Merge pull request #7043 from gojimmypi/PR-Espressif-README

Espressif README files

Author: JacobBarthelmeh

IDE/Espressif/ESP-IDF/README.md

@@ -1,21 +1,81 @@
-# ESP-IDF port
+# ESP-IDF Port
 
-NOTICE: These Espressif examples have been created and tested with the latest stable release branch of 
-[ESP-IDF V4](https://docs.espressif.com/projects/esp-idf/en/v4.4.1/esp32/get-started/index.html)
-and have not yet been upgraded to the master branch V5. 
-See the latest [migration guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
+These Espressif examples have been created and tested with the latest stable release branch of 
+[ESP-IDF V5.1](https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/get-started/index.html).
+The prior version 4.4 ESP-IDF is still supported, however version 5.1 or greater is recommended.
+Espressif has [a list of all ESP-IDF versions](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html).
 
-## Overview
+See the latest [Espressif Migration Guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
 
- ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+## Examples
 
-Including the following examples:
+Included are the following [examples](./examples/README.md):
 
-* Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/)
-* Cryptographic [test](./examples/wolfssl_test/)
-* Cryptographic [benchmark](./examples/wolfssl_benchmark/)
+* Bare-bones [Template](./examples/template/README.md)
+* Simple [TLS Client](./examples/wolfssl_client/README.md) / [TLS Server](./examples/wolfssl_server/README.md)
+* Cryptographic [Test](./examples/wolfssl_test/README.md)
+* Cryptographic [Benchmark](./examples/wolfssl_benchmark/README.md)
 
- The *user_settings.h* file enables some of the hardened settings.
+## Important Usage Details
+
+The wolfSSL code specific to the Espressif ESP-IDF development framework
+is gated in code with the `WOLFSSL_ESPIDF` definition. This is enabled
+automatically when the `WOLFSSL_USER_SETTINGS` is defined. The recommended
+method is to have this line in the main `CMakeLists.txt` file as shown in the
+[example](./examples/template/main/CMakeLists.txt):
+
+```cmake
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+```
+
+When defining `WOLFSSL_USER_SETTINGS`, this tells the `settings.h` file to
+looks for the wolfSSL `user_settings.h` in the project as described below.
+
+### File: `sdkconfig.h`
+
+The Espressif `sdkconfig.h`, generated automatically from your `sdkconfig`
+file at [build](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html)
+time, should be included before any other files.
+
+### File: `user_settings.h`
+
+The `user_settings.h` file enables some of the hardened security settings. There are also some
+default configuration items in the wolfssl `settings.h`. With the latest version of
+wolfSSL, some of these defaults can be disabled with `NO_ESPIDF_DEFAULT` and customized
+in your project `user_settings.h` as desired.
+
+See the respective project directory:
+
+  `[project-dir]/components/wolfssl/user_settings.h`
+
+A typical project will _not_ directly reference the `user_settings.h` file.
+Here's an example to be included at the top of a given source file:
+
+```c
+/* ESP-IDF */
+#include <esp_log.h>
+#include "sdkconfig.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
+/* Do not explicitly include wolfSSL user_settings.h */
+#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+```
+
+Prior versions of the wolfSSL Espressif library expected the `user_settings.h` to be in the root wolfssl folder in a directory
+called `/include`. This method, while possible, is no longer recommended.
+
+Be sure to *not* have a `user_settings.h` in _both_ the local project and the wolfssl `include` directories.
+
+### File: `wolfssl/wolfcrypt/settings.h`
+
+The wolfSSL  built-in `settings.h` references your project `user_settings.h`. The
+`settings.h` should _not_ be edited directly. Any wolfSSL settings should be adjusted in your local project
+`user_settings.h` file.
+
+The `settings.h` has some SoC-target-specific settings, so be sure to `#include "sdkconfig.h"` at the beginning
+of your source code, particularly before the `#include <wolfssl/wolfcrypt/settings.h>` line.
 
 ## Requirements
 
@@ -56,19 +116,29 @@ See the specific examples for additional details.
 
