif()
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
@ -51,28 +216,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
message(STATUS "Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
message(STATUS "Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
message(STATUS "Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
@ -105,10 +270,11 @@ if( ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark") OR ("${CMAKE_PROJECT_
message(STATUS "Not including lwip for ${CMAKE_PROJECT_NAME}")
else()
# benchmark and test do not need wifi, everything else probably does:
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
set(COMPONENT_REQUIRES lwip "${THIS_ESP_TLS}") # we typically don't need lwip directly in wolfssl component
endif()
# find the user name to search for possible "wolfssl-username"
# Find the user name to search for possible "wolfssl-username"
# Reminder: Windows is %USERNAME%, Linux is $USER
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
@ -123,6 +289,32 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# ENVIRONMENT_VAR_TO_MACRO
# Check environment variable name EVARPARAM as [name]
# If defined, and has a value of EVARVALUE as [value],
# then assign a compiler definition "-D[name]=[value]"
function( ENVIRONMENT_VAR_TO_MACRO
EVARPARAM # Environment variable parameter name
EVARVALUE) # Environment variable value
# If the EVARPARAM environment variable name is set to EVARVALUE,
# set the compiler flag definition to enable CSV output.
if ( "$ENV{${EVARPARAM}}" STREQUAL "${EVARVALUE}")
message(STATUS "Appending compile definition: -D${EVARPARAM}=${EVARVALUE}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D${EVARPARAM}=${EVARVALUE}")
else()
if(DEFINED ENV{${EVARPARAM}})
message(STATUS "Environment variable ${EVARPARAM} detected but set to $ENV{${EVARPARAM}}, not appending compile definition.")
else()
message(STATUS "Environment variable ${EVARPARAM} not detected, not appending compile definition.")
endif()
endif()
endfunction()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -141,7 +333,9 @@ message(STATUS "THIS_USER = ${THIS_USER}")
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
function( IS_WOLFSSL_SOURCE
DIRECTORY_PARAMETER
RESULT )
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
@ -156,30 +350,61 @@ endfunction()
# Example usage:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
# *********************************************************************************************
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
function( FIND_WOLFSSL_DIRECTORY
OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if ( "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" STREQUAL "" )
# The parameter is empty, so we certainly need to search.
# First, see if there's an environment variable. This takes highest priority (unless already found as hard-coded, above)
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
# Next, if not found, see if wolfSSL was selected for ESP-TLS Kconfig
if(CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT)
set(CURRENT_SEARCH_DIR ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
message(STATUS "WOLFSSL_ROOT found in sdkconfig/KConfig: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
message(STATUS "wolfSSL not defined in [Component Config] [wolfssl]. Continuing search...")
# If not specified as a search hint in OUTPUT_FOUND_WOLFSSL_DIRECTORY:
# This wolfSSL component CMakeLists.txt may be found EITHER in:
# 1) local project component
# 2) ESP-IDF share components
# We'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
# That option might find wolfSSL source code as a copy in the component directory (e.g. Managed Components)
# Unless cmake is in the ESP-IDF, in which case it is unlikely to find wolfSSL source in any parent.
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
endif() # CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT
endif() # check environment var blank
else()
get_filename_component(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" ABSOLUTE)
message(STATUS "Parameter found for FIND_WOLFSSL_DIRECTORY")
message(STATUS "Setting wolfSSL search directory to: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
set(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif() # parameter empty
# Check to see if we found a path in environment or config settings, above.
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "Source for wolfSSL not specified in path nor config settings.")
# We'll continue the search by recursing up the directory tree, below.
else()
# Setting found! Does it contain a valid path?
string(REPLACE "\\" "/" CURRENT_SEARCH_DIR ${CURRENT_SEARCH_DIR})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via prior specification.")
message(STATUS "Found wolfSSL source code via setting: ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
else()
message(FATAL_ERROR "WOLFSSL_ROOT Variable defined, but path not found: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if(WIN32)
message(STATUS "When specifying a path for Windows, use forward slahes, or double backslashes.")
endif()
message(STATUS "CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT sdkconfig setting = ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
message(STATUS "WOLFSSL_ROOT Variable defined, but source code not found: ${CURRENT_SEARCH_DIR}")
endif()
endif()
@ -280,6 +505,11 @@ endfunction()
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check for environment variable that may be assigned to macros
ENVIRONMENT_VAR_TO_MACRO("GENERATE_MACHINE_PARSEABLE_REPORT" "1")
ENVIRONMENT_VAR_TO_MACRO("WOLFSSL_BENCHMARK_FIXED_CSV" "1")
# Optional variable inspection
if (0)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
@ -296,15 +526,25 @@ endif()
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
# There's no esp_timer, no driver components for the ESP8266
message(STATUS "Early expansion EXCLUDES esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
message(STATUS "Early expansion EXCLUDES for esp8266:")
message(STATUS "THIS_INCLUDE_DRIVER: '${THIS_INCLUDE_DRIVER}'")
message(STATUS "THIS_INCLUDE_TIMER: '${THIS_INCLUDE_TIMER}'")
message(STATUS "Early expansion INCLUDE for esp8266:")
message(STATUS "THIS_INCLUDE_PTHREAD: '${THIS_INCLUDE_PTHREAD}'")
set(THIS_ESP_TLS "")
set(THIS_INCLUDE_DRIVER "")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_PTHREAD "pthread")
else()
message(STATUS "Early expansion includes esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion includes driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_ESP_TLS "esp-tls")
set(THIS_INCLUDE_DRIVER "driver")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_PTHREAD "")
# Let the app know that we've included the esp-tls component requirement.
# This is critical for use the the esp-tls component. See wolfssl esp_crt_bundle.c file.
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_REQUIRED_ESP_TLS=1")
endif()
if(CMAKE_BUILD_EARLY_EXPANSION)
@ -312,8 +552,10 @@ if(CMAKE_BUILD_EARLY_EXPANSION)
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
${THIS_INCLUDE_TIMER}
${THIS_INCLUDE_DRIVER} # this will typically only be needed for wolfSSL benchmark
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_PTHREAD}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
else()
@ -322,6 +564,15 @@ else()
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
if ( "${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
# There's no esp_timer, no driver components for the ESP8266
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
else()
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
endif()
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
@ -335,7 +586,9 @@ else()
# Abort CMake after fatal error.
endif()
else()
message(STATUS "Searching for wolfSL source code...")
message(STATUS "Source code for wolfSSL still not found.")
message(STATUS "Searching from project home: ${CMAKE_HOME_DIRECTORY} ...")
set(WOLFSSL_ROOT "${CMAKE_HOME_DIRECTORY}")
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
endif()
@ -343,11 +596,18 @@ else()
if(WOLFSSL_ROOT)
message(STATUS "Confirmed wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "Failed: wolfssl directory not found.")
# Try to allow a more intuitive error that the source code was not found in cmake:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_WARNING_SOURCE_NOT_FOUND")
message(STATUS "Failed: wolfssl source code directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
# Abort CMake after fatal error.
message(STATUS "")
message(STATUS "")
message(STATUS "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
message(STATUS "")
message(STATUS "")
# Abort CMake after fatal error. (or not?)
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
@ -373,22 +633,24 @@ else()
endif()
endif()
message(STATUS "WOLFSSL_EXTRA_PROJECT_DIR = ${WOLFSSL_EXTRA_PROJECT_DIR}")
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
# wolfSSL user_settings.h is in the local project.
# wolfSSL user_settings.h may be in the local project.
# TODO check if exists and possibly set to ESP-IDF
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
# add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h")
add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@ -421,8 +683,7 @@ else()
message(STATUS "**************************************************************************************")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
# Abort CMake after fatal error.
message(STATUS "Please use wolfSSL in either local project or Espressif components, but not both.")
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
@ -530,7 +791,9 @@ else()
# depending on the environment, we may need to swap backslashes with forward slashes
string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
if(WOLFSSL_ROOT)
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
endif()
if(IS_DIRECTORY "${RTOS_IDF_PATH}")
message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
@ -546,12 +809,16 @@ else()
message(STATUS "THIS_IDF_PATH = $THIS_IDF_PATH")
# wolfSSL-specific include directories
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of wolfssl user_settings.h
"./include" # this is the location of local project wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/port/Espressif\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
"${THIS_IDF_PATH}/components/esp_event/include"
"${THIS_IDF_PATH}/components/esp_netif/include"
"${THIS_IDF_PATH}/components/esp_wifi/include"
)
# Optionally include cryptoauthlib if present
@ -579,8 +846,8 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
@ -591,6 +858,7 @@ else()
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${WOLFSSL_ROOT}/examples\"" # Examples are distributed in Managed Components, but not part of a project.
"\"${EXCLUDE_ASM}\""
)
@ -612,15 +880,226 @@ else()
# see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
#
set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
if(WOLFSSL_ROOT)
# Only register the component if we found wolfSSL source.
# This is important to allow Cmake to finish to completion, otherwise the UI
# may not be able to display the Kconfig settings to fix a bad or missing source.
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
else()
# Register the component simply to allow CMake to complete, but there's no wolfSSL source.
# Expect many other errors, but the project should at least be loadable and UI can edit Kconfig settings.
idf_component_register()
message(STATUS "Warning: wolfSSL component not registered as no source code found (WOLFSSL_ROOT is blank)")
endif()
# function(WOLFSSL_INIT_CERT_BUNDLE)
if( CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
AND NOT CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
AND NOT ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
)
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("wolfSSL Certificate Bundles Enabled")
if (CMAKE_BUILD_EARLY_EXPANSION)
message(FATAL_ERROR "Bundle Cert initialization must occur during CMAKE_BUILD_EARLY_EXPANSION")
endif()
# reminder: we need a value for wolfSSL root first!
if( "${WOLFSSL_ROOT}" STREQUAL "" )
message(FATAL_ERROR "Certificate bundles need a value for WOLFSSL_ROOT")
endif()
# Cert bundle in wolfSSL source unless otherwise specified later
set(WOLFSSL_ESP_CRT_BUNDLE_DIR ${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle)
message(STATUS "WOLFSSL_ESP_CRT_BUNDLE_DIR=${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
if(DEFINED ENV{PLATFORMIO_PROJECT_DIR})
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Detected PlatformIO")
set(IS_PLATFORMIO 1)
else()
# Some environments may not have environment variable, so double check if we are in .pio
if("${CMAKE_BINARY_DIR}" MATCHES "/\\.pio/")
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Detected PlatformIO via CMAKE_BINARY_DIR")
set(IS_PLATFORMIO 1)
else()
set(IS_PLATFORMIO 0)
endif()
endif()
if(EXISTS "${WOLFSSL_ESP_CRT_BUNDLE_DIR}" OR IS_PLATFORMIO)
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Special processing for wolfSSL Certificate Bundles")
set(bundle_name "x509_crt_bundle_wolfssl")
# For now the certs are in the same directory
set(DEFAULT_CRT_DIR "${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
# Generate custom certificate bundle using the generate_cert_bundle utility
set(GENERATE_CERT_BUNDLEPY ${python} ${WOLFSSL_ESP_CRT_BUNDLE_DIR}/gen_crt_bundle.py)
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
elseif(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
list(APPEND args --filter ${DEFAULT_CRT_DIR}/cmn_crt_authorities.csv)
endif()
# Add deprecated root certs if enabled. This config is not visible if the default cert
# bundle is not selected
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_deprecated.pem)
endif()
if(CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE)
get_filename_component(custom_bundle_path
${CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH} ABSOLUTE BASE_DIR "${project_dir}")
list(APPEND crt_paths ${custom_bundle_path})
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Using a custom wolfSSL bundle path: ${custom_bundle_path}")
else()
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Not using a custom wolfSSL bundle path")
endif()
list(APPEND args --input ${crt_paths} -q)
message(STATUS "CMAKE_CURRENT_BINARY_DIR: ${CMAKE_CURRENT_BINARY_DIR}")
get_filename_component(crt_bundle
${bundle_name}
ABSOLUTE BASE_DIR "${CMAKE_CURRENT_BINARY_DIR}")
message(STATUS "Setting up bundle generate: ${GENERATE_CERT_BUNDLEPY} ${args}")
message(STATUS "Depends on custom bundle path: ${custom_bundle_path}")
message(STATUS "crt_bundle ${crt_bundle}")
message(STATUS "COMPONENT_LIB ${COMPONENT_LIB}")
message(STATUS "GENERATE_CERT_BUNDLEPY ${GENERATE_CERT_BUNDLEPY}")
message(STATUS "args ${args}")
message(STATUS "cert_bundle ${cert_bundle}")
if (IS_PLATFORMIO)
# PlatformIO cannot generate a Certificate Bundle at build time
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("PlatformIO is using a predefined bundle rather than generating one")
if ( "${WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}" STREQUAL "" OR "$(WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE)" STREQUAL "" OR "$(WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE)" STREQUAL "n")
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Alternate Certificate Bundle Path and Name not enabled, assuming [project]/certs/x509_crt_bundle_wolfssl")
# Reminder this CMakeLists.txt should be in [project]/components/wolfssl, so ./certs is two directories up
set(crt_bundle_option "../../certs/x509_crt_bundle_wolfssl")
else()
string(SUBSTRING "${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}" 0 2 CERT_PATH_FIRST_TWO)
if(CERT_PATH_FIRST_TWO STREQUAL "./" OR CERT_PATH_FIRST_TWO STREQUAL ".\\")
set(IS_CERT_BUNDLE_RELATIVE_PATH 1)
message(STATUS "Alternate Cert Path is relative to project.")
else()
set(IS_CERT_BUNDLE_RELATIVE_PATH 0)
message(STATUS "Alternate Cert Path is not relative to project.")
endif()
# The cert bundle is not a standard cert, so we con't add to the crt_paths.
# Still, we may have an alternate location, particulatly needed for PlatformIO:
if(IS_CERT_BUNDLE_RELATIVE_PATH)
message(STATUS "CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME = ${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
message(STATUS "Relative alternate_bundle_path: ${alternate_bundle_path}")
SET(crt_bundle_option "${CMAKE_SOURCE_DIR}/${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
else()
message(STATUS "alternate_bundle_path: ${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
message(STATUS "Not using an alternate wolfSSL bundle file.")
SET(crt_bundle_option "${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
endif()
endif()
# Clean the path, removing any extra "./" etc.
# Number of spaces in message strings is to align path value outputs
message(STATUS "This crt_bundle_option value: ${crt_bundle_option}")
if(${CMAKE_VERSION} VERSION_LESS "3.19")
message("WARNING: CMake version is ${CMAKE_VERSION} ? file(REAL_PATH ...) is not supported. Falling back to manual path normalization.")
# optional fallback logic here
get_filename_component(crt_bundle_file_component "${crt_bundle_option}" ABSOLUTE)
message(STATUS "Interim crt_bundle_file_component: ${crt_bundle_file_component}")
file(TO_CMAKE_PATH "${crt_bundle_file_component}" crt_bundle)
message(STATUS "TO_CMAKE_PATH crt_bundle result: ${crt_bundle}")
# set(crt_bundle "C:/workspace/pio_wolfssl-upstream-test-wolfssl_cert_bundle/esp32-c6/certs/x509_crt_bundle_wolfssl")
else()
file(REAL_PATH "${crt_bundle_option}" crt_bundle)
endif()
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Certificate Bundle: ${crt_bundle}")
message(STATUS "This cleaned crt_bundle value: ${crt_bundle}")
message(STATUS "=============================================================================================================")
message(STATUS "=============================================================================================================")
message(STATUS "Reminder: platformio.ini will need this value set for board_build.embed_files =")
message(STATUS "${crt_bundle}")
message(STATUS "=============================================================================================================")
message(STATUS "=============================================================================================================")
# e.g. SET(crt_bundle "C:/workspace/pio_wolfssl/esp32-c6/certs/x509_crt_bundle_wolfssl")
#
# Normally x509_crt_bundle_wolfssl built by python script called from cmake.
# See https://github.com/wolfSSL/wolfssl/blob/master/wolfcrypt/src/port/Espressif/esp_crt_bundle/gen_crt_bundle.py
# Reminder ESP-IDF scripts are NOT called from CMake for PlatformIO builds.
#
# The easiest way to generate the default file is to build with ESP-IDF and copy the files to [project]/main
#
# for example:
# build\VisualGDB\Debug\x509_crt_bundle_wolfssl.s
# build\VisualGDB\Debug\esp-idf\wolfssl\x509_crt_bundle_wolfssl
#
message(STATUS "Confirming cert bundle exists...")
if(EXISTS "${crt_bundle}")
# Number of spaces is to align path value outputs
message(STATUS "Bundle file found for PlatformIO: ${crt_bundle}")
else()
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("ERROR: Failed to find bundle file found for PlatformIO: ${crt_bundle}")
message(STATUS "Check for entry in platformio.ini: board_build.embed_files = certs/x509_crt_bundle_wolfssl ")
message(FATAL_ERROR "WOLFSSL_CERTIFICATE_BUNDLE is enabled for PlatformIO, but predefined file not found: ${crt_bundle}")
endif()
else()
# APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Generate bundle: ${GENERATE_CERT_BUNDLEPY} ${args}")
# Not PlatformIO
# Generate bundle according to config
# File is generated at build time, not cmake load
add_custom_command(OUTPUT ${crt_bundle}
COMMAND ${GENERATE_CERT_BUNDLEPY} ARGS ${args}
DEPENDS ${custom_bundle_path}
VERBATIM)
if(EXISTS "${crt_bundle}")
message(STATUS "Bundle file exists from prior build: ${crt_bundle}")
else()
message(STATUS "Bundle file expected during next build: ${crt_bundle}")
endif()
# Reminder the file is generated at build time, not cmake load time.
message(STATUS "wolfSSL Cert Bundle File to be created at build time in: ${crt_bundle}")
endif()
add_custom_target(custom_wolfssl_bundle DEPENDS ${crt_bundle})
# the wolfSSL certificate bundle is baked into wolfSSL
add_dependencies(${COMPONENT_LIB} custom_wolfssl_bundle)
# COMPONENT_LIB may vary: __idf_wolfssl, __idf_esp_wolfssl, etc
# target_add_binary_data(__idf_wolfssl ${crt_bundle} BINARY)
target_add_binary_data(${COMPONENT_LIB} ${crt_bundle} BINARY)
set_property(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
APPEND PROPERTY ADDITIONAL_CLEAN_FILES
"${crt_bundle}")
else()
if(IS_PLATFORMIO)
message(STATUS "WARNING: CONFIG_WOLFSSL_CERTIFICATE_BUNDLE enabled but cannot be generated in PlatformmIO")
else()
message(STATUS "WARNING: CONFIG_WOLFSSL_CERTIFICATE_BUNDLE enabled but directory not found: ${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
endif()
message(FATAL_ERROR "not detected")
endif()
endif()
# endfunction() # WOLFSSL_INIT_CERT_BUNDLE
# Some optional diagnostics. Verbose ones are truncated.
if (VERBOSE_COMPONENT_MESSAGES)
@ -652,6 +1131,12 @@ else()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
message(STATUS "DETECTED_PROJECT_NAME=${CMAKE_PROJECT_NAME}")
message(STATUS "COMPONENT_TARGET=${COMPONENT_TARGET}")
target_compile_definitions(${COMPONENT_TARGET} PRIVATE DETECTED_PROJECT_NAME="${CMAKE_PROJECT_NAME}")
if( "${CMAKE_PROJECT_NAME}" STREQUAL "esp_http_client_example" )
target_compile_definitions(${COMPONENT_TARGET} PRIVATE APP_ESP_HTTP_CLIENT_EXAMPLE="y")
endif()
endif() # CMAKE_BUILD_EARLY_EXPANSION
@ -669,71 +1154,97 @@ endif()
# end multiple component check
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
#
# Save the THIS_VAR as a string in a macro called VAR_OUPUT
#
# VAR_OUPUT: the name of the macro to define
# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
#
function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
# is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
# if we had a successful operation, save the THIS_VAR in VAR_OUPUT
if(${IS_VALID_VALUE})
# strip newline chars in THIS_VAR parameter and save in VAR_VALUE
string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
# we'll could percolate the value to the parent for possible later use
# set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
# but we're only using it here in this function
set(${VAR_OUPUT} ${VAR_VALUE})
# we'll print what we found to the console
message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
# the interesting part is defining the VAR_OUPUT name a value to use in the app
add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
else()
# if we get here, check the execute_process command and parameters.
message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
set(${VAR_OUPUT} "Unknown")
endif()
endfunction() # LIBWOLFSSL_SAVE_INFO
execute_process(
COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
OUTPUT_VARIABLE IS_GIT_REPO
OUTPUT_STRIP_TRAILING_WHITESPACE
ERROR_QUIET
)
# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
# see wolfcrypt\src\port\Espressif\esp32_utl.c
if(NOT CMAKE_BUILD_EARLY_EXPANSION)
if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
set (git_cmd "git")
message(STATUS "Adding macro definitions:")
# LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd}
"show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_WOLFSSL_ROOT "${WOLFSSL_ROOT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config complete!")
message(STATUS "************************************************************************************************")
endif()
# Ensure flag "-DWOLFSSL_ESPIDF" is already in CMAKE_C_FLAGS if not yet found from project
string(FIND "${CMAKE_C_FLAGS}" "-DWOLFSSL_ESPIDF" FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF)
if(FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF EQUAL -1)
# Flag not found, append it
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_ESPIDF")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
endif()
if(WOLFSSL_ROOT)
message(STATUS "Using wolfSSL in ${WOLFSSL_ROOT}")
# PlatformIO does not process script from from the Espressif cmake process.
# We need to know where wolfSSL source code was found, so save it in the
# PIO_WOLFSSL_ROOT environment variable to later be read by extra_script.py
set(ENV{PIO_WOLFSSL_ROOT} "${WOLFSSL_ROOT}")
message(STATUS "PIO_WOLFSSL_ROOT = $ENV{PIO_WOLFSSL_ROOT}")
message(STATUS "PLATFORMIO_BUILD_DIR = $ENV{PLATFORMIO_BUILD_DIR}")
# See esp-tls Kconfig; menu "ESP-TLS", ESP_TLS_LIBRARY_CHOOSE
if(CONFIG_ESP_TLS_USING_WOLFSSL)
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
message(STATUS "This version of wolfSSL is not supported on the ESP8266 esp-tls at this time. Check ESP-TLS config")
else()
message(STATUS "wolfSSL will be used for ESP-TLS")
endif()
else()
message(STATUS "WARNING: wolfSSL NOT selected for ESP-TLS. Features and performance will be limited.")
endif()
else()
message(STATUS "")
message(STATUS "Consider setting WOLFSSL_ROOT environment variable, use Kconfig setting, or set manually in this cmake file, above.")
message(STATUS "")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "ERROR: Could not find wolfSSL Source Code")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
endif()
# A single instance of potentially multiple cmake messages to send to app:
message(STATUS "LIBWOLFSSL_CMAKE_OUTPUT: ${LIBWOLFSSL_CMAKE_OUTPUT}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_CMAKE_OUTPUT "${LIBWOLFSSL_CMAKE_OUTPUT}" "0")
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h"
"\n"
"#endif\n" )
message(STATUS "************************************************************************************************")
message(STATUS "wolfSSL component config complete!")
message(STATUS "************************************************************************************************")

