JacobBarthelmeh 081731be8b Merge pull request #7392 from gojimmypi/PR-Espressif-wolfcrypt-test | 6 mēneši atpakaļ | |
---|---|---|
.. | ||
VisualGDB | 7 mēneši atpakaļ | |
components | 6 mēneši atpakaļ | |
main | 7 mēneši atpakaļ | |
CMakeLists.txt | 1 gadu atpakaļ | |
Makefile | 9 mēneši atpakaļ | |
README.md | 7 mēneši atpakaļ | |
README_server_sm.md | 1 gadu atpakaļ | |
partitions_singleapp_large.csv | 1 gadu atpakaļ | |
sdkconfig.defaults | 7 mēneši atpakaļ | |
wolfssl_client_ESP8266.vgdbproj | 7 mēneši atpakaļ |
This is the wolfSSL TLS Client demo, typically used with the Espressif TLS Server or the CLI Server.
When using the CLI, see the example parameters.
For general information on wolfSSL examples for Espressif, see the README file.
Use the ESP-IDF for ESP32 or RTOS SDK for the ESP8266.
Run menuconfig
utility (idf.py menuconfig
for ESP32 or make menuconfig
for the ESP8266)
and set the various parameters for the target device, along with local WiFi settings:
CONFIG_WOLFSSL_TARGET_HOST
(The IP address of a listening server)CONFIG_WOLFSSL_TARGET_PORT
(Typically 11111
)CONFIG_EXAMPLE_WIFI_SSID
(The WiFi that you want to connect to)CONFIG_EXAMPLE_WIFI_PASSWORD
(The WiFi password)The latest examples use makefiles that do not require local file copy installation of wolfSSL.
Build and flash the software to see the example in action.
There are optional VisualGDB project files in the
VisualGDB project subdirectory, and an ESP8266 project file in the project directory,
called wolfssl_client_ESP8266.vgdbproj
.
Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is COM19
.
Weird results, odd messages, unexpected compiler errors? Manually delete the build directory and
any locally generated files (sdkconfig
, sdkconfig-debug
, etc.) and start over.
The build
directory is typically located in the root of the project directory: [project]/build
.
Difficulty flashing:
menuconfig
. The 115200 is typically reliable.idf.py menuconfig
to config the project
1-1. Example Configuration ->
Target host ip address : the host that you want to connect to.(default is 127.0.0.1)
1-2. Example Connection Configuration ->
WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid")
WIFI Password: WIFI password, and default is "mypassword"
Note: the example program uses 11111 port. If you want to use different port
, you need to modify DEFAULT_PORT definition in the code.
When you want to test the wolfSSL client
idf.py -p <PORT> flash
and then idf.py monitor
to load the firmware and see the contextYou can use /examples/server/server program for test.
e.g. Launch ./examples/server/server -v 4 -b -i -d
Reminder that we build with make
and not cmake
in VisualGDB.
Build files will be created in [project directory]\build
export IDF_PATH=~/esp/ESP8266_RTOS_SDK
Build files will be created in [project directory]\build\debug
# Set your path to RTOS SDK, shown here for default from WSL with VisualGDB
WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4
# or
WRK_IDF_PATH=~/esp/ESP8266_RTOS_SDK
# Setup the environment
. $WRK_IDF_PATH/export.sh
# install as needed / prompted
/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4/install.sh
# Fetch wolfssl from GitHub if needed:
cd /workspace
git clone https://github.com/wolfSSL/wolfssl.git
# change directory to wolfssl client example.
cd wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client
# or for example, WSL with C:\workspace as home for git clones:
# cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_client
# adjust settings as desired
idf.py menuconfig
idf.py build flash -p /dev/ttyS70 -b 115200
idf.py monitor -p /dev/ttyS70 -b 74880
(TODO coming soon) See https://github.com/wolfSSL/wolfsm
./examples/client/client -h 192.168.1.37 -p 11111 -v 3
-c <file> Certificate file, default ./certs/client-cert.pem
-k <file> Key file, default ./certs/client-key.pem
-A <file> Certificate Authority file, default ./certs/ca-cert.pem
Example client, with default certs explicitly given:
./examples/client/client -h 192.168.1.37 -p 11111 -v 3 -c ./certs/client-cert.pem -k ./certs/client-key.pem -A ./certs/ca-cert.pem
Example client, with RSA 1024 certs explicitly given:
./examples/client/client -h 192.168.1.37 -p 11111 -v 3 -c ./certs/1024/client-cert.pem -k ./certs/1024/client-key.pem -A ./certs/1024/ca-cert.pem
Command:
cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server
. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
idf.py flash -p /dev/ttyS19 -b 115200 monitor
cd /mnt/c/workspace/wolfssl-$USER
./examples/client/client -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
Output:
SSL version is TLSv1.3
SSL cipher suite is TLS_SM4_GCM_SM3
SSL curve name is SM2P256V1
I hear you fa shizzle!
./examples/client/client -h 127.0.0.1 -v 4 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
./examples/server/server -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
# Ensure build with Kyber enabled:
# ./configure --enable-kyber=all --enable-experimental && make
./examples/client/client -h 192.168.1.38 -v 4 -l TLS_AES_128_GCM_SHA256 --pqc KYBER_LEVEL5
In Windows Powershell, (elevated permissions) forward the port after starting the listening server:
netsh interface portproxy add v4tov4 listenport=11111 listenaddress=0.0.0.0 connectport=11111 connectaddress=127.0.0.1
After the server exits, remove the port proxy forward:
netsh interface portproxy delete v4tov4 listenport=11111 listenaddress=0.0.0.0
For additional information, see Accessing network applications with WSL.
See the README.md file in the upper level 'examples' directory for more information about examples.