 ## Setup for Linux (wolfSSL local copy)
 
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
  1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree  
  2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
  3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
 ## Setup for Windows
 
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
  1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
  2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`
  3. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
  4. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
 ## Setup for VisualGDB
 
+See the local project `./VisualGDB` for sample project files. For single-step JTAG debugging on boards that do not
+have a built-in JTAG port, the wolfSSL examples use the open source [Tigard board](https://github.com/tigard-tools/tigard#readme).
+
+See also the [gojimmypi blog](https://gojimmypi.github.io/Tigard-JTAG-SingleStep-Debugging-ESP32/) on using the Tigard
+to JTAG debug the ESP32.
+
 ### Clone a specific version:
 
 ```
@@ -77,25 +147,29 @@ C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espre
 
 ## Configuration
 
+ 1. The `user_settings.h` can be found in `[project]/components/wolfssl/include/user_settings.h`. 
+
+## Configuration (Legacy IDF install)
+
  1. The `user_settings.h` can be found in _/path/to/esp_`/esp-idf/components/wolfssl/include/user_settings.h`
 
 ## Build examples
 
- 1. See README in each example folder
+ 1. See README in each example folder.
 
 ## Support
 
  For question please email [support@wolfssl.com]
 
  Note: This is tested with :  
    - OS: Ubuntu 20.04.3 LTS
-   - Microsoft Windows 10 Pro 10.0.19041 
-   - WSL Ubuntu
+   - Microsoft Windows 10 Pro 10.0.19041 / Windows 11 Pro 22H2 22621.2715
+   - Visual Studio 2022 17.7.6 with VisualGDB 5.6R9 (build 4777)
+   - WSL 1 Ubuntu 22.04.3 LTS
+   - ESP-IDF: ESP-IDF v5.1
+   - SoC Module : all those supported in ESP-IDF v5.1
 
-   - ESP-IDF: ESP-IDF v4.3.2
-   - Module : ESP32-WROOM-32
-
-## JTAG Debugging
+## JTAG Debugging Notes
 
 All of the examples are configured to use either the on-board JTAG (when available) or
 the open source [Tigard multi-protocol tool for hardware hacking](https://github.com/tigard-tools/tigard).
@@ -105,3 +179,28 @@ VisualGDB users should find the configuration file in the `interface\ftdi` direc
 ```
 C:\Users\%USERNAME%\AppData\Local\VisualGDB\EmbeddedDebugPackages\com.sysprogs.esp32.core\share\openocd\scripts\interface\ftdi
 ```
+
+For reference, the `tigard.cfg` looks like this:
+
+```
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# Tigard: An FTDI FT2232H-based multi-protocol tool for hardware hacking.
+# https://github.com/tigard-tools/tigard
+
+adapter driver ftdi
+
+ftdi device_desc "Tigard V1.1"
+ftdi vid_pid 0x0403 0x6010
+
+ftdi channel 1
+
+ftdi layout_init 0x0038 0x003b
+ftdi layout_signal nTRST -data 0x0010
+ftdi layout_signal nSRST -data 0x0020
+
+# This board doesn't support open-drain reset modes since its output buffer is
+# always enabled.
+reset_config srst_push_pull trst_push_pull
+
+```

IDE/Espressif/ESP-IDF/examples/README.md

@@ -0,0 +1,120 @@
+# wolfSSL Examples for Espressif
+
+## Core Examples
+
+These are the core examples for wolfSSL:
+
+- [Template](./template/README.md)
+
+- [Benchmark](./wolfssl_benchmark/README.md)
+
+- [Test](./wolfssl_test/README.md)
+
+- [TLS Client](./wolfssl_client/README.md)
+
+- [TLS Server](./wolfssl_server/README.md)
+
+## Other Espressif wolfSSL Examples
+
+See these other repositories for additional examples:
+
+- [wolfssl-examples/ESP32](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+
+- [wolfssh/Espressif](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif)
+
+- [wolfssh-examples/Espressif](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+## Interaction with wolfSSL CLI
+
+See the [server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
+and [client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client)
+examples.
+
+Here are some examples using wolfSSL from Linux to communicate with an
+ESP32 TLS client or server:
+
+TLS1.3 Linux Server
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.3 Linux Client to Linux Server: `TLS_AES_128_GCM_SHA256` (default)
+```
+./examples/client/client -v 4 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Server 
+```
+./examples/server/server -v 3 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.2 Linux Client to Linux Server: `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` (default)