552
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssl/Kconfig 100644
View File

@ -0,0 +1,552 @@
# Kconfig template
#
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
# wolfSSH is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# wolfSSH is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
# Kconfig File Version 5.7.2.001 for esp-idf integration
# Kconfig Format Rules
#
# See:
# https://docs.espressif.com/projects/esp-idf/en/stable/esp32/api-reference/kconfig.html
#
# Format rules for Kconfig files are as follows:
#
# Option names in any menus should have consistent prefixes. The prefix
# currently should have at least 3 characters.
#
# The unit of indentation should be 4 spaces. All sub-items belonging to a
# parent item are indented by one level deeper. For example, menu is indented
# by 0 spaces, config menu by 4 spaces, help in config by 8 spaces, and the
# text under help by 12 spaces.
#
# No trailing spaces are allowed at the end of the lines.
#
# The maximum length of options is NOT 50 characters as documented.
# kconfcheck will complain that options should be 40 at most.
#
# Fix option lengths first. Superfluous errors on other lines may occur.
#
# The maximum length of lines is 120 characters.
#
# python -m kconfcheck <path_to_kconfig_file>
#
# ---------------------------------------------------------------------------------------------------------------------
# Begin main wolfSSL configuration menu
# ---------------------------------------------------------------------------------------------------------------------
# See ESP-IDF esp-tls component for config TLS_STACK_WOLFSSL
menu "wolfSSL"
menu "Hardening"
config ESP_WOLFSSL_WC_NO_HARDEN
bool "Disable wolfSSL hardening"
default n
help
Sets WC_NO_HARDEN
config ESP_WOLFSSL_TFM_TIMING_RESISTANT
bool "Enable TFM Timing Resistant Code"
default n
help
Sets TFM_TIMING_RESISTANT.
endmenu # Hardening
config ESP_WOLFSSL_ENABLE_BENCHMARK
bool "Enable wolfSSL Benchmark Library"
default n
help
Enables wolfcrypt/benchmark/benchmark.c code for benchmark metrics. Disables NO_CRYPT_BENCHMARK.
menu "Benchmark Debug"
config ESP_DEBUG_WOLFSSL_BENCHMARK_TIMING
bool "Enable benchmark timing debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Enable wolfssl debug for benchmark metric timing (CPU Cycles, RTOS ticks, etc).
config ESP_WOLFSSL_BENCHMARK_TIMER_DEBUG
bool "Enable benchmark timer debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Turn on timer debugging (used when CPU cycles not available)
endmenu # Benchmark Debug
# -----------------------------------------------------------------------------------------------------------------
# wolfCrypt Test
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ENABLE_TEST
bool "Enable wolfCrypt Test Library"
default n
help
Enables wolfcrypt/test/test.c code for testing. Disables NO_CRYPT_TEST.
menu "wolfCrypt tests"
config WOLFSSL_HAVE_WOLFCRYPT_TEST_OPTIONS
bool "Enable wolfCrypt Test Options"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables HAVE_WOLFCRYPT_TEST_OPTIONS
config TEST_ESPIDF_ALL_WOLFSSL
bool "Enable all features to use in tests"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables TEST_ESPIDF_ALL_WOLFSSL
endmenu # wolfCrypt tests
# -----------------------------------------------------------------------------------------------------------------
# Apple HomeKit Options
# -----------------------------------------------------------------------------------------------------------------
menu "Apple HomeKit"
config WOLFSSL_APPLE_HOMEKIT
bool "Enable Apple HomeKit options"
default n
help
Enables FP_MAX_BITS (8192 * 2), SRP, ChaCha, Poly1305, Base64 encoding needed for Apple HomeKit.
endmenu # Apple HomeKit
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_DISABLE_MY_ECC
bool "Disable ECC in my project"
default "n"
help
ECC is enabled by default. Select this option to disable.
config ESP_WOLFSSL_ENABLE_MY_USE_RSA
bool "Enable RSA in my project"
default "n"
help
RSA is disabled by default. Select this option to enable.
config ESP_WOLFSSL_BENCHMARK
bool "Enable wolfSSL Benchmark"
default n
help
Enables user settings relevant to benchmark code
config ESP_TLS_USING_WOLFSSL_SPECIFIED
bool "Use the specified wolfssl for ESP-TLS"
default Y
help
Includes wolfSSL from specified directory (not using esp-wolfssl).
config ESP_WOLFSSL_NO_USE_FAST_MATH
bool "Disable FAST_MATH library and all ESP32 Hardware Acceleration"
select ESP_WOLFSSL_NO_HW
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
menu "Protocol Config"
config WOLFSSL_HAVE_ALPN
bool "Enable ALPN (Application Layer Protocol Negotiation) in wolfSSL"
default y
config WOLFSSL_ALLOW_TLS13
bool "Allow TLS 1.3"
default y
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_ALLOW_TLS12
bool "Allow TLS 1.2"
default n
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_HAVE_TLS_EXTENSIONS
bool "Enable TLS Extensions"
default y
help
Sets HAVE_TLS_EXTENSIONS which is needed for TLS 1.3, SNI, ALPN, and more.
config WOLFSSL_ALT_CERT_CHAINS
bool "Enable Alternate Certificate Chains"
default n
help
The option relaxes the default strict wolfSSL certificate chain processing. This
will typically need to be enabled when loading only a CA file. Typically solves
the -188 ASN_NO_SIGNER_E error. Use with caution.
config WOLFSSL_HAVE_OCSP
bool "Enable OCSP (Online Certificate Status Protocol) in wolfSSL"
default n
help
Sets HAVE_OCSP
endmenu # Protocol Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config TLS_STACK_WOLFSSL
# Invisible option that locks TLS_STACK_WOLFSSL to ESP_TLS_USING_WOLFSSL
bool
default n
select FREERTOS_ENABLE_BACKWARD_COMPATIBILITY
help
Includes wolfSSL in ESP-TLS so that it can be compiled with wolfSSL as its SSL/TLS library.
Enabled when wolfSSL is selected in ESP_TLS_LIBRARY_CHOOSE.
menu "wolfSSL ESP-TLS"
depends on ESP_TLS_USING_WOLFSSL
menu "Certificate Bundle"
depends on ESP_TLS_USING_WOLFSSL
config WOLFSSL_CERTIFICATE_BUNDLE
bool "Enable trusted root certificate bundle"
default y if ESP_TLS_USING_WOLFSSL
default n
depends on ESP_TLS_USING_WOLFSSL
help
Enable support for large number of default root certificates
When enabled this option allows user to store default as well
as customer specific root certificates in compressed format rather
than storing full certificate. For the root certificates the public key and the subject name
will be stored.
config WOLFSSL_NO_ASN_STRICT
bool "Relax Certificate ASN Strict Checks"
default n
depends on ESP_TLS_USING_WOLFSSL
help
Allows sub-optimal certificate ASN checks. Unless using a bundle with known issues,
it is recommended to NOT enable this.
config WOLFSSL_ASN_ALLOW_0_SERIAL
bool "Allow cert missing an ASN Serial Number"
default y
depends on ESP_TLS_USING_WOLFSSL
help
Although not recommended, there may be certificates in the bundle that are missing
a serial number. This option allows the missing value without having to fully
disable strict ASN checking with WOLFSSL_NO_ASN_STRICT.
choice WOLFSSL_DEFAULT_CERTIFICATE_BUNDLE
bool "Default certificate bundle options"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
bool "Use the full default certificate bundle"
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN
bool "Use only the most common certificates from the default bundles"
help
Use only the most common certificates from the default bundles, reducing the size with 50%,
while still having around 99% coverage.
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
bool "Do not use the default certificate bundle"
endchoice
config WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default n
bool "Use alternate certificate bundle"
help
Typically only used for PlatformIO which cannot generate a certificate bundle at build time.
Enable this option to specify a fixed wolfSSL certificate file path and file name.
config WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME
depends on WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
string "Default certificate bundle alternate path and name"
default "./certs/x509_crt_bundle_wolfssl"
help
Name of the default certificate bundle directory. Typically used only with PlatformIO.
Reminder PlatformIO cannot generate a bundle from cmake python script call. Relative
paths are with respect to root of this project.
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default n
bool "Add custom certificates to the default bundle"
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH
depends on WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
string "Custom certificate bundle path"
help
Name of the custom certificate directory or file. This path is evaluated
relative to the project root directory.
config WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST
bool "Add deprecated root certificates"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL && !WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
help
Include the deprecated list of root certificates in the bundle.
This list gets updated when a certificate is removed from the Mozilla's
NSS root certificate store. This config can be enabled if you would like
to ensure that none of the certificates that were deployed in the product
are affected because of the update to bundle. In turn, enabling this
config keeps expired, retracted certificates in the bundle and it may
pose a security risk.
- Deprecated cert list may grow based based on sync with upstream bundle
- Deprecated certs would be be removed in ESP-IDF (next) major release
config WOLFSSL_CERTIFICATE_BUNDLE_MAX_CERTS
int "Maximum no of certificates allowed in certificate bundle"
default 200
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
endmenu
endmenu # wolfSSL ESP-TLS
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
bool "Modify default hardware acceleration settings"
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
Typically used for debugging, analysis, or optimizations. The default
hardware acceleration features can be each manually adjusted.
menu "wolfSSL Hardware Acceleration"
config ESP_WOLFSSL_NO_ESP32_CRYPT
bool "Disable all ESP32 Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_ESP32_CRYPT.
Consider disabling FASTMATH (other libraries are faster in software and smaller)
config ESP_WOLFSSL_NO_HW_AES
bool "Disable all ESP32 AES Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.When selected defines: NO_HW_AES
config ESP_WOLFSSL_NO_HW_HASH
bool "Disable all ESP32 SHA Hash Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_HASH
config ESP_WOLFSSL_NO_HW_RSA_PRI
bool "Disable all ESP32 RSA Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI
config ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
bool "Disable all ESP32 Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MP_MUL
config ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
bool "Disable all ESP32 Modular Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MULMOD
config ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
bool "Disable all ESP32 RSA Exponential Math Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.
Select this option to force disable: NO_HW_RSA_PRI_EXPTMOD
config ESP_WOLFSSL_DEBUG_ESP_HW_MULTI_RSAMAX_BITS
bool "Enable debugging of RSA Multiplication operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
multiplication operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
config ESP_WOLFSSL_DEBUG_ESP_HW_MOD_RSAMAX_BITS
bool "Enable debugging of RSA Modular operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
modular math operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
endmenu # wolfSSL Hardware Acceleration
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Post Quantum Kyber KEM PQ"
config ESP_WOLFSSL_ENABLE_MLKEM
bool "Enable ML-KEM (Kyber Post Quantum)"
default n
help
bool "Enable wolfSSL ML-KEM"
config WOLFSSL_ENABLE_KYBER
bool "Enable Kyber (Round 3)"
default n
help
Enable old compatibility with Kyber Round 3 (enables experimental settings)
endmenu # wolfSSL Post Quantum Kyber KEM PQ
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Debug Options"
config ESP_WOLFSSL_DEBUG_WOLFSSL
bool "Enable wolfSSL Debugging"
default n
help
Enable debugging messages for wolfSSL. See user_settings.h for additional debug options.
config ESP_WOLFSSL_NO_STACK_SIZE_BUILD_WARNING
bool "Suppress build-time warnings for main stack size"
default n
help
Useful only when wolfSSL is running in main task. See FreeRTOS stack size for custom tasks.
config ESP_WOLFSSL_TEST_LOOP
bool "Run test apps in a loop until failure"
default y
help
Enable a loop wrapper for benchmark, http_client, and wolfssl test apps.
config ESP_WOLFSSL_EXPERIMENTAL_SETTINGS
bool "Enable wolfSSL Experimental Settings"
default n
help
Enables experimental settings for wolfSSL. See documentation.
endmenu # wolfSSL Debug Options
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Customization"
config CUSTOM_SETTING_WOLFSSL_ROOT
string "Enter a path for wolfSSL source code"
default "~/workspace/wolfssl"
help
This option lets you specify a directory for the wolfSSL source code (typically a git clone).
Enter the path using forward slashes (e.g., C:/myfolder/mysubfolder) or double backslashes
(e.g., C:\\myfolder\\mysubfolder).
endmenu # wolfSSL Customization
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Component Config"
config IGNORE_ESP_IDF_WOLFSSL_COMPONENT
bool "Ignore the ESP-IDF component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the esp-idf/components directory. Requires wolfssl as a local component.
config IGNORE_LOCAL_WOLFSSL_COMPONENT
bool "Ignore the local component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the local project components directory.
Requires wolfssl as a ESP-IDF component.
endmenu # Component Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Utility Config"
config USE_WOLFSSL_ESP_SDK_TIME
bool "Enable wolfSSL time helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
config USE_WOLFSSL_ESP_SDK_WIFI
bool "Enable wolfSSL WiFi helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
endmenu # Utility Config
endmenu # wolfSSL
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfSSH"
config ESP_ENABLE_WOLFSSH
bool "Enable wolfSSH options"
default n
help
Enables WOLFSSH_TERM, WOLFSSL_KEY_GEN, WOLFSSL_PTHREADS, WOLFSSH_TEST_SERVER, WOLFSSH_TEST_THREADING
config ESP_WOLFSSL_DEBUG_WOLFSSH
bool "Enable wolfSSH debugging"
default n
help
Enable wolfSSH debugging macro. See user_settings.h
endmenu # wolfSSH
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfMQTT"
config ESP_ENABLE_WOLFMQTT
bool "Enable wolfMQTT options"
default n
help
Enables WOLFMQTT
config ESP_WOLFSSL_DEBUG_WOLFMQTT
bool "Enable wolfMQTT debugging"
default n
help
Enable wolfMQTT debugging macro. See user_settings.h
endmenu # wolfMQTT
# ---------------------------------------------------------------------------------------------------------------------

171
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssl/README.md
View File

@ -1,9 +1,162 @@
# Component wolfSSL
This `wolfssl` directory exists only for the stand-alone examples.
The only files of interest are the [CMakeLists.txt](./CMakeLists.txt) that should point
to the wolfSSL source code and the respective [include/user_settings.h](./include/user_settings.h).
This directory is _not_ included in the publish to the Espressif Registry, as that
mechanism copies the published source code to the local component directory as needed.
# wolfSSL Espressif Component
This is the directory for wolfSSL as an Espressif ESP-IDF component.
Other options are available, such as installing wolfSSL as a local _project_ component using the [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/).
Enabling this wolfSSL ESP-IDF component allows other ESP-IDF libraries such as those that depend on [ESP-TLS](https://github.com/espressif/esp-idf/tree/master/components/esp-tls)
to also use the wolfSSL library. (See [github.com/wolfSSL/wolfssl](https://github.com/wolfSSL/wolfssl))
The wolfSSL source code is not included here. Instead, the `idf.py menuconfig` option can be used to configure the
`sdkconfig` file setting: `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` to point to the desired wolfSSL code.
## Directory Contents
This directory must contain, at a minimum:
- `CMakeLists.txt`
- `./include/user_settings.h`
The directory should also contain:
- `Kconfig`
- `component.mk`
The directory may contain wolfSSL source, for example with a [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/),
or if the `setup.sh` script was used from [wolfSSL/IDE/Espressif/ESP-IDF](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF).
Under normal circumstances when the wolfSSL source is not included here, the `CMakeLists.txt` will search for it in this order:
- A hard-coded `WOLFSSL_ROOT` cmake variable.
- `WOLFSSL_ROOT` Environment Variable
- The `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` value in the `sdkconfig` file, from the `Kconfig` option.
- Any parent directories, up to the root (if this directory is in the ESP-IDF components)
- Any parent directories, up to the root (if this directory is a project component)
While recursing up the directory tree, the following names of wolfSSL directories will be considered:
- `wolfssl-[current user name]`
- `wolfssl-master`
- `wolfssl`
## Getting Started
See the `Espressif Getting Started Guide`.
```
# Set environment variable to ESP-IDF location
# For example, VisualGDB in WSL
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-master/esp-idf/v5.3-master
# Or wherever the ESP-IDF is installed:
WRK_IDF_PATH=~/esp/esp-idf
echo "Run export.sh from ${WRK_IDF_PATH}"
. ${WRK_IDF_PATH}/export.sh
cd [your project]
idf.py menuconfig
```
Enable wolfSSL to be used in the ESP-TLS:
```
Component config --->
ESP-TLS --->
Choose SSL/TLS library for ESP-TLS (See help for more Info)
(X) wolfSSL (License info in wolfSSL directory README)
```
Adjust wolfSSL settings, such as path to source code as needed:
```
Component config --->
wolfSSL --->
[*] Include wolfSSL in ESP-TLS
[*] Use the specified wolfssl for ESP-TLS
(~/workspace/wolfssl) Enter a path for wolfSSL source code
```
## Configuration
All settings for wolfSSL are adjusted in the [include/user_settings.h](./include/user_settings.h) file.
The `user_settings.h` file should not be included directly. Instead, `#include <wolfssl/wolfcrypt/settings.h>`
before any other wolfSSL headers, like this:
```c
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
/* wolfSSL */
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#if defined(WOLFSSL_USER_SETTINGS)
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF)
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
#error "Problem with wolfSSL user_settings. " \
"Check components/wolfssl/include " \
"and confirm WOLFSSL_USER_SETTINGS is defined, " \
"typically in the component CMakeLists.txt"
#endif
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
```
## Examples
See the wolfSSL examples:
- [wolfSSL Core Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
- [wolfSSL Additional Examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
- [wolfSSH Core Examples](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif/ESP-IDF/examples)
- [wolfSSH Additional Examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
- [wolfMQTT Examples](https://github.com/wolfSSL/wolfMQTT/tree/master/IDE/Espressif/ESP-IDF/examples)
## Platforms
The ESP-IDF wolfSSL is also available for PlatformIO:
- [Release wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl)
- [Staging / Preview wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl-staging)
The wolfSSL library can also be used for Espressif with Arduino:
- [arduino.cc/reference/en/libraries/wolfssl](https://www.arduino.cc/reference/en/libraries/wolfssl/)
- [github.com/wolfSSL/Arduino-wolfSSL](https://github.com/wolfSSL/Arduino-wolfSSL)
## Additional Information
- [wolfSSL Documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html) and [docs/espressif](https://www.wolfssl.com/docs/espressif/)
- [wolfSSL FAQ](https://www.wolfssl.com/docs/frequently-asked-questions-faq/)
- [wolfSSL Products](https://www.wolfssl.com/products/)
- [www.wolfssl.com/espressif](https://www.wolfssl.com/espressif/)
- [More...](https://www.wolfssl.com/?s=espressif)
## Contact
Have a specific request or questions? We'd love to hear from you! Please contact us at support@wolfssl.com or open an issue on GitHub.
## Licensing and Support
wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use under the GPLv2 (or at your option any later version) or a standard commercial license. For our users who cannot use wolfSSL under GPLv2 (or any later version), a commercial license to wolfSSL and wolfCrypt is available.
See the LICENSE.txt, visit wolfssl.com/license, contact us at licensing@wolfssl.com or call +1 425 245 8247
View Commercial Support Options: [wolfssl.com/products/support-and-maintenance](wolfssl.com/products/support-and-maintenance)

305
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssl/component.mk 100644
View File

@ -0,0 +1,305 @@
#
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
# wolfSSH is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# wolfSSH is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
$(info *********** wolfssl component ************)
#
# Component Makefile
#
#
# The Espressif Managed Components are only for newer versions of the ESP-IDF
# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
# https://components.espressif.com/
#
# Usage:
#
# make flash
#
# make flash ESPPORT=/dev/ttyS55
#
# make flash ESPBAUD=9600
#
# make monitor ESPPORT=COM1
#
# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
#
# export ESPPORT=/dev/ttyS55
#
# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
#
# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# Note that 4 source files created by autogen are excluded here.
#
# See these files commented out, below. Adjust as needed for your application:
#
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o
# NOTICE: the WOLFSSL_ROOT setting MUST be relative!
# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables
# In the wolfSSL GitHub examples for Espressif:
# https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples
# When this wolfssl component.mk makefile is in [project]/components/wolfssl
# The root is 7 directories up from here (the location of of this component.mk):
#
WOLFSSL_ROOT ?= ../../../../../../..
THIS_DIR := $(shell pwd)
WOLFSSL_ROOT_OBJ := $(THIS_DIR)
# When running make from commandline or VisualGDB, the current path varies:
ifeq ("$(VISUALGDB_DIR)","")
# current path is typically /mnt/c/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/wolfssl_test/build/wolfssl
$(info VISUALGDB_DIR build not detected. shell: $(shell echo $$SHELL))
else
# current path is typically /C/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/wolfssl_test/build/Debug/wolfssl
$(info Detected VisualGDB in: $(VISUALGDB_DIR) shell: $(shell echo $$SHELL))
endif
# To set the location of a different location, it is best to use relative paths.
#
# Set WOLFSSL_ROOT to a relative path from the current component directory.
# For example, if the wolfssl_client is copied from the examples to test:
#
# cp -r /IDE/Espressif/ESP-IDF/examples/wolfssl_client/* /mnt/c/test/demo
#
# we run make in /mnt/c/test/demo
# component is in /mnt/c/test/demo/components/wolfssl
# wolfssl is in /mnt/c/workspace/wolfssl-master
#
# "/mnt/c" is 4 directories up:
# 2 for `./test/demo` from where we run `make`, plus
# 2 more from the location of `component.mk` located
# in `[current directory]/components/wolfssl`.
#
# Thus we need 4 parent reference to find the relative path to wolfSSL:
# WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
# Optional CFLAGS (make works without these; for reference only)
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
abs_WOLFSSL_ROOT := $(shell realpath $(WOLFSSL_ROOT))
# print-wolfssl-path-value:
# @echo "WOLFSSL_ROOT defined: $(WOLFSSL_ROOT)"
# @echo "WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT)"
$(info WOLFSSL_ROOT defined: $(WOLFSSL_ROOT))
$(info WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT))
$(info THIS_DIR defined: $(THIS_DIR))
$(info WOLFSSL_ROOT_OBJ defined: $(WOLFSSL_ROOT_OBJ))
# NOTE: The wolfSSL include directory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# wolfSSL
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src
# wolfcrypt
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
# Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/aes_gcm_x86_asm.o
##
## wolfSSL
##
## reminder object files may end up in `./build` or `build/debug` or `build/release`, depending on build environment & settings.
##
# COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o # part of ssl.c, omitted to avoid "does not need to be compiled separately"
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/conf.o # part of ssl.c
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/pk.o # part of ssl.c
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/x509.o # part of ssl.c
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/x509_str.o # part of ssl.c
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
##
## wolfcrypt test (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test/include
$(info ********** end wolfssl component **********)

834
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/components/wolfssl/include/user_settings.h
View File

File diff suppressed because it is too large Load Diff

18
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/CMakeLists.txt
View File

@ -1,6 +1,6 @@
# [wolfSSL Project]/main/CMakeLists.txt
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -28,28 +28,26 @@ message(STATUS "main cmake found WOLFSSL_COMPONENT_NAME = ${WOLFSSL_COMPONENT_NA
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
message(STATUS "Detected UNIX")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
# Apple-specific configuration here
message(STATUS "Detected APPLE")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
message(STATUS "Detected Apple")
endif()
set (git_cmd "git")

625
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/echoserver.c
View File

@ -1,6 +1,6 @@
/* echoserver.c
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
@ -41,10 +41,27 @@
#include <wolfssh/internal.h>
#include <wolfssh/wolfsftp.h>
#include <wolfssh/agent.h>
#include <wolfssh/port.h>
#include <wolfssh/test.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/logging.h>
#include "echoserver.h"
#ifdef WOLFSSL_ESPIDF
/* Optionally display server echo chars via ESP_LOGI here or in config. */
#define CONFIG_ESP_WOLFSSL_SSH_SERVER_ECHO
/* The echoserver source was copied to this project. For updates, see:
*
* https://github.com/wolfSSL/wolfssh/tree/master/examples/echoserver
*/
#include "echoserver.h"
#ifdef CONFIG_ESP_WOLFSSL_SSH_SERVER_ECHO
#define SERVER_ECHO ESP_LOGI
#else
#define SERVER_ECHO ESP_LOGV
#endif
#else
#include "examples/echoserver/echoserver.h"
#endif
#if defined(WOLFSSL_PTHREADS) && defined(WOLFSSL_TEST_GLOBAL_REQ)
#include <pthread.h>
@ -328,6 +345,50 @@ static void *global_req(void *ctx)
#endif
static void printKeyCompleteText(WOLFSSH* ssh, WS_Text id, const char* tag)
{
char str[200];
size_t strSz = sizeof(str);
size_t ret;
ret = wolfSSH_GetText(ssh, id, str, strSz);
if (ret == strSz) {
printf("\tString size was not large enough for %s\n", tag);
}
printf("\t%-30s : %s\n", tag, str);
}
static void callbackKeyingComplete(void* ctx)
{
WOLFSSH* ssh = (WOLFSSH*)ctx;
if (ssh != NULL) {
printf("Keying Complete:\n");
printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_ALGO,
"WOLFSSH_TEXT_KEX_ALGO");
printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_CURVE,
"WOLFSSH_TEXT_KEX_CURVE");
printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_HASH,
"WOLFSSH_TEXT_KEX_HASH");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_IN_CIPHER,
"WOLFSSH_TEXT_CRYPTO_IN_CIPHER");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_IN_MAC,
"WOLFSSH_TEXT_CRYPTO_IN_MAC");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_OUT_CIPHER,
"WOLFSSH_TEXT_CRYPTO_OUT_CIPHER");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_OUT_MAC,
"WOLFSSH_TEXT_CRYPTO_OUT_MAC");
}
}
#ifdef WOLFSSH_AGENT
static const char EnvNameAuthPort[] = "SSH_AUTH_SOCK";
@ -609,6 +670,87 @@ static int termios_show(int fd)
#endif /* SHELL_DEBUG */
#ifdef WOLFSSH_STATIC_MEMORY
#ifndef WOLFSSL_STATIC_MEMORY
#error Requires the static memory functions from wolfSSL
#endif
#if defined(WOLFSSH_SCP) || defined(WOLFSSH_SHELL) || defined(WOLFSSH_FWD)
#warning Static memory configuration for SFTP, results may vary.
#endif
typedef WOLFSSL_HEAP_HINT ES_HEAP_HINT;
/* This static buffer is tuned for building with SFTP only. The static
* buffer size is calulated by multiplying the pairs of sizeList items
* and distList items and summing (32*64 + 128*118 + ...) and adding
* the sum of the distList values times the sizeof wc_Memory (rounded up
* to a word, 24). This total was 288kb plus change, rounded up to 289. */
#ifndef ES_STATIC_SIZES
#define ES_STATIC_SIZES 32,128,384,800,3120,8400,17552,32846,131072
#endif
#ifndef ES_STATIC_DISTS
#define ES_STATIC_DISTS 64,118,3,4,6,2,2,2,1
#endif
#ifndef ES_STATIC_LISTSZ
#define ES_STATIC_LISTSZ 9
#endif
#ifndef ES_STATIC_BUFSZ
#define ES_STATIC_BUFSZ (289*1024)
#endif
static const word32 static_sizeList[] = {ES_STATIC_SIZES};
static const word32 static_distList[] = {ES_STATIC_DISTS};
static byte static_buffer[ES_STATIC_BUFSZ];
static void wolfSSH_MemoryPrintStats(ES_HEAP_HINT* hint)
{
if (hint != NULL) {
word16 i;
WOLFSSL_MEM_STATS stats;
wolfSSL_GetMemStats(hint->memory, &stats);
/* print to stderr so is on the same pipe as WOLFSSL_DEBUG */
fprintf(stderr, "Total mallocs = %d\n", stats.totalAlloc);
fprintf(stderr, "Total frees = %d\n", stats.totalFr);
fprintf(stderr, "Current mallocs = %d\n", stats.curAlloc);
fprintf(stderr, "Available IO = %d\n", stats.avaIO);
fprintf(stderr, "Max con. handshakes = %d\n", stats.maxHa);
fprintf(stderr, "Max con. IO = %d\n", stats.maxIO);
fprintf(stderr, "State of memory blocks: size : available\n");
for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
fprintf(stderr, " %8d : %d\n",
stats.blockSz[i], stats.avaBlock[i]);
}
}
}
static void wolfSSH_MemoryConnPrintStats(ES_HEAP_HINT* hint)
{
if (hint != NULL) {
WOLFSSL_MEM_CONN_STATS* stats = hint->stats;
/* fill out statistics if wanted and WOLFMEM_TRACK_STATS flag */
if (hint->memory->flag & WOLFMEM_TRACK_STATS
&& hint->stats != NULL) {
fprintf(stderr, "peak connection memory = %d\n",
stats->peakMem);
fprintf(stderr, "current memory in use = %d\n",
stats->curMem);
fprintf(stderr, "peak connection allocs = %d\n",
stats->peakAlloc);
fprintf(stderr, "current connection allocs = %d\n",
stats->curAlloc);
fprintf(stderr, "total connection allocs = %d\n",
stats->totalAlloc);
fprintf(stderr, "total connection frees = %d\n\n",
stats->totalFr);
}
}
}
#else
typedef void ES_HEAP_HINT;
#endif
int ChildRunning = 0;
#ifdef WOLFSSH_SHELL
@ -738,6 +880,25 @@ static int ssh_worker(thread_ctx_t* threadCtx)
ChildRunning = 1;
#endif
#if defined(WOLFSSH_TERM) && defined(WOLFSSH_SHELL)
/* set initial size of terminal based on saved size */
#if defined(HAVE_SYS_IOCTL_H)
wolfSSH_DoModes(ssh->modes, ssh->modesSz, childFd);
{
struct winsize s = {0,0,0,0};
s.ws_col = ssh->widthChar;
s.ws_row = ssh->heightRows;
s.ws_xpixel = ssh->widthPixels;
s.ws_ypixel = ssh->heightPixels;
ioctl(childFd, TIOCSWINSZ, &s);
}
#endif /* HAVE_SYS_IOCTL_H */
wolfSSH_SetTerminalResizeCtx(ssh, (void*)&childFd);
#endif /* WOLFSSH_TERM && WOLFSSH_SHELL */
while (ChildRunning) {
fd_set readFds;
WS_SOCKET_T maxFd;
@ -824,6 +985,11 @@ static int ssh_worker(thread_ctx_t* threadCtx)
#else
cnt_w = wolfSSH_ChannelIdSend(ssh, shellChannelId,
threadCtx->channelBuffer, cnt_r);
/* Only the Espressif example shows characters */
SERVER_ECHO("echo", "Byte= %d, Char=`%c`, len=%d",
(byte)threadCtx->channelBuffer[0],
(char)threadCtx->channelBuffer[0],
cnt_r);
if (cnt_r > 0) {
int doStop = process_bytes(threadCtx,
threadCtx->channelBuffer, cnt_r);
@ -1162,7 +1328,7 @@ static int sftp_worker(thread_ctx_t* threadCtx)
s = (WS_SOCKET_T)wolfSSH_get_fd(ssh);
do {
if (wolfSSH_SFTP_PendingSend(ssh)) {
if (ret == WS_WANT_WRITE || wolfSSH_SFTP_PendingSend(ssh)) {
/* Yes, process the SFTP data. */
ret = wolfSSH_SFTP_read(ssh);
error = wolfSSH_get_error(ssh);
@ -1196,11 +1362,8 @@ static int sftp_worker(thread_ctx_t* threadCtx)
}
else if (selected == WS_SELECT_TIMEOUT) {
timeout = TEST_SFTP_TIMEOUT_LONG;
continue;
}
if (ret == WS_WANT_READ || ret == WS_WANT_WRITE ||
selected == WS_SELECT_RECV_READY) {
else if (selected == WS_SELECT_RECV_READY) {
ret = wolfSSH_worker(ssh, NULL);
error = wolfSSH_get_error(ssh);
if (ret == WS_REKEYING) {
@ -1213,13 +1376,18 @@ static int sftp_worker(thread_ctx_t* threadCtx)
error == WS_WINDOW_FULL) {
timeout = TEST_SFTP_TIMEOUT;
ret = error;
continue;
}
if (error == WS_EOF) {
break;
}
if (ret != WS_SUCCESS && ret != WS_CHAN_RXD) {
if (ret == WS_WANT_WRITE) {
/* recall wolfSSH_worker here because is likely our custom
* highwater callback that returned up a WS_WANT_WRITE */
ret = wolfSSH_worker(ssh, NULL);
continue; /* continue on if our send got a want write */
}
/* If not successful and no channel data, leave. */
break;
}
@ -1278,7 +1446,8 @@ static int NonBlockSSH_accept(WOLFSSH* ssh)
while ((ret != WS_SUCCESS
&& ret != WS_SCP_COMPLETE && ret != WS_SFTP_COMPLETE)
&& (error == WS_WANT_READ || error == WS_WANT_WRITE)) {
&& (error == WS_WANT_READ || error == WS_WANT_WRITE ||
error == WS_AUTH_PENDING)) {
if (error == WS_WANT_READ)
printf("... server would read block\n");
@ -1288,7 +1457,8 @@ static int NonBlockSSH_accept(WOLFSSH* ssh)
select_ret = tcp_select(sockfd, 1);
if (select_ret == WS_SELECT_RECV_READY ||
select_ret == WS_SELECT_ERROR_READY ||
error == WS_WANT_WRITE)
error == WS_WANT_WRITE ||
error == WS_AUTH_PENDING)
{
ret = wolfSSH_accept(ssh);
error = wolfSSH_get_error(ssh);
@ -1310,11 +1480,16 @@ static THREAD_RETURN WOLFSSH_THREAD server_worker(void* vArgs)
passwdRetry = MAX_PASSWD_RETRY;
if (!threadCtx->nonBlock)
if (!threadCtx->nonBlock) {
ret = wolfSSH_accept(threadCtx->ssh);
else
if (wolfSSH_get_error(threadCtx->ssh) == WS_AUTH_PENDING) {
printf("Auth pending error, use -N for non blocking\n");
printf("Trying to close down the connection\n");
}
}
else {
ret = NonBlockSSH_accept(threadCtx->ssh);
}
#ifdef WOLFSSH_SCP
/* finish off SCP operation */
if (ret == WS_SCP_INIT) {
@ -1423,8 +1598,19 @@ static THREAD_RETURN WOLFSSH_THREAD server_worker(void* vArgs)
threadCtx->fwdCbCtx.originName = NULL;
}
#endif
#ifdef WOLFSSH_STATIC_MEMORY
wolfSSH_MemoryConnPrintStats(threadCtx->ssh->ctx->heap);
#endif
wolfSSH_free(threadCtx->ssh);
/* For socket error, it could have been the previous connection just ended
* early. Not really an error, no need to report error and quit. */
if (error == WS_SOCKET_ERROR_E) {
ret = 0;
}
if (ret != 0) {
fprintf(stderr, "Error [%d] \"%s\" with handling connection.\n", ret,
wolfSSH_ErrorToName(error));
@ -1456,21 +1642,19 @@ static int load_file(const char* fileName, byte* buf, word32* bufSz)
fileSz = (word32)WFTELL(NULL, file);
WREWIND(NULL, file);
if (fileSz > *bufSz) {
if (buf == NULL)
*bufSz = fileSz;
if (buf == NULL || fileSz > *bufSz) {
*bufSz = fileSz;
WFCLOSE(NULL, file);
return 0;
}
readSz = (word32)WFREAD(NULL, buf, 1, fileSz, file);
if (readSz < fileSz) {
WFCLOSE(NULL, file);
return 0;
}
WFCLOSE(NULL, file);
if (readSz < fileSz) {
fileSz = 0;
}
return fileSz;
}
#endif /* NO_FILESYSTEM */
@ -1633,21 +1817,24 @@ static const char samplePublicKeyEccBuffer[] =
#endif
#ifndef WOLFSSH_NO_RSA
static const char samplePublicKeyRsaBuffer[] =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGho"
"MNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3G"
"p2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTj"
"nEhBaIPUJO2C/M0pFnnbZxKgJlX7t1Doy7h5eXxviymOIvaCZKU+x5OopfzM/wFkey0EPW"
"NmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pE"
"nIf7dO0B8EblgWt+ud+JI8wrAhfE4x hansel\n"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ"
"+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjO"
"P6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjz"
"uNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadru"
"biE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdI"
"RGwkU38D043AR1h0mUoGCPIKuqcFMf gretel\n";
#endif
#ifdef WOLFSSH_TPM
static const char* sampleTpmPublicKeyRsaBuffer = "";
#else