+```
+./examples/client/client -v 3 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Client to ESP32 Server: `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 3 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.3 Linux Client to ESP32 Server: `TLS_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 4 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+
+There's an additional example that uses wolfSSL installed as a component to the shared ESP-IDF:
+
+- [Test IDF](./wolfssl_test_idf/README.md)
+
+## Installing wolfSSL for Espressif projects
+
+[Core examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) 
+have a local `components/wolfssl` directory with a special CMakeFile.txt that does not require 
+wolfSSL to be installed.
+
+If you want to install wolfSSL, see the setup for [wolfSSL](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF#setup-for-linux) 
+and [wolfSSH](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif#setup-for-linux).
+
+The [Espressif Managed Component for wolfSSL](https://components.espressif.com/components/wolfssl/wolfssl)
+also installs source code locally, instead of pointing to a source repository.
+
+## VisualGDB
+
+Users of [VisualGDB](https://visualgdb.com/) can find Espressif project files in each respective
+example `.\VisualGDB` directory. For convenience, there are separate project for various
+target SoC and ESP-IDF version.
+
+For devices without a built-in JTAG, the projects are configured with the open source [Tigard](https://www.crowdsupply.com/securinghw/tigard)
+and using port `COM20`.
+
+For devices _with_ a built-in JTAG, the projects are using `COM9`.
+
+Edit the COM port for your project:
+
+- ESP-IDF Project; Bootloader COM Port.
+- Raw Terminal; COM Port
+
+
+## Troubleshooting
+
+If unusual errors occur, exit Visual Studio and manually delete these directories to start over:
+
+- `.\build`
+- `.\VisualGDB\.visualgdb`
+- `.\VisualGDB\.vs`
+
+It may be helpful to also delete the `sdkconfig` file. (Save a backup if you've made changes to defaults)
+
+## Other Topics
+
+- esp32.com: [RSA peripheral 50% slower on ESP32-S3/C3 than S2](https://www.esp32.com/viewtopic.php?t=23830)
+
+- esp32.com: [GPIO6,GPIO7,GPIO8,and GPIO9 changed for ESP32-WROOM-32E](https://esp32.com/viewtopic.php?t=29058)
+
+See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf).
+
+
+

IDE/Espressif/ESP-IDF/examples/template/README.md

@@ -1,6 +1,9 @@
 # wolfSSL Template Project
 
-This is an example minimally viable wolfSSL template to get started with your own project.
+This is an example of a minimally viable wolfSSL template to get started with your own project.
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
 
 ### Prerequisites
 
@@ -64,4 +67,6 @@ For examples, see:
 - [wolfssh-examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
 
 
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
+
 

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md

@@ -2,7 +2,7 @@
 
 This ESP32 example uses the [wolfSSL wolfcrypt Benchmark Application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/benchmark).
 
-For general information on wolfSSL examples for Espressif, see the
+For general information on [wolfSSL examples for Espressif](../README.md), see the
 [README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
 
 ## Espressif ESP Component Registry
@@ -33,7 +33,7 @@ The naming convention for project files is: `[project name]_IDF_[Version]_[chips
 
 
 -------- |------------- |------------- |
-ChipSet  | ESP-IDF v4.4 | ESP-IDF v5.0 |
+ChipSet  | ESP-IDF v4.4 | ESP-IDF v5.1 |
 -------- |------------- |------------- |
 ESP32    |      x       |              |
 ESP32-S2 |              |              |
@@ -84,11 +84,20 @@ git submodule update --init --recursive
 
 cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
 
-# Pick ESP-IDF install directory, this one for v5.0 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v5.0/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
 
-idf.py set-target ESP32C3
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32-8.4/esp-idf/v4.4.1
+WRK_IDF_PATH=~/esp/esp-idf
 
+. $WRK_IDF_PATH/export.sh
+
+# Set target SoC
+idf.py set-target esp32c3
+
+# Optionally erase
+
+# Build and flash
 idf.py build flash -p /dev/ttyS20 -b 115200 monitor
 ```
 
@@ -245,3 +254,5 @@ A 'clean` may be needed after freshly installing a new component:
 ```
 idf.py clean build  flash -p /dev/ttyS7 -b 115200 monitor
 ```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).