static const char* samplePublicKeyRsaBuffer =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ"
"+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjO"
"P6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjz"
"uNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadru"
"biE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdI"
"RGwkU38D043AR1h0mUoGCPIKuqcFMf gretel\n"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGho"
"MNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3G"
"p2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTj"
"nEhBaIPUJO2C/M0pFnnbZxKgJlX7t1Doy7h5eXxviymOIvaCZKU+x5OopfzM/wFkey0EPW"
"NmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pE"
"nIf7dO0B8EblgWt+ud+JI8wrAhfE4x hansel\n";
#endif /* WOLFSSH_TPM */
#endif /* WOLFSSH_NO_RSA */
#ifdef WOLFSSH_ALLOW_USERAUTH_NONE
@ -1845,6 +2032,35 @@ static int LoadPasswdList(StrList* strList, PwMapList* mapList)
return count;
}
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
static int LoadKeyboardList(StrList* strList, PwMapList* mapList)
{
char names[256];
char* passwd;
int count = 0;
while (strList) {
WSTRNCPY(names, strList->str, sizeof names - 1);
passwd = WSTRCHR(names, ':');
if (passwd != NULL) {
*passwd = 0;
passwd++;
PwMapNew(mapList, WOLFSSH_USERAUTH_KEYBOARD,
(byte*)names, (word32)WSTRLEN(names),
(byte*)passwd, (word32)WSTRLEN(passwd));
}
else {
fprintf(stderr, "Ignoring password: %s\n", names);
}
strList = strList->next;
count++;
}
return count;
}
#endif
#ifndef NO_FILESYSTEM
static int LoadPubKeyList(StrList* strList, int format, PwMapList* mapList)
@ -1916,6 +2132,48 @@ static int LoadPubKeyList(StrList* strList, int format, PwMapList* mapList)
}
#endif
#ifdef WOLFSSH_TPM
static char* LoadTpmSshKey(const char* keyFile, const char* username)
{
WFILE* file = NULL;
char* buffer = NULL;
char* ret = NULL;
long length;
size_t usernameLen;
if (WFOPEN(NULL, &file, keyFile, "rb") != 0) {
fprintf(stderr,
"Failed to open TPM key file: %s\n", keyFile);
return NULL;
}
WFSEEK(NULL, file, 0, WSEEK_END);
length = WFTELL(NULL, file);
WREWIND(NULL, file);
usernameLen = WSTRLEN(username);
buffer = (char*)WMALLOC(length + usernameLen + 2, NULL, DYNTYPE_BUFFER);
if (buffer) {
if (WFREAD(NULL, buffer, 1, length, file) == (size_t)length) {
while (length > 0 && (buffer[length-1] == '\n' ||
buffer[length-1] == '\r')) {
length--;
}
buffer[length] = ' ';
WMEMCPY(buffer + length + 1, username, usernameLen);
buffer[length + 1 + usernameLen] = '\n';
buffer[length + 2 + usernameLen] = '\0';
ret = buffer;
}
else {
WFREE(buffer, NULL, DYNTYPE_BUFFER);
}
}
WFCLOSE(NULL, file);
return ret;
}
#endif
static int wsUserAuthResult(byte res,
WS_UserAuthData* authData,
void* ctx)
@ -1928,6 +2186,7 @@ static int wsUserAuthResult(byte res,
}
static int userAuthWouldBlock = 0;
static int wsUserAuth(byte authType,
WS_UserAuthData* authData,
void* ctx)
@ -1941,9 +2200,18 @@ static int wsUserAuth(byte authType,
return WOLFSSH_USERAUTH_FAILURE;
}
if (userAuthWouldBlock > 0) {
printf("User Auth would block ....\n");
userAuthWouldBlock--;
return WOLFSSH_USERAUTH_WOULD_BLOCK;
}
if (authType != WOLFSSH_USERAUTH_PASSWORD &&
#ifdef WOLFSSH_ALLOW_USERAUTH_NONE
authType != WOLFSSH_USERAUTH_NONE &&
#endif
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
authType != WOLFSSH_USERAUTH_KEYBOARD &&
#endif
authType != WOLFSSH_USERAUTH_PUBLICKEY) {
@ -1955,6 +2223,16 @@ static int wsUserAuth(byte authType,
authData->sf.password.passwordSz,
authHash);
}
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
else if (authType == WOLFSSH_USERAUTH_KEYBOARD) {
if (authData->sf.keyboard.responseCount != 1) {
return WOLFSSH_USERAUTH_FAILURE;
}
wc_Sha256Hash(authData->sf.keyboard.responses[0],
authData->sf.keyboard.responseLengths[0],
authHash);
}
#endif
else if (authType == WOLFSSH_USERAUTH_PUBLICKEY) {
wc_Sha256Hash(authData->sf.publicKey.publicKey,
authData->sf.publicKey.publicKeySz,
@ -2055,6 +2333,16 @@ static int wsUserAuth(byte authType,
WOLFSSH_USERAUTH_REJECTED;
}
}
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
else if (authData->type == WOLFSSH_USERAUTH_KEYBOARD) {
if (WMEMCMP(map->p, authHash, WC_SHA256_DIGEST_SIZE) == 0) {
return WOLFSSH_USERAUTH_SUCCESS;
}
else {
return WOLFSSH_USERAUTH_INVALID_PASSWORD;
}
}
#endif
#ifdef WOLFSSH_ALLOW_USERAUTH_NONE
else if (authData->type == WOLFSSH_USERAUTH_NONE) {
return WOLFSSH_USERAUTH_SUCCESS;
@ -2070,6 +2358,15 @@ static int wsUserAuth(byte authType,
return WOLFSSH_USERAUTH_INVALID_USER;
}
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
static int keyboardCallback(WS_UserAuthData_Keyboard *kbAuth, void *ctx)
{
WS_UserAuthData_Keyboard *kbAuthData = (WS_UserAuthData_Keyboard*) ctx;
WMEMCPY(kbAuth, kbAuthData, sizeof(WS_UserAuthData_Keyboard));
return WS_SUCCESS;
}
#endif
#ifdef WOLFSSH_SFTP
/*
@ -2130,7 +2427,8 @@ static int SetDefaultSftpPath(WOLFSSH* ssh, const char* defaultSftpPath)
static void ShowUsage(void)
{
printf("echoserver %s\n", LIBWOLFSSH_VERSION_STRING);
printf("echoserver %s linked with wolfSSL %s\n", LIBWOLFSSH_VERSION_STRING,
LIBWOLFSSL_VERSION_STRING);
printf(" -? display this help and exit\n");
printf(" -1 exit after single (one) connection\n");
printf(" -e expect ECC public key from client\n");
@ -2147,33 +2445,42 @@ static void ShowUsage(void)
" (user assumed in comment)\n");
printf(" -I <name>:<file>\n"
" load in a SSH public key to accept from peer\n");
printf(" -s <file> load in a TPM public key file to replace default hansel key\n");
printf(" -J <name>:<file>\n"
" load in an X.509 PEM cert to accept from peer\n");
printf(" -K <name>:<file>\n"
" load in an X.509 DER cert to accept from peer\n");
printf(" -P <name>:<password>\n"
" add password to accept from peer\n");
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
printf(" -i <name>:<password>\n"
" add passowrd to accept via keyboard-interactive "
"from peer\n");
#endif
#ifdef WOLFSSH_CERTS
printf(" -a <file> load in a root CA certificate file\n");
#endif
printf(" -k <list> set the comma separated list of key algos to use\n");
printf(" -x <list> set the comma separated list of key exchange algos "
"to use\n");
printf(" -m <list> set the comma separated list of mac algos to use\n");
printf(" -b <num> test user auth would block\n");
printf(" -H set test highwater callback\n");
}
static INLINE void SignalTcpReady(func_args* serverArgs, word16 port)
static INLINE void SignalTcpReady(tcp_ready* ready, word16 port)
{
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && \
!defined(__MINGW32__) && !defined(SINGLE_THREADED)
tcp_ready* ready = serverArgs->signal;
if (ready != NULL) {
pthread_mutex_lock(&ready->mutex);
ready->ready = 1;
ready->port = port;
pthread_cond_signal(&ready->cond);
pthread_mutex_unlock(&ready->mutex);
}
pthread_mutex_lock(&ready->mutex);
ready->ready = 1;
ready->port = port;
pthread_cond_signal(&ready->cond);
pthread_mutex_unlock(&ready->mutex);
#else
(void)serverArgs;
(void)port;
WOLFSSH_UNUSED(ready);
WOLFSSH_UNUSED(port);
#endif
}
@ -2183,6 +2490,36 @@ static INLINE void SignalTcpReady(func_args* serverArgs, word16 port)
WOLFSSL_RETURN_FROM_THREAD(0); \
} while(0)
static byte wantwrite = 0; /*flag to return want write on first highwater call*/
static int my_highwaterCb(byte dir, void* ctx)
{
int ret = WS_SUCCESS;
WOLFSSH_UNUSED(dir);
printf("my_highwaterCb called\n");
if (ctx) {
WOLFSSH* ssh = (WOLFSSH*)ctx;
printf("HIGHWATER MARK: (%u) %s", wolfSSH_GetHighwater(ssh),
(dir == WOLFSSH_HWSIDE_RECEIVE) ? "receive\n" : "transmit\n");
if (dir == WOLFSSH_HWSIDE_RECEIVE) {
if (!wantwrite) {
ret = WS_WANT_WRITE;
wantwrite = 1;
printf("Forcing a want write on first highwater callback\n");
}
else {
ret = wolfSSH_TriggerKeyExchange(ssh);
}
}
}
return ret;
}
THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
{
func_args* serverArgs = (func_args*)args;
@ -2194,9 +2531,22 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
StrList* derPubKeyList = NULL;
#endif
StrList* passwdList = NULL;
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
StrList* keyboardList = NULL;
WS_UserAuthData_Keyboard kbAuthData;
#endif
WS_SOCKET_T listenFd = WOLFSSH_SOCKET_INVALID;
int useCustomHighWaterCb = 0;
word32 defaultHighwater = EXAMPLE_HIGHWATER_MARK;
word32 threadCount = 0;
const char* keyList = NULL;
const char* kexList = NULL;
const char* macList = NULL;
const char* cipherList = NULL;
ES_HEAP_HINT* heap = NULL;
#ifdef WOLFSSH_TPM
static char* tpmKeyPath = NULL;
#endif
int multipleConnections = 1;
int userEcc = 0;
int peerEcc = 0;
@ -2216,9 +2566,12 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
int argc = serverArgs->argc;
char** argv = serverArgs->argv;
serverArgs->return_code = EXIT_SUCCESS;
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
kbAuthData.promptCount = 0;
#endif
if (argc > 0) {
const char* optlist = "?1a:d:efEp:R:Ni:j:I:J:K:P:";
const char* optlist = "?1a:d:efEp:R:Ni:j:i:I:J:K:P:k:b:x:m:c:s:H";
myoptind = 0;
while ((ch = mygetopt(argc, argv, optlist)) != -1) {
switch (ch) {
@ -2240,6 +2593,10 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
userEcc = 1;
break;
case 'k' :
keyList = myoptarg;
break;
case 'E':
peerEcc = 1;
break;
@ -2298,6 +2655,38 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
passwdList = StrListAdd(passwdList, myoptarg);
break;
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
case 'i':
keyboardList = StrListAdd(keyboardList, myoptarg);
break;
#endif
case 'b':
userAuthWouldBlock = atoi(myoptarg);
break;
case 'x':
kexList = myoptarg;
break;
case 'm':
macList = myoptarg;
break;
case 'c':
cipherList = myoptarg;
break;
case 's':
#ifdef WOLFSSH_TPM
tpmKeyPath = myoptarg;
#endif
break;
case 'H':
useCustomHighWaterCb = 1;
break;
default:
ShowUsage();
serverArgs->return_code = MY_EX_USAGE;
@ -2330,16 +2719,73 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
ES_ERROR("Couldn't initialize wolfSSH.\n");
}
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, NULL);
/* Load custom TPM key if specified */
#ifdef WOLFSSH_TPM
if (tpmKeyPath != NULL) {
const char* newBuffer = LoadTpmSshKey(tpmKeyPath, "hansel");
if (newBuffer != NULL) {
sampleTpmPublicKeyRsaBuffer = newBuffer;
}
else {
ES_ERROR("Failed to load TPM key from %s\n", tpmKeyPath);
}
printf("New sampleTpmPublicKeyRsaBuffer:\n%s\n", sampleTpmPublicKeyRsaBuffer);
}
else {
printf("No TPM key loaded\n");
}
#endif
#ifdef WOLFSSH_STATIC_MEMORY
{
int ret;
ret = wc_LoadStaticMemory_ex(&heap,
ES_STATIC_LISTSZ, static_sizeList, static_distList,
static_buffer, sizeof(static_buffer),
WOLFMEM_GENERAL|WOLFMEM_TRACK_STATS, 0);
if (ret != 0) {
ES_ERROR("Couldn't set up static memory pool.\n");
}
}
#endif /* WOLFSSH_STATIC_MEMORY */
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, heap);
if (ctx == NULL) {
ES_ERROR("Couldn't allocate SSH CTX data.\n");
}
wolfSSH_SetKeyingCompletionCb(ctx, callbackKeyingComplete);
if (keyList) {
if (wolfSSH_CTX_SetAlgoListKey(ctx, keyList) != WS_SUCCESS) {
ES_ERROR("Error setting key list.\n");
}
}
if (kexList) {
if (wolfSSH_CTX_SetAlgoListKex(ctx, kexList) != WS_SUCCESS) {
ES_ERROR("Error setting kex list.\n");
}
}
if (macList) {
if (wolfSSH_CTX_SetAlgoListMac(ctx, macList) != WS_SUCCESS) {
ES_ERROR("Error setting mac list.\n");
}
}
if (cipherList) {
if (wolfSSH_CTX_SetAlgoListCipher(ctx, cipherList) != WS_SUCCESS) {
ES_ERROR("Error setting cipher list.\n");
}
}
WMEMSET(&pwMapList, 0, sizeof(pwMapList));
if (serverArgs->user_auth == NULL)
wolfSSH_SetUserAuth(ctx, wsUserAuth);
else
wolfSSH_SetUserAuth(ctx, ((func_args*)args)->user_auth);
wolfSSH_SetUserAuthResult(ctx, wsUserAuthResult);
wolfSSH_CTX_SetBanner(ctx, echoserverBanner);
#ifdef WOLFSSH_AGENT
@ -2372,6 +2818,37 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
passwdList = NULL;
}
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
if (keyboardList) {
LoadKeyboardList(keyboardList, &pwMapList);
StrListFree(keyboardList);
keyboardList = NULL;
kbAuthData.promptCount = 1;
kbAuthData.promptName = NULL;
kbAuthData.promptNameSz = 0;
kbAuthData.promptInstruction = NULL;
kbAuthData.promptInstructionSz = 0;
kbAuthData.promptLanguage = NULL;
kbAuthData.promptLanguageSz = 0;
kbAuthData.prompts = (byte**)WMALLOC(sizeof(byte*), NULL, 0);
if (kbAuthData.prompts == NULL) {
ES_ERROR("Error allocating prompts");
}
kbAuthData.prompts[0] = (byte*)"KB Auth Password: ";
kbAuthData.promptLengths = (word32*)WMALLOC(sizeof(word32), NULL, 0);
if (kbAuthData.prompts == NULL) {
ES_ERROR("Error allocating promptLengths");
}
kbAuthData.promptLengths[0] = 18;
kbAuthData.promptEcho = (byte*)WMALLOC(sizeof(byte), NULL, 0);
if (kbAuthData.prompts == NULL) {
ES_ERROR("Error allocating promptEcho");
}
kbAuthData.promptEcho[0] = 0;
wolfSSH_SetKeyboardAuthPrompts(ctx, keyboardCallback);
}
#endif
{
const char* bufName = NULL;
#ifndef WOLFSSH_SMALL_STACK
@ -2475,7 +2952,11 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
}
else {
#ifndef WOLFSSH_NO_RSA
bufName = samplePublicKeyRsaBuffer;
#ifdef WOLFSSH_TPM
bufName = sampleTpmPublicKeyRsaBuffer;
#else
bufName = samplePublicKeyRsaBuffer;
#endif
#endif
}
if (bufName != NULL) {
@ -2543,6 +3024,8 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
#endif
}
SignalTcpReady(serverArgs->signal, port);
do {
WS_SOCKET_T clientFd = WOLFSSH_SOCKET_INVALID;
#ifdef WOLFSSL_NUCLEUS
@ -2566,13 +3049,33 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
WFREE(threadCtx, NULL, 0);
ES_ERROR("Couldn't allocate SSH data.\n");
}
#ifdef WOLFSSH_STATIC_MEMORY
wolfSSH_MemoryConnPrintStats(heap);
#endif
wolfSSH_SetUserAuthCtx(ssh, &pwMapList);
wolfSSH_SetKeyingCompletionCbCtx(ssh, (void*)ssh);
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
wolfSSH_SetKeyboardAuthCtx(ssh, &kbAuthData);
#endif
/* Use the session object for its own highwater callback ctx */
if (defaultHighwater > 0) {
wolfSSH_SetHighwaterCtx(ssh, (void*)ssh);
wolfSSH_SetHighwater(ssh, defaultHighwater);
}
if (useCustomHighWaterCb) {
if (defaultHighwater == EXAMPLE_HIGHWATER_MARK) {
defaultHighwater = 2000; /* lower the highwater mark to hit the
* callback sooner */
}
printf("Registering highwater callback that returns want write\n");
wolfSSH_SetHighwaterCb(ctx, defaultHighwater, my_highwaterCb);
wolfSSH_SetHighwaterCtx(ssh, (void*)ssh);
wolfSSH_SetHighwater(ssh, defaultHighwater);
}
#ifdef WOLFSSH_SFTP
if (SetDefaultSftpPath(ssh, defaultSftpPath) != 0) {
ES_ERROR("Couldn't store default sftp path.\n");
@ -2600,8 +3103,6 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
}
#endif
SignalTcpReady(serverArgs, port);
#ifdef WOLFSSL_NUCLEUS
clientFd = NU_Accept(listenFd, &clientAddr, 0);
#else
@ -2641,9 +3142,20 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
if (listenFd != WOLFSSH_SOCKET_INVALID) {
WCLOSESOCKET(listenFd);
}
#ifdef WOLFSSH_KEYBOARD_INTERACTIVE
if (kbAuthData.promptCount > 0) {
WFREE(kbAuthData.promptLengths, NULL, 0);
WFREE(kbAuthData.prompts, NULL, 0);
WFREE(kbAuthData.promptEcho, NULL, 0);
}
#endif
wc_FreeMutex(&doneLock);
PwMapListDelete(&pwMapList);
wolfSSH_CTX_free(ctx);
#ifdef WOLFSSH_STATIC_MEMORY
wolfSSH_MemoryPrintStats(heap);
#endif
if (wolfSSH_Cleanup() != WS_SUCCESS) {
ES_ERROR("Couldn't clean up wolfSSH.\n");
}
@ -2658,8 +3170,6 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
#endif /* NO_WOLFSSH_SERVER */
void wolfSSL_Debugging_ON(void);
int wolfSSH_Echoserver(int argc, char** argv)
{
func_args args;
@ -2670,8 +3180,11 @@ int wolfSSH_Echoserver(int argc, char** argv)
WSTARTTCP();
#ifdef DEBUG_WOLFSSH
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
#ifdef DEBUG_WOLFSSH
wolfSSH_Debugging_ON();
#endif

2
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/include/echoserver.h
View File

@ -1,6 +1,6 @@
/* echoserver.h
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*

2
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/include/main.h
View File

@ -1,6 +1,6 @@
/* template main.h
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*

2
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/include/time_helper.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*

43
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/include/wifi_connect.h
View File

@ -1,6 +1,6 @@
/* wifi_connect.h
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
@ -62,7 +62,7 @@
#else
#warning "did not detect environment. using ~/my_private_config.h"
#include "~/my_private_config.h"
#endif
#endif
#else
/*
@ -72,17 +72,44 @@
** If you'd rather not, just change the below entries to strings with
** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
*/
/* Some older versions use ESP_WIFI_SSID via Kconfig */
#ifdef CONFIG_ESP_WIFI_SSID
/* Overwrite the example SSID with the value set in menuconfig */
#undef EXAMPLE_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
#else
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
#endif
#ifdef CONFIG_ESP_WIFI_PASSWORD
#define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
#else
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
/* Newer versions of the ESP-IDF use EXAMPLE_WIFI_SSID via Kconfig */
#ifdef CONFIG_EXAMPLE_WIFI_SSID
/* Overwrite the example SSID with the value set in menuconfig */
#undef EXAMPLE_ESP_WIFI_SSID
#define EXAMPLE_ESP_WIFI_SSID CONFIG_EXAMPLE_WIFI_SSID
#endif
/* Some older versions use ESP_WIFI_PASSWORD via Kconfig */
#ifdef CONFIG_ESP_WIFI_PASSWORD
/* Overwrite the example password with the value set in menuconfig */
#undef EXAMPLE_ESP_WIFI_PASS
#define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
#endif
/* Newer versions use CONFIG_ESP_WIFI_PASSWORD via Kconfig */
#ifdef CONFIG_EXAMPLE_WIFI_PASSWORD
/* Overwrite the example SSID with the value set in menuconfig */
#undef EXAMPLE_ESP_WIFI_PASS
#define EXAMPLE_ESP_WIFI_PASS CONFIG_EXAMPLE_WIFI_PASSWORD
#endif
#endif
/* Ensure EXAMPLE_ESP_WIFI_SSID and EXAMPLE_ESP_WIFI_PASS are not blank: */
#ifndef EXAMPLE_ESP_WIFI_SSID
#warning "Setting default WiFi SSID: MYSSID_WIFI_CONNECT"
#define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
#endif
#ifndef EXAMPLE_ESP_WIFI_PASS
#warning "Setting default WiFi SSID Password: MYSSID_WIFI_CONNECT"
#define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
#endif
/* ESP lwip */

57
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/main.c
View File

@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
@ -65,9 +65,17 @@ void app_main(void)
#endif
#ifdef HAVE_VERSION_EXTENDED_INFO
// esp_ShowExtendedSystemInfo();
esp_ShowExtendedSystemInfo();
#endif
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_OFF();
#endif
#ifdef CONFIG_IDF_TARGET_ESP32H2
ESP_LOGE(TAG, "No WiFi on the ESP32-H2 and ethernet not yet supported");
while (1) {
vTaskDelay(60000);
}
#endif
/* Set time for cert validation.
* Some lwIP APIs, including SNTP functions, are not thread safe. */
ret = set_time(); /* need to setup NTP before WiFi */
@ -116,11 +124,23 @@ void app_main(void)
/* Initialize NVS */
ret = nvs_flash_init();
if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
ESP_ERROR_CHECK(nvs_flash_erase());
ret = nvs_flash_init();
#if defined(CONFIG_IDF_TARGET_ESP8266)
{
if (ret == ESP_ERR_NVS_NO_FREE_PAGES) {
ESP_ERROR_CHECK(nvs_flash_erase());
ret = nvs_flash_init();
}
}
#else
{
/* Non-ESP8266 initialization is slightly different */
if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
ESP_ERROR_CHECK(nvs_flash_erase());
ret = nvs_flash_init();
}
}
#endif /* else not CONFIG_IDF_TARGET_ESP8266 */
ESP_ERROR_CHECK(ret);
#if defined(CONFIG_IDF_TARGET_ESP32H2)
@ -135,11 +155,11 @@ void app_main(void)
ESP_LOGI(TAG, "Trying WiFi again...");
ret = wifi_init_sta();
}
#endif
#endif
#endif /* else not CONFIG_IDF_TARGET_ESP32H2 */
#endif /* else FOUND_PROTOCOL_EXAMPLES_DIR not found */
/* Once we are connected to the network, start & wait for NTP time */
// ret = set_time_wait_for_ntp();
ret = set_time_wait_for_ntp();
if (ret < -1) {
/* a value of -1 means there was no NTP server, so no need to wait */
@ -162,23 +182,16 @@ void app_main(void)
memset(&args, 0, sizeof(func_args));
echoserver_test(&args);
ESP_LOGI(TAG, "\n\nDone!"
"If running from idf.py monitor, press twice: Ctrl+]");
ESP_LOGV(TAG, "\n\nLoop...\n\n");
ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
- uxTaskGetStackHighWaterMark(NULL));
while (1) {
#if defined(SINGLE_THREADED)
while (1);
#else
vTaskDelay(60000);
#endif
}
ESP_LOGI(TAG, "\n\nDone!\n\n"
"If running from idf.py monitor, press twice: Ctrl+]\n\n"
"WOLFSSL_COMPLETE\n" /* exit keyword for wolfssl_monitor.py */
);
while (1) {
vTaskDelay(60000);
}
} /* app_main */

2
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/time_helper.c
View File

@ -1,6 +1,6 @@
/* time_helper.c
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*

2
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/main/wifi_connect.c
View File

@ -1,6 +1,6 @@
/* wifi_connect.c
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*

2244
ide/Espressif/ESP-IDF/examples/wolfssh_echoserver/sdkconfi.old 100644
View File

File diff suppressed because it is too large Load Diff

57
ide/Espressif/ESP-IDF/examples/wolfssh_template/CMakeLists.txt
View File

@ -1,3 +1,26 @@
# [wolfSSL Project]/CMakeLists.txt
#
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
# wolfSSH is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# wolfSSH is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
# cmake for WOLFSSH Espressif projects
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
# wolfSSL Espressif Example Project CMakeLists.txt
# v1.0
#
@ -9,9 +32,15 @@ cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(WOLFSSL_USER_SETTINGS ON)
# Assume we have a ESP_ENABLE_WOLFSSH section in user_settings.h
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DESP_ENABLE_WOLFSSH")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_TERM")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DDEBUG_WOLFSSH")
# Managed wolfSSL Components prior to 5.7.4 need a manual setting for WOLFSSL_WOLFSSH
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_WOLFSSH")
# Optional:
# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_TERM")
# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DDEBUG_WOLFSSH")
# The wolfSSL CMake file should be able to find the source code.
# Otherwise, assign an environment variable or set it here:
@ -32,28 +61,28 @@ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DDEBUG_WOLFSSH")
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
message(STATUS "Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
message(STATUS "Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
message(STATUS "Detected Apple")
endif()
# End optional WOLFSSL_CMAKE_SYSTEM_NAME
@ -78,6 +107,18 @@ else()
message(STATUS "No conflicting wolfSSL components found.")
endif()
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
else()
message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
project(wolfssh_template)

390
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssh/CMakeLists.txt
View File

@ -1,6 +1,6 @@
# Espressif component/wolfssh/CMakeLists.txt
# [wolfSSL Project]/components/wolfssh/CMakeLists.txt
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -17,27 +17,105 @@
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
# cmake for WOLFSSH Espressif projects
# cmake for wolfssh Espressif projects v5.7.6 (template pr)
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_USER_SETTINGS")
set(VERBOSE_COMPONENT_MESSAGES 1)
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
message(STATUS "CMAKE_CURRENT_LIST_DIR = ${CMAKE_CURRENT_LIST_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_LIST_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
# The root of the project is two directories up from here. (we are typically in [project name]components/mywolfssh)
get_filename_component(PROJECT_ROOT "${THIS_DIR}" DIRECTORY) # Up one directory from here is "components"
get_filename_component(PROJECT_ROOT "${PROJECT_ROOT}" DIRECTORY) # up one more directory should be the root of our project
message(STATUS "PROJECT_ROOT = ${PROJECT_ROOT}")
# in case wolfssl user_settings.h is missing, we'll look for one in the ESP32/lib directory:
get_filename_component(LIB_USER_SETTINGS "${PROJECT_ROOT}/../lib/user_settings.h" ABSOLUTE)
message(STATUS "wolfssl user_settings.h lib = ${LIB_USER_SETTINGS}")
get_filename_component(THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH "${PROJECT_ROOT}/components/wolfssl/include" ABSOLUTE)
message(STATUS "wolfssl user_settings.h path = ${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSH_ROOT "c:/some/workspace/wolfssh" )
if ( "${WOLFSSH_ROOT}" STREQUAL "")
set(WOLFSSH_ROOT "$ENV{WOLFSSH_ROOT}" )
endif()
# Optional compiler definitions to help with system name detection (typically printed by app diagnostics)
if( VERBOSE_COMPONENT_MESSAGES )
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message(STATUS "Detected UNIX")
endif()
if(APPLE)
message(STATUS "Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message(STATUS "Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# find the user name to search for possible "wolfssh-username"
# find the user name to search for possible "wolfssh-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
message(STATUS "could not find USER or USERNAME")
else()
# the bash user is not blank, so we'll use it.
set(THIS_USER "$ENV{USERNAME}")
endif()
else()
# the bash user is not blank, so we'll use it.
set(THIS_USER "$ENV{USER}")
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# Attention!
#
# When editing component CMake files, consider the following :
#
# NO Managed Componenets: Normal stand-alone app, "as cloned" from github.
# There's no notion of staging names (e.g. mywolfmqtt) regardless of environment settings.
# NO Managed Components: Normal stand-alone app, "as cloned" from github.
# There's no notion of staging names (e.g. mywolfssh) regardless of environment settings.
# All of the component source is locall. See settings such s WOLFSSL_ROOT=[your path]
#
# Partially Managed Components. This one is tricky. When publishing a component with examples,
# those examples will have a chicken-and-egg problem: the required component is not yet published.
# Adding to the complexity is the notion of staging components, that are purposely prefixed with
# "my" (e.g. mywolfmqtt) to distinguish from production, live components (e.g. wolfmqtt)
# "my" (e.g. mywolfssh) to distinguish from production, live components (e.g. wolfssh)
#
# Partially Managed Component Examples are typically only encountered by the component publisher
# and only at publish time, such as when performing the pre-publish build check.
@ -45,49 +123,185 @@ set(CMAKE_CURRENT_SOURCE_DIR ".")
# A partially managed component may also be manually created, when adding a managed component to
# and existing project. For example:
#
# idf.py add-dependency "wolfssl/wolfssh^1.4.15-stable"
# idf.py add-dependency "wolfssl/wolfssh^1.4.18"
#
# Fully Managaged Componenets. This is the typical example as created from the Component Registry:
# Fully Managed Components. This is the typical example as created from the Component Registry:
# For example:
#
# idf.py create-project-from-example "wolfssl/wolfssh^1.4.15-stable:wolfssh_server"
# idf.py create-project-from-example "wolfssl/wolfssh^1.4.18"
#
# In all cases, keep in mind that components other than wolfssl will depend on the wolfssl component.
#
message(STATUS "CMAKE_CURRENT_LIST_DIR = ${CMAKE_CURRENT_LIST_DIR}")
get_filename_component(THIS_DIR "${CMAKE_CURRENT_LIST_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
# The root of the project is two directories up from here. (we are typically in [project name]components/mywolfssh)
get_filename_component(PROJECT_ROOT "${THIS_DIR}" DIRECTORY) # Up one directory from here is "components"
get_filename_component(PROJECT_ROOT "${PROJECT_ROOT}" DIRECTORY) # up one more directory should be the root of our project
message(STATUS "PROJECT_ROOT = ${PROJECT_ROOT}")
# Component naming is only adjusted when using Managed Components, and only when using staging site.
if( "$ENV{IDF_COMPONENT_REGISTRY_URL}" STREQUAL "https://components-staging.espressif.com" )
# TODO: Is checking these two variables really the best way to detect an active Component Manager?
message(STATUS "component_manager_interface_version = ${component_manager_interface_version}")
message(STATUS "managed_components = ${managed_components}")
if( ("${managed_components}" STREQUAL "") AND ("${component_manager_interface_version}" STREQUAL "") )
message(STATUS "Checking if wolfssl is in ${PROJECT_ROOT}/managed_components/${THIS_USER}__mywolfssl")
if(EXISTS "${PROJECT_ROOT}/managed_components/${THIS_USER}__mywolfssl/CMakeLists.txt")
message(STATUS "Found user-specific, managed, staging component. The wolfssl component will be named mywolfssl.")
set(WOLFSSL_COMPONENT_NAME "mywolfssl")
elseif( ("${managed_components}" STREQUAL "") AND ("${component_manager_interface_version}" STREQUAL "") )
# We've found a staging component, but did not detect the component manager
message(STATUS "No component manager interface component wolfssl ${CMAKE_HOME_DIRECTORY}")
set(WOLFSSL_COMPONENT_NAME "wolfssl")
else()
message(STATUS "else mywolfssl")
set(WOLFSSL_COMPONENT_NAME "mywolfssl")
endif()
elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl/CMakeLists.txt")
message(STATUS "Found managed_components mywolfssl")
set(WOLFSSL_COMPONENT_NAME "mywolfssl")
else()
message(STATUS "Not staging environment, no managed_components wolfssl")
set(WOLFSSL_COMPONENT_NAME "wolfssl")
endif()
set(COMPONENT_REQUIRES lwip "${WOLFSSL_COMPONENT_NAME}")
# function: IS_WOLFSSH_SOURCE
# parameter: DIRECTORY_PARAMETER = the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssh directory, otherwise blank.
function(IS_WOLFSSH_SOURCE DIRECTORY_PARAMETER RESULT)
if (EXISTS "${DIRECTORY_PARAMETER}/wolfssh/ssh.h")
if (EXISTS "${DIRECTORY_PARAMETER}/wolfssh")
message(STATUS "1")
endif()
if (EXISTS "${DIRECTORY_PARAMETER}")
message(STATUS "2")
endif()
if (EXISTS "${DIRECTORY_PARAMETER}/src")
message(STATUS "3")
endif()
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
set(${RESULT} "" PARENT_SCOPE)
endif()
endfunction()
# function: FIND_WOLFSSH_DIRECTORY
# parameter: OUTPUT_FOUND_WOLFSSH_DIRECTORY contains root of source code, otherwise blank
#
function(FIND_WOLFSSH_DIRECTORY OUTPUT_FOUND_WOLFSSH_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSH_DIRECTORY")
message(STATUS "OUTPUT_FOUND_WOLFSSH_DIRECTORY = ${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}}")
IS_WOLFSSH_SOURCE("${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}}" FOUND_WOLFSSH)
if( FOUND_WOLFSSH )
set(${OUTPUT_FOUND_WOLFSSH_DIRECTORY} ${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}} PARENT_SCOPE)
return()
endif()
message(STATUS "")
if ( "${${OUTPUT_FOUND_WOLFSSH_DIRECTORY}}" STREQUAL "" )
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSH_ROOT environment variable is not set. Searching...")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}" ABSOLUTE)
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSH)
if( FOUND_WOLFSSH )
message(STATUS "Found WOLFSSH_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSH_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSH_ROOT}")
endif()
endif()
else()
# There's a non-blank WOLFSSH_ROOT environment variable. Is it a valid wolfssh directory?
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSH_ROOT}" ABSOLUTE)
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSH)
if("${FOUND_WOLFSSH}")
message(STATUS "Found WOLFSSH_ROOT via Environment Variable:")
else()
message(FATAL_ERROR "WOLFSSH_ROOT Environment Variable defined, but path not found: $ENV{WOLFSSH_ROOT}")
#message(STATUS "Exit CMake")
endif()
endif()
# we'll start in the THIS_CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssh
message(STATUS "THIS_CMAKE_CURRENT_SOURCE_DIR = ${THIS_CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${THIS_CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# loop through all the parents, looking for wolfssh
while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
# wolfssh may simply be in a parent directory, such as for local examples in wolfssh repo
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSH)
if( FOUND_WOLFSSH )
message(STATUS "Found wolfssh in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSH_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
if( THIS_USER )
# Check for "wolfssh-[username]" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT "${CURRENT_SEARCH_DIR}/wolfssh-${THIS_USER}")
message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
#if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSH )
if ( FOUND_WOLFSSH )
message(STATUS "Found wolfssh in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
set(${OUTPUT_FOUND_WOLFSSH_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
return()
endif()
endif()
# Next check for no user suffix "wolfssh" subdirectory as we recurse up the directory tree
set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssh)
# if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
IS_WOLFSSH_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSH )
if ( FOUND_WOLFSSH )
message(STATUS "Found wolfssh in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSH_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
endif()
# Move up one directory level
set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
# when the search directory is empty, we'll give up
set(CURRENT_SEARCH_DIR "")
endif()
endwhile()
# If not found, set the output variable to empty before exiting
set(${OUTPUT_FOUND_WOLFSSH_DIRECTORY} "" PARENT_SCOPE)
endfunction()
# COMPONENT_NAME = wolfssh
# The component name is the directory name. "No feature to change this".
# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
# set the root of WOLFSSH in top-level project CMakelists.txt:
# set the root of wolfssh in top-level project CMakelists.txt:
# set(WOLFSSH_ROOT "C:/some path/with/spaces")
# set(WOLFSSH_ROOT "c:/workspace/WOLFSSH-[username]")
# set(WOLFSSH_ROOT "c:/workspace/wolfssh-[username]")
# set(WOLFSSH_ROOT "/mnt/c/some path/with/spaces")
# or use this logic to assign value from Environment Variable WOLFSSH_ROOT,
# or assume this is an example 7 subdirectories below:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/WOLFSSH_test/components/WOLFSSH
# The root of WOLFSSH is 7 directories up from here:
# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssh_test/components/wolfssh
# The root of wolfssh is 7 directories up from here:
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "WOLFSSH component CMAKE_BUILD_EARLY_EXPANSION:")
message(STATUS "wolfssh component CMAKE_BUILD_EARLY_EXPANSION:")
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES
@ -101,25 +315,26 @@ else()
message(STATUS "************************************************************************************************")
message(STATUS "wolfssh component config:")
message(STATUS "************************************************************************************************")
FIND_WOLFSSH_DIRECTORY(WOLFSSH_ROOT)
# Check to see if we're already in WOLFSSH, and only if WOLFSSH_ROOT not specified
# Check to see if we're already in wolfssh, and only if WOLFSSH_ROOT not specified
if ("${WOLFSSH_ROOT}" STREQUAL "")
# WOLFSSH examples are 7 directories deep from WOLFSSH repo root
# wolfssh examples are 7 directories deep from wolfssh repo root
# 1 2 3 4 5 6 7
set(THIS_RELATIVE_PATH "../../../../../../..")
get_filename_component(THIS_SEARCH_PATH "${THIS_RELATIVE_PATH}" ABSOLUTE)
message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
# we're already in WOLFSSH examples!
# we're already in wolfssh examples!
get_filename_component(WOLFSSH_ROOT "${THIS_SEARCH_PATH}" ABSOLUTE)
message(STATUS "Using WOLFSSH example with root ${WOLFSSH_ROOT}")
message(STATUS "Using wolfssh example with root ${WOLFSSH_ROOT}")
else()
# We're in some other repo such as wolfssh, so we'll search for an
# adjacent-level directory for WOLFSSH. (8 directories up, then down one)
# adjacent-level directory for wolfssh. (8 directories up, then down one)
#
# For example WOLFSSH examples:
# C:\workspace\WOLFSSH-gojimmypi\IDE\Espressif\ESP-IDF\examples\WOLFSSH_benchmark\components\WOLFSSH
# For example wolfssh examples:
# C:\workspace\wolfssh-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssh
#
# For example wolfSSH examples:
# C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\WOLFSSH
@ -141,7 +356,7 @@ else()
get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "THIS_DIR = ${THIS_DIR}")
# find the user name to search for possible "WOLFSSH-username"
# find the user name to search for possible "wolfssh-username"
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
@ -156,35 +371,35 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
# This same makefile is used for both the WOLFSSH component, and other
# components that may depend on WOLFSSH, such as wolfssh. Therefore
# we need to determine if this makefile is in the WOLFSSH repo, or
# This same makefile is used for both the wolfssh component, and other
# components that may depend on wolfssh, such as wolfssh. Therefore
# we need to determine if this makefile is in the wolfssh repo, or
# some other repo.
if( "{THIS_USER}" STREQUAL "" )
# This is highly unusual to not find a user name.
# In this case, we'll just search for a "WOLFSSH" directory:
# In this case, we'll just search for a "wolfssh" directory:
message(STATUS "No username found!")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/WOLFSSH" ABSOLUTE)
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/wolfssh" ABSOLUTE)
else()
# We found an environment USER name!
# The first place to look for WOLFSSH will be in a user-clone called "WOLFSSH-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/WOLFSSH-${THIS_USER} directory.")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/WOLFSSH-${THIS_USER}" ABSOLUTE)
# The first place to look for wolfssh will be in a user-clone called "wolfssh-[username]"
message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssh-${THIS_USER} directory.")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/wolfssh-${THIS_USER}" ABSOLUTE)
if( EXISTS "${WOLFSSH_ROOT}" )
message(STATUS "Found WOLFSSH in user-suffix ${WOLFSSH_ROOT}")
message(STATUS "Found wolfssh in user-suffix ${WOLFSSH_ROOT}")
else()
# If there's not a user-clone called "WOLFSSH-[username]",
# perhaps there's simply a git clone called "WOLFSSH"?
message(STATUS "Did not find WOLFSSH-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/WOLFSSH" ABSOLUTE)
# If there's not a user-clone called "wolfssh-[username]",
# perhaps there's simply a git clone called "wolfssh"?
message(STATUS "Did not find wolfssh-${THIS_USER}; continuing search...")
get_filename_component(WOLFSSH_ROOT "${THIS_RELATIVE_PATH}/wolfssh" ABSOLUTE)
if( EXISTS "${WOLFSSH_ROOT}" )
message(STATUS "Found WOLFSSH in standard ${WOLFSSH_ROOT}")
message(STATUS "Found wolfssh in standard ${WOLFSSH_ROOT}")
else()
# Things are looking pretty bleak. We'll likely not be able to compile.
message(STATUS "Did not find WOLFSSH in ${WOLFSSH_ROOT}")
message(STATUS "Did not find wolfssh in ${WOLFSSH_ROOT}")
endif()
endif()
endif()
@ -211,8 +426,8 @@ else()
if( EXISTS "${WOLFSSH_ROOT}" )
message(STATUS "WOLFSSH_ROOT = ${WOLFSSH_ROOT}")
else()
# Abort. We need WOLFSSH _somewhere_.
message(FATAL_ERROR "Could not find WOLFSSH in ${WOLFSSH_ROOT}. Try setting environment variable or git clone.")
# Abort. We need wolfssh _somewhere_.
message(FATAL_ERROR "Could not find wolfssh in ${WOLFSSH_ROOT}. Try setting environment variable or git clone.")
endif()
@ -233,86 +448,97 @@ else()
message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
#
# Check to see if there's both a local copy and EDP-IDF copy of the WOLFSSH and/or wolfssh components.
# Check to see if there's both a local copy and EDP-IDF copy of the wolfssh and/or wolfssh components.
#
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/WOLFSSH/" )
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssh/" )
#
# WOLFSSH found in both ESP-IDF and local project - needs to be resolved by user
# wolfssh found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(STATUS "Error: Found components/WOLFSSH in both local project and IDF_PATH")
message(STATUS "Error: Found components/wolfssh in both local project and IDF_PATH")
message(STATUS "")
message(STATUS "To proceed: ")
message(STATUS "")
message(STATUS "Remove either the local project component: ${WOLFSSH_PROJECT_DIR} ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/WOLFSSH/ ")
message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssh/ ")
message(STATUS "")
message(FATAL_ERROR "Please use WOLFSSH in either local project or Espressif components, but not both.")
message(FATAL_ERROR "Please use wolfssh in either local project or Espressif components, but not both.")
message(STATUS "")
message(STATUS "**************************************************************************************")
message(STATUS "")
message(STATUS "Please use wolfSSL in either local project or Espressif components, but not both.")
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSH_MULTI_INSTALL_WARNING")
else()
if( EXISTS "$ENV{IDF_PATH}/components/WOLFSSH/" )
if( EXISTS "$ENV{IDF_PATH}/components/wolfssh/" )
#
# WOLFSSH found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
# wolfssh found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
#
message(STATUS "")
message(STATUS "Using components/WOLFSSH in IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "Using components/wolfssh in IDF_PATH = $ENV{IDF_PATH}")
message(STATUS "")
else()
#
# WOLFSSH is not an ESP-IDF component.
# We need to now determine if it is local and if so if it is part of the WOLFSSH repo,
# or if WOLFSSH is simply installed as a local component.
# wolfssh is not an ESP-IDF component.
# We need to now determine if it is local and if so if it is part of the wolfssh repo,
# or if wolfssh is simply installed as a local component.
#
message(STATUS "Looking at WOLFSSH_PROJECT_DIR = '${WOLFSSH_PROJECT_DIR}'")
if( EXISTS "${WOLFSSH_PROJECT_DIR}" )
#
# WOLFSSH found in local project.
# wolfssh found in local project.
#
if( EXISTS "${WOLFSSH_PROJECT_DIR}/wolfcrypt/" )
if( EXISTS "${WOLFSSH_PROJECT_DIR}/wolfssh/" )
message(STATUS "")
message(STATUS "Using installed project ./components/WOLFSSH in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "Using installed project ./components/wolfssh in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "")
#
# Note we already checked above and confirmed there's not another WOLFSSH installed in the ESP-IDF components.
# Note we already checked above and confirmed there's not another wolfssh installed in the ESP-IDF components.
#
# We won't do anything else here, as it will be assumed the original install completed successfully.
#
else() # full WOLFSSH not installed in local project
else() # full wolfssh not installed in local project
#
# This is the developer repo mode. WOLFSSH will be assumed to be not installed to ESP-IDF nor local project
# In this configuration, we are likely running a WOLFSSH example found directly in the repo.
# This is the developer repo mode. wolfssh will be assumed to be not installed to ESP-IDF nor local project
# In this configuration, we are likely running a wolfssh example found directly in the repo.
#
message(STATUS "")
message(STATUS "Using developer repo ./components/WOLFSSH in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "Using developer repo ./components/wolfssh in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
message(STATUS "")
message(STATUS "************************************************************************************************")
# When in developer mode, we are typically running WOLFSSH examples such as benchmark or test directories.
# However, the as-cloned or distributed WOLFSSH does not have the ./include/ directory, so we'll add it as needed.
# When in developer mode, we are typically running wolfssh examples such as benchmark or test directories.
# However, the as-cloned or distributed wolfssh does not have the ./include/ directory, so we'll add it as needed.
#
# first check if there's a [root]/include/user_settings.h
if( EXISTS "${WOLFSSH_ROOT}/include/user_settings.h" )
message(FATAL_ERROR "Found stray WOLFSSH user_settings.h in "
message(FATAL_ERROR "Found stray wolfssh user_settings.h in "
"${WOLFSSH_ROOT}/include/user_settings.h "
" (please move it to ${WOLFSSH_PROJECT_DIR}/include/user_settings.h )")
" (please move it to ${WOLFSSH_PROJECT_DIR}/components/wolfssl/include/user_settings.h )")
else()
# we won't overwrite an existing user settings file, just note that we already have one:
if( EXISTS "${WOLFSSH_PROJECT_DIR}/include/user_settings.h" )
message(STATUS "Using existing WOLFSSH user_settings.h in "
"${WOLFSSH_PROJECT_DIR}/include/user_settings.h")
if( EXISTS "${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}/user_settings.h" )
message(STATUS "Using existing wolfssh user_settings.h in "
"${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
else()
message(STATUS "Installing WOLFSSH user_settings.h to "
"${WOLFSSH_PROJECT_DIR}/include/user_settings.h")
# file(COPY "${WOLFSSH_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
# DESTINATION "${CMAKE_HOME_DIRECTORY}/WOLFSSH/include/")
if(EXISTS "${LIB_USER_SETTINGS}" )
message(STATUS "Installing wolfssh user_settings.h to "
"${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
file(COPY "${LIB_USER_SETTINGS}"
DESTINATION "${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
if( EXISTS "${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}/user_settings.h" )
message(STATUS "Confirmed wolfssl user_settings.h in ${THIS_PROJECT_WOLFSSH_USER_SETTINGS_PATH}")
else()
message(ERROR "ERROR: Failed to copy wolfssl user_settings.h from ${LIB_USER_SETTINGS} to ${LIB_USER_SETTINGS}")
endif()
else()
message(ERROR "wolfssl user_settings.h not in project, and not found in ${LIB_USER_SETTINGS}")
endif()
endif()
endif() # user_settings.h
@ -321,19 +547,19 @@ else()
endif()
else()
# we did not find a ./components/WOLFSSH/include/ directory from this pass of cmake.
# we did not find a ./components/wolfssh/include/ directory from this pass of cmake.
if($WOLFSSH_FOUND_IDF)
message(STATUS "")
message(STATUS "WARNING: WOLFSSH not found.")
message(STATUS "WARNING: wolfssh not found.")
message(STATUS "")
else()
# probably needs to be re-parsed by Espressif
message(STATUS "WOLFSSH found IDF. Project Source:${PROJECT_SOURCE_DIR}")
message(STATUS "wolfssh found IDF. Project Source:${PROJECT_SOURCE_DIR}")
endif() # else we have not found ESP-IDF yet
endif() # else not a local WOLFSSH component
endif() # else not a local wolfssh component
endif() #else not an ESP-IDF component
endif() # else not local copy and EDP-IDF WOLFSSH
endif() # else not local copy and EDP-IDF wolfssh
# RTOS_IDF_PATH is typically:
@ -422,17 +648,17 @@ else()
message(STATUS "")
endif()
# target_sources(WOLFSSH PRIVATE "\"${WOLFSSH_ROOT}/WOLFSSH/\"" "\"${WOLFSSH_ROOT}/WOLFSSH/wolfcrypt\"")
# target_sources(wolfssh PRIVATE "\"${WOLFSSH_ROOT}/wolfssh/\"" "\"${WOLFSSH_ROOT}/wolfssh/wolfcrypt\"")
endif() # CMAKE_BUILD_EARLY_EXPANSION
# check to see if there's both a local copy and EDP-IDF copy of the WOLFSSH components
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/WOLFSSH/" )
# check to see if there's both a local copy and EDP-IDF copy of the wolfssh components
if( EXISTS "${WOLFSSH_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssh/" )
message(STATUS "")
message(STATUS "")
message(STATUS "********************************************************************")
message(STATUS "WARNING: Found components/WOLFSSH in both local project and IDF_PATH")
message(STATUS "WARNING: Found components/wolfssh in both local project and IDF_PATH")
message(STATUS "********************************************************************")
message(STATUS "")
endif()
@ -502,6 +728,6 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
LIBWOLFSSH_SAVE_INFO(LIBWOLFSSH_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "WOLFSSH component config complete!")
message(STATUS "wolfssh component config complete!")
message(STATUS "************************************************************************************************")
endif()

3
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssh/README.md 100644
View File

@ -0,0 +1,3 @@
# wolfSSH Component
All related settings are in the wolfSSL component.

721
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssl/CMakeLists.txt
View File

@ -1,5 +1,5 @@
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -18,30 +18,195 @@
#
# cmake for wolfssl Espressif projects
#
# Version 5.7.0 template update + THIS_IDF_PATH
# Version 5.8.0 Espressif ESP-IDF + PlatformIO integration (2)
#
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
#
message(STATUS "Begin wolfssl ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
cmake_minimum_required(VERSION 3.16)
set(VERBOSE_COMPONENT_MESSAGES 1)
# The scope of this CMAKE_C_FLAGS is just this component:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
# set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
# Optionally set your source to wolfSSL in your project CMakeLists.txt like this:
# set(WOLFSSL_ROOT "c:/test/my_wolfssl" )
# set(WOLFSSL_ROOT "c:/workspace/my_wolfssl" )
if ( "${WOLFSSL_ROOT}" STREQUAL "")
set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
endif()
set(VERBOSE_COMPONENT_MESSAGES 1)
# Optional requires include:
# set(THIS_ESP_TLS "esp-tls")
set(THIS_ESP_TLS "")
# LIBWOLFSSL_CMAKE_OUTPUT can be printed at runtime
set(LIBWOLFSSL_CMAKE_OUTPUT "")
if(CMAKE_BUILD_EARLY_EXPANSION)
message(STATUS "Skipping libwolfssl_output.h update during CMAKE_BUILD_EARLY_EXPANSION")
else()
# Initialize a new libwolfssl_output.h in the cmake build directory.
if( EXISTS "${CMAKE_BINARY_DIR}/libwolfssl_output.h")
# The next WRITE replaces a file.
# This is here to remove any ambiguity on file removal & generation.
file(REMOVE "${CMAKE_BINARY_DIR}/libwolfssl_output.h")
endif()
file(WRITE "${CMAKE_BINARY_DIR}/libwolfssl_output.h"
"/* libwolfssl_output.h generated by wolfssl component */\n"
"#ifndef _LIBWOLFSSL_OUTPUT_H_\n"
"\n"
"#define _LIBWOLFSSL_OUTPUT_H_\n\n")
endif()
# Append messages with:
# LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_CMAKE_OUTPUT "${LIBWOLFSSL_CMAKE_OUTPUT}\n"message" "0")
# See function: APPEND_LIBWOLFSSL_CMAKE_OUTPUT
# function: IS_ESP_IDF_COMPONENT
# output: RESULT = 1 (true) if this component is located in the ESP-IDF components
# otherwise 0 (false)
function( IS_ESP_IDF_COMPONENT
RESULT)
# NOTE: Component location is based on the location of the CMakeList.txt
# and *not* the location of the wolfSSL source code. (which may be anywhere)
# Normalize the paths to remove any trailing slashes
get_filename_component(NORMALIZED_IDF_PATH "${IDF_PATH}" REALPATH)
get_filename_component(NORMALIZED_TEST_PATH "${COMPONENT_DIR}" REALPATH)
# Check if the test path starts with the IDF_PATH
string(FIND "${NORMALIZED_TEST_PATH}" "${NORMALIZED_IDF_PATH}" pos)
if(${pos} EQUAL 0)
message(STATUS "${COMPONENT_DIR} is within IDF_PATH.")
set(${RESULT} 1 PARENT_SCOPE)
else()
message(STATUS "${COMPONENT_DIR} is not within IDF_PATH.")
set(${RESULT} 0 PARENT_SCOPE)
endif()
endfunction()
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUTPUT THIS_VAR VAR_RESULT)
#
# Save the THIS_VAR as a string in a macro called VAR_OUTPUT
#
# VAR_OUTPUT: the name of the macro to define
# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
#
function ( LIBWOLFSSL_SAVE_INFO VAR_OUTPUT THIS_VAR VAR_RESULT )
# is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
# if we had a successful operation, save the THIS_VAR in VAR_OUTPUT
if(${IS_VALID_VALUE})
if(0)
# Optional debug
message(STATUS "Looking for LF in ${THIS_VAR}")
endif()
# Check if the text to print in THIS_VAR is multi-line
string(REPLACE "\n" ";" LINES "${THIS_VAR}")
list(LENGTH LINES LINE_COUNT)
# Save var to "libwolfssl_output.h" header if multi-line, otherwise a simple compile def
if(LINE_COUNT GREATER 1)
message(STATUS "Setting HAVE_LIBWOLFSSL_OUTPUT_HEADER=1 for ${VAR_OUTPUT}")
add_compile_definitions(HAVE_LIBWOLFSSL_OUTPUT_HEADER=1)
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "#undef ${VAR_OUTPUT}\n")
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "#define ${VAR_OUTPUT} \\\n")
# Split into lines
string(REPLACE "\n" ";" LINES "${THIS_VAR}")
foreach(LINE IN LISTS LINES)
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "\"${LINE}\\n\" \\\n")
endforeach()
# Final empty line to close the macro
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h" "\n")
message(STATUS "COMPONENT_LIB=${COMPONENT_LIB}")
target_include_directories(${COMPONENT_LIB} PRIVATE "${CMAKE_BINARY_DIR}")
else()
message(STATUS "No HAS_LIBWOLFSSL_OUTPUT_HEADER")
# We should not have any, but just to be sure:
# Strip newline chars in THIS_VAR parameter and save in VAR_VALUE
string(REPLACE "\n" "" VAR_VALUE "${THIS_VAR}")
# we'll could percolate the value to the parent for possible later use
# set(${VAR_OUTPUT} ${VAR_VALUE} PARENT_SCOPE)
# but we're only using it here in this function
set(${VAR_OUTPUT} ${VAR_VALUE})
# we'll print what we found to the console
message(STATUS "Found ${VAR_OUTPUT}=${VAR_VALUE}")
# the interesting part is defining the VAR_OUTPUT name a value to use in the app
add_compile_definitions(${VAR_OUTPUT}=\"${VAR_VALUE}\")
endif()
else()
# if we get here, check the execute_process command and parameters.
message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
set(${VAR_OUTPUT} "Unknown")
endif()
endfunction() # LIBWOLFSSL_SAVE_INFO
#
# APPEND_LIBWOLFSSL_CMAKE_OUTPUT(THIS_MESSAGE OUTPUT_VALUE)
#
# Append the text in THIS_MESSAGE to LIBWOLFSSL_CMAKE_OUTPUT.
# String is available at runtime in app
#
function( APPEND_LIBWOLFSSL_CMAKE_OUTPUT
THIS_MESSAGE )
# Normally, we'd simply print a message:
message(STATUS "${THIS_MESSAGE}")
# But here we'll pass the entire LIBWOLFSSL_CMAKE_OUTPUT as a string definition to the app
set(LIBWOLFSSL_CMAKE_OUTPUT "${LIBWOLFSSL_CMAKE_OUTPUT}\n${THIS_MESSAGE}" PARENT_SCOPE)
# We don't call LIBWOLFSSL_SAVE_INFO here as it would add duplicate definitions
# See single instance at the end of this file.
endfunction()
# Determine if this cmake file is located in the ESP-IDF component directory or not,
# and if so, if it is being ignored (allowing the use of a local project one, instead).
IS_ESP_IDF_COMPONENT( IS_WOLSSL_ESP_IDF_COMPONENT )
if( IS_WOLSSL_ESP_IDF_COMPONENT )
message(STATUS "This wolfSSL is a component in ESP-IDF.")
if ( CONFIG_IGNORE_ESP_IDF_WOLFSSL_COMPONENT )
idf_component_register()
message(STATUS "Warning: wolfSSL component in ESP-IDF is being ignored.")
return()
endif()
endif()
if( "${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}" STREQUAL "" )
# nothing to do
else()
# Only forward slashes, or double backslashes are supported.
# By the time we get here the sdkconfig file has a value for wolfSSL source code root.
string(REPLACE "\\" "/" CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
message(STATUS "Cleaned wolfssl path: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
endif()
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
@ -51,28 +216,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
message(STATUS "Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
message(STATUS "Detected APPLE")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
message(STATUS "Detected Apple")
endif()
endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
@ -105,10 +270,11 @@ if( ("${CMAKE_PROJECT_NAME}" STREQUAL "wolfssl_benchmark") OR ("${CMAKE_PROJECT_
message(STATUS "Not including lwip for ${CMAKE_PROJECT_NAME}")
else()
# benchmark and test do not need wifi, everything else probably does:
set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
set(COMPONENT_REQUIRES lwip "${THIS_ESP_TLS}") # we typically don't need lwip directly in wolfssl component
endif()
# find the user name to search for possible "wolfssl-username"
# Find the user name to search for possible "wolfssl-username"
# Reminder: Windows is %USERNAME%, Linux is $USER
message(STATUS "USERNAME = $ENV{USERNAME}")
if( "$ENV{USER}" STREQUAL "" ) # the bash user
if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
@ -123,6 +289,32 @@ else()
endif()
message(STATUS "THIS_USER = ${THIS_USER}")
if( "$ENV{IDF_PATH}" STREQUAL "" )
message(FATAL_ERROR "IDF_PATH Environment variable not set!")
else()
string(REPLACE "\\" "/" THIS_IDF_PATH "$ENV{IDF_PATH}")
endif()
# ENVIRONMENT_VAR_TO_MACRO
# Check environment variable name EVARPARAM as [name]
# If defined, and has a value of EVARVALUE as [value],
# then assign a compiler definition "-D[name]=[value]"
function( ENVIRONMENT_VAR_TO_MACRO
EVARPARAM # Environment variable parameter name
EVARVALUE) # Environment variable value
# If the EVARPARAM environment variable name is set to EVARVALUE,
# set the compiler flag definition to enable CSV output.
if ( "$ENV{${EVARPARAM}}" STREQUAL "${EVARVALUE}")
message(STATUS "Appending compile definition: -D${EVARPARAM}=${EVARVALUE}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D${EVARPARAM}=${EVARVALUE}")
else()
if(DEFINED ENV{${EVARPARAM}})
message(STATUS "Environment variable ${EVARPARAM} detected but set to $ENV{${EVARPARAM}}, not appending compile definition.")
else()
message(STATUS "Environment variable ${EVARPARAM} not detected, not appending compile definition.")
endif()
endif()
endfunction()
# COMPONENT_NAME = wolfssl
# The component name is the directory name. "No feature to change this".
@ -141,7 +333,9 @@ message(STATUS "THIS_USER = ${THIS_USER}")
# function: IS_WOLFSSL_SOURCE
# parameter: DIRECTORY_PARAMETER - the directory to test
# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
function( IS_WOLFSSL_SOURCE
DIRECTORY_PARAMETER
RESULT )
if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
else()
@ -156,30 +350,61 @@ endfunction()
# Example usage:
# FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
# *********************************************************************************************
function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
function( FIND_WOLFSSL_DIRECTORY
OUTPUT_FOUND_WOLFSSL_DIRECTORY)
message(STATUS "Starting FIND_WOLFSSL_DIRECTORY: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if ( "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" STREQUAL "" )
# The parameter is empty, so we certainly need to search.
# First, see if there's an environment variable. This takes highest priority (unless already found as hard-coded, above)
set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
else()
get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
# Next, if not found, see if wolfSSL was selected for ESP-TLS Kconfig
if(CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT)
set(CURRENT_SEARCH_DIR ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
message(STATUS "WOLFSSL_ROOT found in sdkconfig/KConfig: ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
else()
message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
message(STATUS "$ENV{WOLFSSL_ROOT}")
endif()
endif()
message(STATUS "wolfSSL not defined in [Component Config] [wolfssl]. Continuing search...")
# If not specified as a search hint in OUTPUT_FOUND_WOLFSSL_DIRECTORY:
# This wolfSSL component CMakeLists.txt may be found EITHER in:
# 1) local project component
# 2) ESP-IDF share components
# We'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
# That option might find wolfSSL source code as a copy in the component directory (e.g. Managed Components)
# Unless cmake is in the ESP-IDF, in which case it is unlikely to find wolfSSL source in any parent.
message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
endif() # CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT
endif() # check environment var blank
else()
get_filename_component(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}" ABSOLUTE)
message(STATUS "Parameter found for FIND_WOLFSSL_DIRECTORY")
message(STATUS "Setting wolfSSL search directory to: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
set(CURRENT_SEARCH_DIR "${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
endif() # parameter empty
# Check to see if we found a path in environment or config settings, above.
if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
message(STATUS "Source for wolfSSL not specified in path nor config settings.")
# We'll continue the search by recursing up the directory tree, below.
else()
# Setting found! Does it contain a valid path?
string(REPLACE "\\" "/" CURRENT_SEARCH_DIR ${CURRENT_SEARCH_DIR})
get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" ABSOLUTE)
IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
if( FOUND_WOLFSSL )
message(STATUS "Found WOLFSSL_ROOT via prior specification.")
message(STATUS "Found wolfSSL source code via setting: ${CURRENT_SEARCH_DIR}")
set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
return()
else()
message(FATAL_ERROR "WOLFSSL_ROOT Variable defined, but path not found: ${${OUTPUT_FOUND_WOLFSSL_DIRECTORY}}")
if(WIN32)
message(STATUS "When specifying a path for Windows, use forward slahes, or double backslashes.")
endif()
message(STATUS "CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT sdkconfig setting = ${CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT}")
message(STATUS "WOLFSSL_ROOT Variable defined, but source code not found: ${CURRENT_SEARCH_DIR}")
endif()
endif()
@ -280,6 +505,11 @@ endfunction()
message(STATUS "CONFIG_TARGET_PLATFORM = ${CONFIG_TARGET_PLATFORM}")
# Check for environment variable that may be assigned to macros
ENVIRONMENT_VAR_TO_MACRO("GENERATE_MACHINE_PARSEABLE_REPORT" "1")
ENVIRONMENT_VAR_TO_MACRO("WOLFSSL_BENCHMARK_FIXED_CSV" "1")
# Optional variable inspection
if (0)
get_cmake_property(_variableNames VARIABLES)
list (SORT _variableNames)
@ -296,15 +526,25 @@ endif()
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
# There's no esp_timer, no driver components for the ESP8266
message(STATUS "Early expansion EXCLUDES esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion EXCLUDES driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
message(STATUS "Early expansion EXCLUDES for esp8266:")
message(STATUS "THIS_INCLUDE_DRIVER: '${THIS_INCLUDE_DRIVER}'")
message(STATUS "THIS_INCLUDE_TIMER: '${THIS_INCLUDE_TIMER}'")
message(STATUS "Early expansion INCLUDE for esp8266:")
message(STATUS "THIS_INCLUDE_PTHREAD: '${THIS_INCLUDE_PTHREAD}'")
set(THIS_ESP_TLS "")
set(THIS_INCLUDE_DRIVER "")
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_PTHREAD "pthread")
else()
message(STATUS "Early expansion includes esp_timer: ${THIS_INCLUDE_TIMER}")
message(STATUS "Early expansion includes driver: ${THIS_INCLUDE_DRIVER}")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_ESP_TLS "esp-tls")
set(THIS_INCLUDE_DRIVER "driver")
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_PTHREAD "")
# Let the app know that we've included the esp-tls component requirement.
# This is critical for use the the esp-tls component. See wolfssl esp_crt_bundle.c file.
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_REQUIRED_ESP_TLS=1")
endif()
if(CMAKE_BUILD_EARLY_EXPANSION)
@ -312,8 +552,10 @@ if(CMAKE_BUILD_EARLY_EXPANSION)
idf_component_register(
REQUIRES "${COMPONENT_REQUIRES}"
PRIV_REQUIRES # esp_hw_support
${THIS_INCLUDE_TIMER}
${THIS_INCLUDE_DRIVER} # this will typically only be needed for wolfSSL benchmark
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_PTHREAD}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
else()
@ -322,6 +564,15 @@ else()
message(STATUS "wolfssl component config:")
message(STATUS "************************************************************************************************")
if ( "${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
# There's no esp_timer, no driver components for the ESP8266
set(THIS_INCLUDE_TIMER "")
set(THIS_INCLUDE_DRIVER "")
else()
set(THIS_INCLUDE_TIMER "esp_timer")
set(THIS_INCLUDE_DRIVER "driver")
endif()
# search for wolfSSL
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
if(WOLFSSL_ROOT)
@ -335,7 +586,9 @@ else()
# Abort CMake after fatal error.
endif()
else()
message(STATUS "Searching for wolfSL source code...")
message(STATUS "Source code for wolfSSL still not found.")
message(STATUS "Searching from project home: ${CMAKE_HOME_DIRECTORY} ...")
set(WOLFSSL_ROOT "${CMAKE_HOME_DIRECTORY}")
FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
endif()
@ -343,11 +596,18 @@ else()
if(WOLFSSL_ROOT)
message(STATUS "Confirmed wolfssl directory at: ${WOLFSSL_ROOT}")
else()
message(STATUS "Failed: wolfssl directory not found.")
# Try to allow a more intuitive error that the source code was not found in cmake:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_WARNING_SOURCE_NOT_FOUND")
message(STATUS "Failed: wolfssl source code directory not found.")
# Abort. We need wolfssl _somewhere_.
message(FATAL_ERROR "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
# Abort CMake after fatal error.
message(STATUS "")
message(STATUS "")
message(STATUS "Could not find wolfssl in any parent directory named wolfssl-${THIS_USER}, wolfssl-master, or wolfssl.\n"
"Try setting WOLFSSL_ROOT environment variable, cmake variable in project, copy source, or use managed components.")
message(STATUS "")
message(STATUS "")
# Abort CMake after fatal error. (or not?)
endif()
set(INCLUDE_PATH ${WOLFSSL_ROOT})
@ -373,22 +633,24 @@ else()
endif()
endif()
message(STATUS "WOLFSSL_EXTRA_PROJECT_DIR = ${WOLFSSL_EXTRA_PROJECT_DIR}")
set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
"\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
) # COMPONENT_SRCDIRS
message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
# wolfSSL user_settings.h is in the local project.
# wolfSSL user_settings.h may be in the local project.
# TODO check if exists and possibly set to ESP-IDF
set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
# add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h")
add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
# Espressif may take several passes through this makefile. Check to see if we found IDF
string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@ -421,8 +683,7 @@ else()
message(STATUS "**************************************************************************************")
message(STATUS "")
message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
# Abort CMake after fatal error.
message(STATUS "Please use wolfSSL in either local project or Espressif components, but not both.")
# Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
@ -530,7 +791,9 @@ else()
# depending on the environment, we may need to swap backslashes with forward slashes
string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
if(WOLFSSL_ROOT)
string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
endif()
if(IS_DIRECTORY "${RTOS_IDF_PATH}")
message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
@ -546,12 +809,16 @@ else()
message(STATUS "THIS_IDF_PATH = $THIS_IDF_PATH")
# wolfSSL-specific include directories
set(COMPONENT_ADD_INCLUDEDIRS
"./include" # this is the location of wolfssl user_settings.h
"./include" # this is the location of local project wolfssl user_settings.h
"\"${WOLFSSL_ROOT}/\""
"\"${WOLFSSL_ROOT}/wolfssl/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/port/Espressif\""
"\"${RTOS_IDF_PATH}/\""
# wolfSSL release after v5.7 includes WiFi, time, and mem/debug helpers
"${THIS_IDF_PATH}/components/esp_event/include"
"${THIS_IDF_PATH}/components/esp_netif/include"
"${THIS_IDF_PATH}/components/esp_wifi/include"
)
# Optionally include cryptoauthlib if present
@ -579,8 +846,8 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/ext_kyber.c\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/ext_kyber.h\"" # external non-wolfssl Kyber disabled by default
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
@ -591,6 +858,7 @@ else()
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
"\"${WOLFSSL_ROOT}/examples\"" # Examples are distributed in Managed Components, but not part of a project.
"\"${EXCLUDE_ASM}\""
)
@ -612,15 +880,226 @@ else()
# see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
#
set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
if(WOLFSSL_ROOT)
# Only register the component if we found wolfSSL source.
# This is important to allow Cmake to finish to completion, otherwise the UI
# may not be able to display the Kconfig settings to fix a bad or missing source.
idf_component_register(
SRC_DIRS "${COMPONENT_SRCDIRS}"
INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
REQUIRES "${COMPONENT_REQUIRES}"
EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
PRIV_REQUIRES
"${THIS_ESP_TLS}"
"${THIS_INCLUDE_TIMER}"
"${THIS_INCLUDE_DRIVER}" # this will typically only be needed for wolfSSL benchmark
)
else()
# Register the component simply to allow CMake to complete, but there's no wolfSSL source.
# Expect many other errors, but the project should at least be loadable and UI can edit Kconfig settings.
idf_component_register()
message(STATUS "Warning: wolfSSL component not registered as no source code found (WOLFSSL_ROOT is blank)")
endif()
# function(WOLFSSL_INIT_CERT_BUNDLE)
if( CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
AND NOT CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
AND NOT ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266")
)
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("wolfSSL Certificate Bundles Enabled")
if (CMAKE_BUILD_EARLY_EXPANSION)
message(FATAL_ERROR "Bundle Cert initialization must occur during CMAKE_BUILD_EARLY_EXPANSION")
endif()
# reminder: we need a value for wolfSSL root first!
if( "${WOLFSSL_ROOT}" STREQUAL "" )
message(FATAL_ERROR "Certificate bundles need a value for WOLFSSL_ROOT")
endif()
# Cert bundle in wolfSSL source unless otherwise specified later
set(WOLFSSL_ESP_CRT_BUNDLE_DIR ${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/esp_crt_bundle)
message(STATUS "WOLFSSL_ESP_CRT_BUNDLE_DIR=${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
if(DEFINED ENV{PLATFORMIO_PROJECT_DIR})
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Detected PlatformIO")
set(IS_PLATFORMIO 1)
else()
# Some environments may not have environment variable, so double check if we are in .pio
if("${CMAKE_BINARY_DIR}" MATCHES "/\\.pio/")
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Detected PlatformIO via CMAKE_BINARY_DIR")
set(IS_PLATFORMIO 1)
else()
set(IS_PLATFORMIO 0)
endif()
endif()
if(EXISTS "${WOLFSSL_ESP_CRT_BUNDLE_DIR}" OR IS_PLATFORMIO)
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Special processing for wolfSSL Certificate Bundles")
set(bundle_name "x509_crt_bundle_wolfssl")
# For now the certs are in the same directory
set(DEFAULT_CRT_DIR "${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
# Generate custom certificate bundle using the generate_cert_bundle utility
set(GENERATE_CERT_BUNDLEPY ${python} ${WOLFSSL_ESP_CRT_BUNDLE_DIR}/gen_crt_bundle.py)
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
elseif(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_all.pem ${DEFAULT_CRT_DIR}/cacrt_local.pem)
list(APPEND args --filter ${DEFAULT_CRT_DIR}/cmn_crt_authorities.csv)
endif()
# Add deprecated root certs if enabled. This config is not visible if the default cert
# bundle is not selected
if(CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST)
list(APPEND crt_paths ${DEFAULT_CRT_DIR}/cacrt_deprecated.pem)
endif()
if(CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE)
get_filename_component(custom_bundle_path
${CONFIG_WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH} ABSOLUTE BASE_DIR "${project_dir}")
list(APPEND crt_paths ${custom_bundle_path})
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Using a custom wolfSSL bundle path: ${custom_bundle_path}")
else()
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Not using a custom wolfSSL bundle path")
endif()
list(APPEND args --input ${crt_paths} -q)
message(STATUS "CMAKE_CURRENT_BINARY_DIR: ${CMAKE_CURRENT_BINARY_DIR}")
get_filename_component(crt_bundle
${bundle_name}
ABSOLUTE BASE_DIR "${CMAKE_CURRENT_BINARY_DIR}")
message(STATUS "Setting up bundle generate: ${GENERATE_CERT_BUNDLEPY} ${args}")
message(STATUS "Depends on custom bundle path: ${custom_bundle_path}")
message(STATUS "crt_bundle ${crt_bundle}")
message(STATUS "COMPONENT_LIB ${COMPONENT_LIB}")
message(STATUS "GENERATE_CERT_BUNDLEPY ${GENERATE_CERT_BUNDLEPY}")
message(STATUS "args ${args}")
message(STATUS "cert_bundle ${cert_bundle}")
if (IS_PLATFORMIO)
# PlatformIO cannot generate a Certificate Bundle at build time
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("PlatformIO is using a predefined bundle rather than generating one")
if ( "${WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}" STREQUAL "" OR "$(WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE)" STREQUAL "" OR "$(WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE)" STREQUAL "n")
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Alternate Certificate Bundle Path and Name not enabled, assuming [project]/certs/x509_crt_bundle_wolfssl")
# Reminder this CMakeLists.txt should be in [project]/components/wolfssl, so ./certs is two directories up
set(crt_bundle_option "../../certs/x509_crt_bundle_wolfssl")
else()
string(SUBSTRING "${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}" 0 2 CERT_PATH_FIRST_TWO)
if(CERT_PATH_FIRST_TWO STREQUAL "./" OR CERT_PATH_FIRST_TWO STREQUAL ".\\")
set(IS_CERT_BUNDLE_RELATIVE_PATH 1)
message(STATUS "Alternate Cert Path is relative to project.")
else()
set(IS_CERT_BUNDLE_RELATIVE_PATH 0)
message(STATUS "Alternate Cert Path is not relative to project.")
endif()
# The cert bundle is not a standard cert, so we con't add to the crt_paths.
# Still, we may have an alternate location, particulatly needed for PlatformIO:
if(IS_CERT_BUNDLE_RELATIVE_PATH)
message(STATUS "CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME = ${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
message(STATUS "Relative alternate_bundle_path: ${alternate_bundle_path}")
SET(crt_bundle_option "${CMAKE_SOURCE_DIR}/${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
else()
message(STATUS "alternate_bundle_path: ${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
message(STATUS "Not using an alternate wolfSSL bundle file.")
SET(crt_bundle_option "${CONFIG_WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME}")
endif()
endif()
# Clean the path, removing any extra "./" etc.
# Number of spaces in message strings is to align path value outputs
message(STATUS "This crt_bundle_option value: ${crt_bundle_option}")
if(${CMAKE_VERSION} VERSION_LESS "3.19")
message("WARNING: CMake version is ${CMAKE_VERSION} ? file(REAL_PATH ...) is not supported. Falling back to manual path normalization.")
# optional fallback logic here
get_filename_component(crt_bundle_file_component "${crt_bundle_option}" ABSOLUTE)
message(STATUS "Interim crt_bundle_file_component: ${crt_bundle_file_component}")
file(TO_CMAKE_PATH "${crt_bundle_file_component}" crt_bundle)
message(STATUS "TO_CMAKE_PATH crt_bundle result: ${crt_bundle}")
# set(crt_bundle "C:/workspace/pio_wolfssl-upstream-test-wolfssl_cert_bundle/esp32-c6/certs/x509_crt_bundle_wolfssl")
else()
file(REAL_PATH "${crt_bundle_option}" crt_bundle)
endif()
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Certificate Bundle: ${crt_bundle}")
message(STATUS "This cleaned crt_bundle value: ${crt_bundle}")
message(STATUS "=============================================================================================================")
message(STATUS "=============================================================================================================")
message(STATUS "Reminder: platformio.ini will need this value set for board_build.embed_files =")
message(STATUS "${crt_bundle}")
message(STATUS "=============================================================================================================")
message(STATUS "=============================================================================================================")
# e.g. SET(crt_bundle "C:/workspace/pio_wolfssl/esp32-c6/certs/x509_crt_bundle_wolfssl")
#
# Normally x509_crt_bundle_wolfssl built by python script called from cmake.
# See https://github.com/wolfSSL/wolfssl/blob/master/wolfcrypt/src/port/Espressif/esp_crt_bundle/gen_crt_bundle.py
# Reminder ESP-IDF scripts are NOT called from CMake for PlatformIO builds.
#
# The easiest way to generate the default file is to build with ESP-IDF and copy the files to [project]/main
#
# for example:
# build\VisualGDB\Debug\x509_crt_bundle_wolfssl.s
# build\VisualGDB\Debug\esp-idf\wolfssl\x509_crt_bundle_wolfssl
#
message(STATUS "Confirming cert bundle exists...")
if(EXISTS "${crt_bundle}")
# Number of spaces is to align path value outputs
message(STATUS "Bundle file found for PlatformIO: ${crt_bundle}")
else()
APPEND_LIBWOLFSSL_CMAKE_OUTPUT("ERROR: Failed to find bundle file found for PlatformIO: ${crt_bundle}")
message(STATUS "Check for entry in platformio.ini: board_build.embed_files = certs/x509_crt_bundle_wolfssl ")
message(FATAL_ERROR "WOLFSSL_CERTIFICATE_BUNDLE is enabled for PlatformIO, but predefined file not found: ${crt_bundle}")
endif()
else()
# APPEND_LIBWOLFSSL_CMAKE_OUTPUT("Generate bundle: ${GENERATE_CERT_BUNDLEPY} ${args}")
# Not PlatformIO
# Generate bundle according to config
# File is generated at build time, not cmake load
add_custom_command(OUTPUT ${crt_bundle}
COMMAND ${GENERATE_CERT_BUNDLEPY} ARGS ${args}
DEPENDS ${custom_bundle_path}
VERBATIM)
if(EXISTS "${crt_bundle}")
message(STATUS "Bundle file exists from prior build: ${crt_bundle}")
else()
message(STATUS "Bundle file expected during next build: ${crt_bundle}")
endif()
# Reminder the file is generated at build time, not cmake load time.
message(STATUS "wolfSSL Cert Bundle File to be created at build time in: ${crt_bundle}")
endif()
add_custom_target(custom_wolfssl_bundle DEPENDS ${crt_bundle})
# the wolfSSL certificate bundle is baked into wolfSSL
add_dependencies(${COMPONENT_LIB} custom_wolfssl_bundle)
# COMPONENT_LIB may vary: __idf_wolfssl, __idf_esp_wolfssl, etc
# target_add_binary_data(__idf_wolfssl ${crt_bundle} BINARY)
target_add_binary_data(${COMPONENT_LIB} ${crt_bundle} BINARY)
set_property(DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
APPEND PROPERTY ADDITIONAL_CLEAN_FILES
"${crt_bundle}")
else()
if(IS_PLATFORMIO)
message(STATUS "WARNING: CONFIG_WOLFSSL_CERTIFICATE_BUNDLE enabled but cannot be generated in PlatformmIO")
else()
message(STATUS "WARNING: CONFIG_WOLFSSL_CERTIFICATE_BUNDLE enabled but directory not found: ${WOLFSSL_ESP_CRT_BUNDLE_DIR}")
endif()
message(FATAL_ERROR "not detected")
endif()
endif()
# endfunction() # WOLFSSL_INIT_CERT_BUNDLE
# Some optional diagnostics. Verbose ones are truncated.
if (VERBOSE_COMPONENT_MESSAGES)
@ -652,6 +1131,12 @@ else()
endif()
# target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
message(STATUS "DETECTED_PROJECT_NAME=${CMAKE_PROJECT_NAME}")
message(STATUS "COMPONENT_TARGET=${COMPONENT_TARGET}")
target_compile_definitions(${COMPONENT_TARGET} PRIVATE DETECTED_PROJECT_NAME="${CMAKE_PROJECT_NAME}")
if( "${CMAKE_PROJECT_NAME}" STREQUAL "esp_http_client_example" )
target_compile_definitions(${COMPONENT_TARGET} PRIVATE APP_ESP_HTTP_CLIENT_EXAMPLE="y")
endif()
endif() # CMAKE_BUILD_EARLY_EXPANSION
@ -669,71 +1154,97 @@ endif()
# end multiple component check
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
#
# Save the THIS_VAR as a string in a macro called VAR_OUPUT
#
# VAR_OUPUT: the name of the macro to define
# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
#
function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
# is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
# if we had a successful operation, save the THIS_VAR in VAR_OUPUT
if(${IS_VALID_VALUE})
# strip newline chars in THIS_VAR parameter and save in VAR_VALUE
string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
# we'll could percolate the value to the parent for possible later use
# set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
# but we're only using it here in this function
set(${VAR_OUPUT} ${VAR_VALUE})
# we'll print what we found to the console
message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
# the interesting part is defining the VAR_OUPUT name a value to use in the app
add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
else()
# if we get here, check the execute_process command and parameters.
message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
set(${VAR_OUPUT} "Unknown")
endif()
endfunction() # LIBWOLFSSL_SAVE_INFO
execute_process(
COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
OUTPUT_VARIABLE IS_GIT_REPO
OUTPUT_STRIP_TRAILING_WHITESPACE
ERROR_QUIET
)
# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
# see wolfcrypt\src\port\Espressif\esp32_utl.c
if(NOT CMAKE_BUILD_EARLY_EXPANSION)
if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
set (git_cmd "git")
message(STATUS "Adding macro definitions:")
# LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
# LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd}
"show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'"
OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_WOLFSSL_ROOT "${WOLFSSL_ROOT}" "${TMP_RES}")
message(STATUS "************************************************************************************************")
message(STATUS "wolfssl component config complete!")
message(STATUS "************************************************************************************************")
endif()
# Ensure flag "-DWOLFSSL_ESPIDF" is already in CMAKE_C_FLAGS if not yet found from project
string(FIND "${CMAKE_C_FLAGS}" "-DWOLFSSL_ESPIDF" FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF)
if(FLAG_ALRREADY_FOUND_WOLFSSL_ESPIDF EQUAL -1)
# Flag not found, append it
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_ESPIDF")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
endif()
if(WOLFSSL_ROOT)
message(STATUS "Using wolfSSL in ${WOLFSSL_ROOT}")
# PlatformIO does not process script from from the Espressif cmake process.
# We need to know where wolfSSL source code was found, so save it in the
# PIO_WOLFSSL_ROOT environment variable to later be read by extra_script.py
set(ENV{PIO_WOLFSSL_ROOT} "${WOLFSSL_ROOT}")
message(STATUS "PIO_WOLFSSL_ROOT = $ENV{PIO_WOLFSSL_ROOT}")
message(STATUS "PLATFORMIO_BUILD_DIR = $ENV{PLATFORMIO_BUILD_DIR}")
# See esp-tls Kconfig; menu "ESP-TLS", ESP_TLS_LIBRARY_CHOOSE
if(CONFIG_ESP_TLS_USING_WOLFSSL)
if ( ("${CONFIG_TARGET_PLATFORM}" STREQUAL "esp8266") OR ("${IDF_TARGET}" STREQUAL "esp8266") )
message(STATUS "This version of wolfSSL is not supported on the ESP8266 esp-tls at this time. Check ESP-TLS config")
else()
message(STATUS "wolfSSL will be used for ESP-TLS")
endif()
else()
message(STATUS "WARNING: wolfSSL NOT selected for ESP-TLS. Features and performance will be limited.")
endif()
else()
message(STATUS "")
message(STATUS "Consider setting WOLFSSL_ROOT environment variable, use Kconfig setting, or set manually in this cmake file, above.")
message(STATUS "")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "ERROR: Could not find wolfSSL Source Code")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
message(STATUS "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
endif()
# A single instance of potentially multiple cmake messages to send to app:
message(STATUS "LIBWOLFSSL_CMAKE_OUTPUT: ${LIBWOLFSSL_CMAKE_OUTPUT}")
LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_CMAKE_OUTPUT "${LIBWOLFSSL_CMAKE_OUTPUT}" "0")
file(APPEND "${CMAKE_BINARY_DIR}/libwolfssl_output.h"
"\n"
"#endif\n" )
message(STATUS "************************************************************************************************")
message(STATUS "wolfSSL component config complete!")
message(STATUS "************************************************************************************************")

552
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssl/Kconfig 100644
View File

@ -0,0 +1,552 @@
# Kconfig template
#
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
# wolfSSH is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# wolfSSH is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
# Kconfig File Version 5.7.2.001 for esp-idf integration
# Kconfig Format Rules
#
# See:
# https://docs.espressif.com/projects/esp-idf/en/stable/esp32/api-reference/kconfig.html
#
# Format rules for Kconfig files are as follows:
#
# Option names in any menus should have consistent prefixes. The prefix
# currently should have at least 3 characters.
#
# The unit of indentation should be 4 spaces. All sub-items belonging to a
# parent item are indented by one level deeper. For example, menu is indented
# by 0 spaces, config menu by 4 spaces, help in config by 8 spaces, and the
# text under help by 12 spaces.
#
# No trailing spaces are allowed at the end of the lines.
#
# The maximum length of options is NOT 50 characters as documented.
# kconfcheck will complain that options should be 40 at most.
#
# Fix option lengths first. Superfluous errors on other lines may occur.
#
# The maximum length of lines is 120 characters.
#
# python -m kconfcheck <path_to_kconfig_file>
#
# ---------------------------------------------------------------------------------------------------------------------
# Begin main wolfSSL configuration menu
# ---------------------------------------------------------------------------------------------------------------------
# See ESP-IDF esp-tls component for config TLS_STACK_WOLFSSL
menu "wolfSSL"
menu "Hardening"
config ESP_WOLFSSL_WC_NO_HARDEN
bool "Disable wolfSSL hardening"
default n
help
Sets WC_NO_HARDEN
config ESP_WOLFSSL_TFM_TIMING_RESISTANT
bool "Enable TFM Timing Resistant Code"
default n
help
Sets TFM_TIMING_RESISTANT.
endmenu # Hardening
config ESP_WOLFSSL_ENABLE_BENCHMARK
bool "Enable wolfSSL Benchmark Library"
default n
help
Enables wolfcrypt/benchmark/benchmark.c code for benchmark metrics. Disables NO_CRYPT_BENCHMARK.
menu "Benchmark Debug"
config ESP_DEBUG_WOLFSSL_BENCHMARK_TIMING
bool "Enable benchmark timing debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Enable wolfssl debug for benchmark metric timing (CPU Cycles, RTOS ticks, etc).
config ESP_WOLFSSL_BENCHMARK_TIMER_DEBUG
bool "Enable benchmark timer debug"
depends on ESP_WOLFSSL_ENABLE_BENCHMARK
default n
help
Turn on timer debugging (used when CPU cycles not available)
endmenu # Benchmark Debug
# -----------------------------------------------------------------------------------------------------------------
# wolfCrypt Test
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ENABLE_TEST
bool "Enable wolfCrypt Test Library"
default n
help
Enables wolfcrypt/test/test.c code for testing. Disables NO_CRYPT_TEST.
menu "wolfCrypt tests"
config WOLFSSL_HAVE_WOLFCRYPT_TEST_OPTIONS
bool "Enable wolfCrypt Test Options"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables HAVE_WOLFCRYPT_TEST_OPTIONS
config TEST_ESPIDF_ALL_WOLFSSL
bool "Enable all features to use in tests"
depends on ESP_WOLFSSL_ENABLE_TEST
default n
help
Enables TEST_ESPIDF_ALL_WOLFSSL
endmenu # wolfCrypt tests
# -----------------------------------------------------------------------------------------------------------------
# Apple HomeKit Options
# -----------------------------------------------------------------------------------------------------------------
menu "Apple HomeKit"
config WOLFSSL_APPLE_HOMEKIT
bool "Enable Apple HomeKit options"
default n
help
Enables FP_MAX_BITS (8192 * 2), SRP, ChaCha, Poly1305, Base64 encoding needed for Apple HomeKit.
endmenu # Apple HomeKit
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_DISABLE_MY_ECC
bool "Disable ECC in my project"
default "n"
help
ECC is enabled by default. Select this option to disable.
config ESP_WOLFSSL_ENABLE_MY_USE_RSA
bool "Enable RSA in my project"
default "n"
help
RSA is disabled by default. Select this option to enable.
config ESP_WOLFSSL_BENCHMARK
bool "Enable wolfSSL Benchmark"
default n
help
Enables user settings relevant to benchmark code
config ESP_TLS_USING_WOLFSSL_SPECIFIED
bool "Use the specified wolfssl for ESP-TLS"
default Y
help
Includes wolfSSL from specified directory (not using esp-wolfssl).
config ESP_WOLFSSL_NO_USE_FAST_MATH
bool "Disable FAST_MATH library and all ESP32 Hardware Acceleration"
select ESP_WOLFSSL_NO_HW
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
menu "Protocol Config"
config WOLFSSL_HAVE_ALPN
bool "Enable ALPN (Application Layer Protocol Negotiation) in wolfSSL"
default y
config WOLFSSL_ALLOW_TLS13
bool "Allow TLS 1.3"
default y
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_ALLOW_TLS12
bool "Allow TLS 1.2"
default n
help
Allow TLS to fallback to TLS1.2. Memory footprint will likely be larger for TLS1.2.
When disabled HTTPS and MQTT over TLS connections will fail if TLS1.3 not accepted.
config WOLFSSL_HAVE_TLS_EXTENSIONS
bool "Enable TLS Extensions"
default y
help
Sets HAVE_TLS_EXTENSIONS which is needed for TLS 1.3, SNI, ALPN, and more.
config WOLFSSL_ALT_CERT_CHAINS
bool "Enable Alternate Certificate Chains"
default n
help
The option relaxes the default strict wolfSSL certificate chain processing. This
will typically need to be enabled when loading only a CA file. Typically solves
the -188 ASN_NO_SIGNER_E error. Use with caution.
config WOLFSSL_HAVE_OCSP
bool "Enable OCSP (Online Certificate Status Protocol) in wolfSSL"
default n
help
Sets HAVE_OCSP
endmenu # Protocol Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config TLS_STACK_WOLFSSL
# Invisible option that locks TLS_STACK_WOLFSSL to ESP_TLS_USING_WOLFSSL
bool
default n
select FREERTOS_ENABLE_BACKWARD_COMPATIBILITY
help
Includes wolfSSL in ESP-TLS so that it can be compiled with wolfSSL as its SSL/TLS library.
Enabled when wolfSSL is selected in ESP_TLS_LIBRARY_CHOOSE.
menu "wolfSSL ESP-TLS"
depends on ESP_TLS_USING_WOLFSSL
menu "Certificate Bundle"
depends on ESP_TLS_USING_WOLFSSL
config WOLFSSL_CERTIFICATE_BUNDLE
bool "Enable trusted root certificate bundle"
default y if ESP_TLS_USING_WOLFSSL
default n
depends on ESP_TLS_USING_WOLFSSL
help
Enable support for large number of default root certificates
When enabled this option allows user to store default as well
as customer specific root certificates in compressed format rather
than storing full certificate. For the root certificates the public key and the subject name
will be stored.
config WOLFSSL_NO_ASN_STRICT
bool "Relax Certificate ASN Strict Checks"
default n
depends on ESP_TLS_USING_WOLFSSL
help
Allows sub-optimal certificate ASN checks. Unless using a bundle with known issues,
it is recommended to NOT enable this.
config WOLFSSL_ASN_ALLOW_0_SERIAL
bool "Allow cert missing an ASN Serial Number"
default y
depends on ESP_TLS_USING_WOLFSSL
help
Although not recommended, there may be certificates in the bundle that are missing
a serial number. This option allows the missing value without having to fully
disable strict ASN checking with WOLFSSL_NO_ASN_STRICT.
choice WOLFSSL_DEFAULT_CERTIFICATE_BUNDLE
bool "Default certificate bundle options"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_FULL
bool "Use the full default certificate bundle"
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_CMN
bool "Use only the most common certificates from the default bundles"
help
Use only the most common certificates from the default bundles, reducing the size with 50%,
while still having around 99% coverage.
config WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
bool "Do not use the default certificate bundle"
endchoice
config WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default n
bool "Use alternate certificate bundle"
help
Typically only used for PlatformIO which cannot generate a certificate bundle at build time.
Enable this option to specify a fixed wolfSSL certificate file path and file name.
config WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE_PATH_AND_NAME
depends on WOLFSSL_ALTERNATE_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
string "Default certificate bundle alternate path and name"
default "./certs/x509_crt_bundle_wolfssl"
help
Name of the default certificate bundle directory. Typically used only with PlatformIO.
Reminder PlatformIO cannot generate a bundle from cmake python script call. Relative
paths are with respect to root of this project.
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
default n
bool "Add custom certificates to the default bundle"
config WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE_PATH
depends on WOLFSSL_CUSTOM_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
string "Custom certificate bundle path"
help
Name of the custom certificate directory or file. This path is evaluated
relative to the project root directory.
config WOLFSSL_CERTIFICATE_BUNDLE_DEPRECATED_LIST
bool "Add deprecated root certificates"
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL && !WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
help
Include the deprecated list of root certificates in the bundle.
This list gets updated when a certificate is removed from the Mozilla's
NSS root certificate store. This config can be enabled if you would like
to ensure that none of the certificates that were deployed in the product
are affected because of the update to bundle. In turn, enabling this
config keeps expired, retracted certificates in the bundle and it may
pose a security risk.
- Deprecated cert list may grow based based on sync with upstream bundle
- Deprecated certs would be be removed in ESP-IDF (next) major release
config WOLFSSL_CERTIFICATE_BUNDLE_MAX_CERTS
int "Maximum no of certificates allowed in certificate bundle"
default 200
depends on WOLFSSL_CERTIFICATE_BUNDLE && ESP_TLS_USING_WOLFSSL
endmenu
endmenu # wolfSSL ESP-TLS
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
config ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
bool "Modify default hardware acceleration settings"
default n
help
When disabling all hardware acceleration for smaller memory footprint,
disabling TFM fast math provides faster wolfSSL software algorithms in an
even smaller flash memory footprint.
Typically used for debugging, analysis, or optimizations. The default
hardware acceleration features can be each manually adjusted.
menu "wolfSSL Hardware Acceleration"
config ESP_WOLFSSL_NO_ESP32_CRYPT
bool "Disable all ESP32 Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_AES
select ESP_WOLFSSL_NO_HW_HASH
select ESP_WOLFSSL_NO_HW_RSA_PRI
select ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_ESP32_CRYPT.
Consider disabling FASTMATH (other libraries are faster in software and smaller)
config ESP_WOLFSSL_NO_HW_AES
bool "Disable all ESP32 AES Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.When selected defines: NO_HW_AES
config ESP_WOLFSSL_NO_HW_HASH
bool "Disable all ESP32 SHA Hash Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_HASH
config ESP_WOLFSSL_NO_HW_RSA_PRI
bool "Disable all ESP32 RSA Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
select ESP_WOLFSSL_NO_HW_PRI_MP_MUL
select ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
select ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI
config ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
bool "Disable all ESP32 Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MP_MUL
config ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
bool "Disable all ESP32 Modular Multiplication Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default. When selected defines: NO_HW_RSA_PRI_MULMOD
config ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
bool "Disable all ESP32 RSA Exponential Math Hardware Acceleration"
depends on ESP_WOLFSSL_ALT_HARDWARE_ACCELERATION
default n
help
Hardware acceleration enabled by default.
Select this option to force disable: NO_HW_RSA_PRI_EXPTMOD
config ESP_WOLFSSL_DEBUG_ESP_HW_MULTI_RSAMAX_BITS
bool "Enable debugging of RSA Multiplication operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
multiplication operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
config ESP_WOLFSSL_DEBUG_ESP_HW_MOD_RSAMAX_BITS
bool "Enable debugging of RSA Modular operand length"
default n
help
Prints an esp log warning to the default console UART when one of the
modular math operands exceeds the maximum size supported by hardware,
requiring fallback to software. This can be helpful to pick key sizes
when performance is critical. See also metrics for counting instances.
endmenu # wolfSSL Hardware Acceleration
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Post Quantum Kyber KEM PQ"
config ESP_WOLFSSL_ENABLE_MLKEM
bool "Enable ML-KEM (Kyber Post Quantum)"
default n
help
bool "Enable wolfSSL ML-KEM"
config WOLFSSL_ENABLE_KYBER
bool "Enable Kyber (Round 3)"
default n
help
Enable old compatibility with Kyber Round 3 (enables experimental settings)
endmenu # wolfSSL Post Quantum Kyber KEM PQ
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Debug Options"
config ESP_WOLFSSL_DEBUG_WOLFSSL
bool "Enable wolfSSL Debugging"
default n
help
Enable debugging messages for wolfSSL. See user_settings.h for additional debug options.
config ESP_WOLFSSL_NO_STACK_SIZE_BUILD_WARNING
bool "Suppress build-time warnings for main stack size"
default n
help
Useful only when wolfSSL is running in main task. See FreeRTOS stack size for custom tasks.
config ESP_WOLFSSL_TEST_LOOP
bool "Run test apps in a loop until failure"
default y
help
Enable a loop wrapper for benchmark, http_client, and wolfssl test apps.
config ESP_WOLFSSL_EXPERIMENTAL_SETTINGS
bool "Enable wolfSSL Experimental Settings"
default n
help
Enables experimental settings for wolfSSL. See documentation.
endmenu # wolfSSL Debug Options
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "wolfSSL Customization"
config CUSTOM_SETTING_WOLFSSL_ROOT
string "Enter a path for wolfSSL source code"
default "~/workspace/wolfssl"
help
This option lets you specify a directory for the wolfSSL source code (typically a git clone).
Enter the path using forward slashes (e.g., C:/myfolder/mysubfolder) or double backslashes
(e.g., C:\\myfolder\\mysubfolder).
endmenu # wolfSSL Customization
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Component Config"
config IGNORE_ESP_IDF_WOLFSSL_COMPONENT
bool "Ignore the ESP-IDF component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the esp-idf/components directory. Requires wolfssl as a local component.
config IGNORE_LOCAL_WOLFSSL_COMPONENT
bool "Ignore the local component of wolfSSL (if present)"
default n
help
Ignores wolfSSL present in the local project components directory.
Requires wolfssl as a ESP-IDF component.
endmenu # Component Config
# -----------------------------------------------------------------------------------------------------------------
# -----------------------------------------------------------------------------------------------------------------
menu "Utility Config"
config USE_WOLFSSL_ESP_SDK_TIME
bool "Enable wolfSSL time helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
config USE_WOLFSSL_ESP_SDK_WIFI
bool "Enable wolfSSL WiFi helper functions"
default n
help
Enables use of various time and date setting functions found in the esp-sdk-lib.h file.
endmenu # Utility Config
endmenu # wolfSSL
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfSSH"
config ESP_ENABLE_WOLFSSH
bool "Enable wolfSSH options"
default n
help
Enables WOLFSSH_TERM, WOLFSSL_KEY_GEN, WOLFSSL_PTHREADS, WOLFSSH_TEST_SERVER, WOLFSSH_TEST_THREADING
config ESP_WOLFSSL_DEBUG_WOLFSSH
bool "Enable wolfSSH debugging"
default n
help
Enable wolfSSH debugging macro. See user_settings.h
endmenu # wolfSSH
# ---------------------------------------------------------------------------------------------------------------------
# ---------------------------------------------------------------------------------------------------------------------
menu "wolfMQTT"
config ESP_ENABLE_WOLFMQTT
bool "Enable wolfMQTT options"
default n
help
Enables WOLFMQTT
config ESP_WOLFSSL_DEBUG_WOLFMQTT
bool "Enable wolfMQTT debugging"
default n
help
Enable wolfMQTT debugging macro. See user_settings.h
endmenu # wolfMQTT
# ---------------------------------------------------------------------------------------------------------------------

171
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssl/README.md
View File

@ -1,9 +1,162 @@
# Component wolfSSL
This `wolfssl` directory exists only for the stand-alone examples.
The only files of interest are the [CMakeLists.txt](./CMakeLists.txt) that should point
to the wolfSSL source code and the respective [include/user_settings.h](./include/user_settings.h).
This directory is _not_ included in the publish to the Espressif Registry, as that
mechanism copies the published source code to the local component directory as needed.
# wolfSSL Espressif Component
This is the directory for wolfSSL as an Espressif ESP-IDF component.
Other options are available, such as installing wolfSSL as a local _project_ component using the [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/).
Enabling this wolfSSL ESP-IDF component allows other ESP-IDF libraries such as those that depend on [ESP-TLS](https://github.com/espressif/esp-idf/tree/master/components/esp-tls)
to also use the wolfSSL library. (See [github.com/wolfSSL/wolfssl](https://github.com/wolfSSL/wolfssl))
The wolfSSL source code is not included here. Instead, the `idf.py menuconfig` option can be used to configure the
`sdkconfig` file setting: `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` to point to the desired wolfSSL code.
## Directory Contents
This directory must contain, at a minimum:
- `CMakeLists.txt`
- `./include/user_settings.h`
The directory should also contain:
- `Kconfig`
- `component.mk`
The directory may contain wolfSSL source, for example with a [Managed Component](https://www.wolfssl.com/wolfssl-now-available-in-espressif-component-registry/),
or if the `setup.sh` script was used from [wolfSSL/IDE/Espressif/ESP-IDF](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF).
Under normal circumstances when the wolfSSL source is not included here, the `CMakeLists.txt` will search for it in this order:
- A hard-coded `WOLFSSL_ROOT` cmake variable.
- `WOLFSSL_ROOT` Environment Variable
- The `CONFIG_CUSTOM_SETTING_WOLFSSL_ROOT` value in the `sdkconfig` file, from the `Kconfig` option.
- Any parent directories, up to the root (if this directory is in the ESP-IDF components)
- Any parent directories, up to the root (if this directory is a project component)
While recursing up the directory tree, the following names of wolfSSL directories will be considered:
- `wolfssl-[current user name]`
- `wolfssl-master`
- `wolfssl`
## Getting Started
See the `Espressif Getting Started Guide`.
```
# Set environment variable to ESP-IDF location
# For example, VisualGDB in WSL
WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.2
WRK_IDF_PATH=/mnt/c/SysGCC/esp32-master/esp-idf/v5.3-master
# Or wherever the ESP-IDF is installed:
WRK_IDF_PATH=~/esp/esp-idf
echo "Run export.sh from ${WRK_IDF_PATH}"
. ${WRK_IDF_PATH}/export.sh
cd [your project]
idf.py menuconfig
```
Enable wolfSSL to be used in the ESP-TLS:
```
Component config --->
ESP-TLS --->
Choose SSL/TLS library for ESP-TLS (See help for more Info)
(X) wolfSSL (License info in wolfSSL directory README)
```
Adjust wolfSSL settings, such as path to source code as needed:
```
Component config --->
wolfSSL --->
[*] Include wolfSSL in ESP-TLS
[*] Use the specified wolfssl for ESP-TLS
(~/workspace/wolfssl) Enter a path for wolfSSL source code
```
## Configuration
All settings for wolfSSL are adjusted in the [include/user_settings.h](./include/user_settings.h) file.
The `user_settings.h` file should not be included directly. Instead, `#include <wolfssl/wolfcrypt/settings.h>`
before any other wolfSSL headers, like this:
```c
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
/* wolfSSL */
/* Always include wolfcrypt/settings.h before any other wolfSSL file. */
/* Reminder: settings.h pulls in user_settings.h; don't include it here. */
#if defined(WOLFSSL_USER_SETTINGS)
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_ESPIDF)
#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/test/test.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp-sdk-lib.h>
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#else
#error "Problem with wolfSSL user_settings. " \
"Check components/wolfssl/include " \
"and confirm WOLFSSL_USER_SETTINGS is defined, " \
"typically in the component CMakeLists.txt"
#endif
#else
/* Define WOLFSSL_USER_SETTINGS project wide for settings.h to include */
/* wolfSSL user settings in ./components/wolfssl/include/user_settings.h */
#error "Missing WOLFSSL_USER_SETTINGS in CMakeLists or Makefile:\
CFLAGS +=-DWOLFSSL_USER_SETTINGS"
#endif
```
## Examples
See the wolfSSL examples:
- [wolfSSL Core Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
- [wolfSSL Additional Examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
- [wolfSSH Core Examples](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif/ESP-IDF/examples)
- [wolfSSH Additional Examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
- [wolfMQTT Examples](https://github.com/wolfSSL/wolfMQTT/tree/master/IDE/Espressif/ESP-IDF/examples)
## Platforms
The ESP-IDF wolfSSL is also available for PlatformIO:
- [Release wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl)
- [Staging / Preview wolfSSL](https://registry.platformio.org/search?q=owner%3Awolfssl-staging)
The wolfSSL library can also be used for Espressif with Arduino:
- [arduino.cc/reference/en/libraries/wolfssl](https://www.arduino.cc/reference/en/libraries/wolfssl/)
- [github.com/wolfSSL/Arduino-wolfSSL](https://github.com/wolfSSL/Arduino-wolfSSL)
## Additional Information
- [wolfSSL Documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html) and [docs/espressif](https://www.wolfssl.com/docs/espressif/)
- [wolfSSL FAQ](https://www.wolfssl.com/docs/frequently-asked-questions-faq/)
- [wolfSSL Products](https://www.wolfssl.com/products/)
- [www.wolfssl.com/espressif](https://www.wolfssl.com/espressif/)
- [More...](https://www.wolfssl.com/?s=espressif)
## Contact
Have a specific request or questions? We'd love to hear from you! Please contact us at support@wolfssl.com or open an issue on GitHub.
## Licensing and Support
wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use under the GPLv2 (or at your option any later version) or a standard commercial license. For our users who cannot use wolfSSL under GPLv2 (or any later version), a commercial license to wolfSSL and wolfCrypt is available.
See the LICENSE.txt, visit wolfssl.com/license, contact us at licensing@wolfssl.com or call +1 425 245 8247
View Commercial Support Options: [wolfssl.com/products/support-and-maintenance](wolfssl.com/products/support-and-maintenance)

305
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssl/component.mk 100644
View File

@ -0,0 +1,305 @@
#
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
# wolfSSH is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# wolfSSH is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with wolfSSH. If not, see <http://www.gnu.org/licenses/>.
#
$(info *********** wolfssl component ************)
#
# Component Makefile
#
#
# The Espressif Managed Components are only for newer versions of the ESP-IDF
# Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
# https://components.espressif.com/
#
# Usage:
#
# make flash
#
# make flash ESPPORT=/dev/ttyS55
#
# make flash ESPBAUD=9600
#
# make monitor ESPPORT=COM1
#
# make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
#
# export ESPPORT=/dev/ttyS55
#
# https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
#
# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
# define it here:
CFLAGS +=-DWOLFSSL_USER_SETTINGS
# Note that 4 source files created by autogen are excluded here.
#
# See these files commented out, below. Adjust as needed for your application:
#
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o
# NOTICE: the WOLFSSL_ROOT setting MUST be relative!
# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables
# In the wolfSSL GitHub examples for Espressif:
# https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples
# When this wolfssl component.mk makefile is in [project]/components/wolfssl
# The root is 7 directories up from here (the location of of this component.mk):
#
WOLFSSL_ROOT ?= ../../../../../../..
THIS_DIR := $(shell pwd)
WOLFSSL_ROOT_OBJ := $(THIS_DIR)
# When running make from commandline or VisualGDB, the current path varies:
ifeq ("$(VISUALGDB_DIR)","")
# current path is typically /mnt/c/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/wolfssl_test/build/wolfssl
$(info VISUALGDB_DIR build not detected. shell: $(shell echo $$SHELL))
else
# current path is typically /C/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/wolfssl_test/build/Debug/wolfssl
$(info Detected VisualGDB in: $(VISUALGDB_DIR) shell: $(shell echo $$SHELL))
endif
# To set the location of a different location, it is best to use relative paths.
#
# Set WOLFSSL_ROOT to a relative path from the current component directory.
# For example, if the wolfssl_client is copied from the examples to test:
#
# cp -r /IDE/Espressif/ESP-IDF/examples/wolfssl_client/* /mnt/c/test/demo
#
# we run make in /mnt/c/test/demo
# component is in /mnt/c/test/demo/components/wolfssl
# wolfssl is in /mnt/c/workspace/wolfssl-master
#
# "/mnt/c" is 4 directories up:
# 2 for `./test/demo` from where we run `make`, plus
# 2 more from the location of `component.mk` located
# in `[current directory]/components/wolfssl`.
#
# Thus we need 4 parent reference to find the relative path to wolfSSL:
# WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
# Optional CFLAGS (make works without these; for reference only)
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt
# CFLAGS += -I$(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
abs_WOLFSSL_ROOT := $(shell realpath $(WOLFSSL_ROOT))
# print-wolfssl-path-value:
# @echo "WOLFSSL_ROOT defined: $(WOLFSSL_ROOT)"
# @echo "WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT)"
$(info WOLFSSL_ROOT defined: $(WOLFSSL_ROOT))
$(info WOLFSSL_ROOT actual: $(abs_WOLFSSL_ROOT))
$(info THIS_DIR defined: $(THIS_DIR))
$(info WOLFSSL_ROOT_OBJ defined: $(WOLFSSL_ROOT_OBJ))
# NOTE: The wolfSSL include directory (e.g. user_settings.h) is
# located HERE in THIS project, and *not* in the wolfSSL root.
COMPONENT_ADD_INCLUDEDIRS := .
COMPONENT_ADD_INCLUDEDIRS += include
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
# COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
# COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
# wolfSSL
COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src
# wolfcrypt
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
# Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif
COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel
COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/aes_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/evp.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/misc.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/sha512_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/fe_x25519_asm.o
COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT_OBJ)/wolfcrypt/src/aes_gcm_x86_asm.o
##
## wolfSSL
##
## reminder object files may end up in `./build` or `build/debug` or `build/release`, depending on build environment & settings.
##
# COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o # part of ssl.c, omitted to avoid "does not need to be compiled separately"
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/conf.o # part of ssl.c
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/pk.o # part of ssl.c
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o
# COMPONENT_OBJS += src/ssl_asn1.o
# COMPONENT_OBJS += src/ssl_bn.o
# COMPONENT_OBJS += src/ssl_certman.o
# COMPONENT_OBJS += src/ssl_crypto.o
# COMPONENT_OBJS += src/ssl_misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/x509.o # part of ssl.c
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/x509_str.o # part of ssl.c
##
## wolfcrypt
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_mlkem_poly.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o # autogen exclusion
# COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o # autogen exclusion
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o
##
## Espressif
##
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_mem_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_time_lib.o
COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.o
##
## wolfcrypt benchmark (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
##
## wolfcrypt test (optional)
##
## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o
## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test/include
$(info ********** end wolfssl component **********)

834
ide/Espressif/ESP-IDF/examples/wolfssh_template/components/wolfssl/include/user_settings.h
View File

File diff suppressed because it is too large Load Diff

18
ide/Espressif/ESP-IDF/examples/wolfssh_template/main/CMakeLists.txt
View File

@ -1,6 +1,6 @@
# [wolfSSL Project]/main/CMakeLists.txt
#
# Copyright (C) 2014-2024 wolfSSL Inc.
# Copyright (C) 2014-2025 wolfSSL Inc.
#
# This file is part of wolfSSH.
#
@ -28,28 +28,26 @@ message(STATUS "main cmake found WOLFSSL_COMPONENT_NAME = ${WOLFSSL_COMPONENT_NA
if(WIN32)
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
message("Detected Windows")
message(STATUS "Detected Windows")
endif()
if(CMAKE_HOST_UNIX)
message("Detected UNIX")
endif()
if(APPLE)
message("Detected APPLE")
message(STATUS "Detected UNIX")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
message("Detected WSL")
message(STATUS "Detected WSL")
endif()
if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
# Windows-specific configuration here
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
message("Detected Linux")
message(STATUS "Detected Linux")
endif()
if(APPLE)
# Windows-specific configuration here
# Apple-specific configuration here
message(STATUS "Detected APPLE")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
message("Detected Apple")
message(STATUS "Detected Apple")
endif()
set (git_cmd "git")

2
ide/Espressif/ESP-IDF/examples/wolfssh_template/main/include/main.h
View File

@ -1,6 +1,6 @@
/* template main.h
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*

4
ide/Espressif/ESP-IDF/examples/wolfssh_template/main/main.c
View File

@ -1,6 +1,6 @@
/* main.c
*
* Copyright (C) 2014-2024 wolfSSL Inc.
* Copyright (C) 2014-2025 wolfSSL Inc.
*
* This file is part of wolfSSH.
*
@ -38,7 +38,7 @@ void app_main(void)
wolfSSH_Debugging_ON();
#else
ESP_LOGI(TAG, "DEBUG_WOLFSSH is not defined, "
"so nothing will happen for teh next statement");
"so nothing will happen for the next statement");
#endif
#ifdef HAVE_VERSION_EXTENDED_INFO