From 1a00b70bee54c4b6e43a2a07ac3629bb94736fe7 Mon Sep 17 00:00:00 2001 From: gojimmypi Date: Tue, 8 Oct 2024 09:41:58 -0700 Subject: [PATCH] skconfig.default client & server sync to template --- .../examples/template/sdkconfig.defaults | 55 +++++++++++--- .../wolfssl_client/sdkconfig.defaults | 55 ++++++++++---- .../wolfssl_server/sdkconfig.defaults | 74 +++++++++++++++++-- 3 files changed, 157 insertions(+), 27 deletions(-) diff --git a/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults b/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults index 6d018f247e..793ad97ea6 100644 --- a/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults +++ b/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults @@ -1,27 +1,71 @@ # Set the known example app config to template example (see user_settings.h) CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE=y +# Some wolfSSL helpers +CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y + +# FreeRTOS ticks at 1ms interval +CONFIG_FREERTOS_UNICORE=y CONFIG_FREERTOS_HZ=1000 CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y # # Default main stack size # -# This is typically way bigger than needed for stack size. +# This is typically bigger than needed for stack size. # Units are words, not bytes. See user_settings.h # +# For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app. +# When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others CONFIG_ESP_MAIN_TASK_STACK_SIZE=3584 # Legacy stack size for older ESP-IDF versions CONFIG_MAIN_TASK_STACK_SIZE=3584 +# +# Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled +CONFIG_NEWLIB_NANO_FORMAT=n +# +# Watchdog Timers +# +# We don't want to have the watchdog timeout during tests & benchmarks +# +CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n +CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n +# Panic & Watchdog +CONFIG_ESP_INT_WDT_TIMEOUT_MS=10000 +CONFIG_ESP_TASK_WDT_EN=n CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y +CONFIG_ESP_INT_WDT=n + +# ESP8266 Watchdog: +CONFIG_TASK_WDT=n +CONFIG_TASK_WDT_PANIC=n + +# ESP8266 WDT +# CONFIG_ESP_PANIC_PRINT_REBOOT is not set +CONFIG_ESP_PANIC_PRINT_REBOOT=n +CONFIG_ESP_PANIC_PRINT_HALT=y + +# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set +CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n + +# ESP8266 Memory +CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y +CONFIG_HEAP_DISABLE_IRAM=y + +# Performance +# CONFIG_COMPILER_OPTIMIZATION_PERF=y + +# Set max CPU frequency (falls back as needed for lower maximum) +CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y # Enable wolfSSL TLS in esp-tls CONFIG_ESP_TLS_USING_WOLFSSL=y CONFIG_TLS_STACK_WOLFSSL=y # Bundles take up flash space and are disabled unless otherwise known to be needed -CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y +CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n +# CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y # CONFIG_ESP_WOLFSSL_SMALL_CERT_VERIFY=y # CONFIG_ESP_TLS_INSECURE=y @@ -29,8 +73,6 @@ CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y CONFIG_ESP_TLS_USING_MBEDTLS=n CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n -# Some wolfSSL helpers -CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y # Ensure mbedTLS options are disabled # CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n @@ -95,8 +137,3 @@ CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv" CONFIG_PARTITION_TABLE_OFFSET=0x8000 CONFIG_PARTITION_TABLE_MD5=y # end of Partition Table - -# There may not be a TLS 1.3 listening server, so disable wolfSSL TLS 1.3 -# and enable TLS 1.2 be default. -CONFIG_WOLFSSL_ALLOW_TLS13=n -CONFIG_WOLFSSL_ALLOW_TLS12=y diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults index e297a0df54..2705b86b44 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults @@ -1,15 +1,13 @@ -# sdkconfig.defaults for ESP8266 + ESP32 -# Note that during the build process, settings from sdkconfig.defaults will not override those already in sdkconfig. -# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#custom-sdkconfig-defaults -CONFIG_BENCH_ARGV="-lng 0" -CONFIG_FREERTOS_HZ=1000 -CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y - # Set the known example app config to TLS Client (see user_settings.h) CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT=y -# Certificate Bubdles are typically only used by the ESP-IDF esp-tls layer. Not used here. -CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n +# Some wolfSSL helpers +CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y + +# FreeRTOS ticks at 1ms interval +CONFIG_FREERTOS_UNICORE=y +CONFIG_FREERTOS_HZ=1000 +CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y # # Default main stack size @@ -59,12 +57,43 @@ CONFIG_HEAP_DISABLE_IRAM=y # Performance # CONFIG_COMPILER_OPTIMIZATION_PERF=y -# Set max COU frequency (falls back as needed for lower maximum) +# Set max CPU frequency (falls back as needed for lower maximum) CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y -# FreeRTOS ticks at 1ms interval -CONFIG_FREERTOS_UNICORE=y -CONFIG_FREERTOS_HZ=1000 +# Enable wolfSSL TLS in esp-tls +CONFIG_ESP_TLS_USING_WOLFSSL=y +CONFIG_TLS_STACK_WOLFSSL=y + +# Bundles take up flash space and are disabled unless otherwise known to be needed +CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n +# CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y +# CONFIG_ESP_WOLFSSL_SMALL_CERT_VERIFY=y +# CONFIG_ESP_TLS_INSECURE=y + +# Disable mbedTLS +CONFIG_ESP_TLS_USING_MBEDTLS=n +CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n + + +# Ensure mbedTLS options are disabled +# CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n +# CONFIG_MBEDTLS_TLS_CLIENT_ONLY=n +# CONFIG_MBEDTLS_TLS_SERVER=n +# CONFIG_MBEDTLS_TLS_CLIENT=n +# CONFIG_MBEDTLS_HARDWARE_AES=n +# CONFIG_MBEDTLS_HARDWARE_MPI=n +# CONFIG_MBEDTLS_HARDWARE_SHA=n +# CONFIG_MBEDTLS_ROM_MD5=n +# CONFIG_MBEDTLS_SSL_RENEGOTIATION=n +# CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=n +# CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1=n +# CONFIG_MBEDTLS_SSL_ALPN=n +# CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=n +# CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n + +# The same-name config is used for both WiFi and client/server TLS, so we cannot disable: +# CONFIG_MBEDTLS_TLS_ENABLED=n +# CONFIG_MBEDTLS_TLS_DISABLED=y # # Compiler options diff --git a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults index 7a0f36f13c..84a970fbf3 100644 --- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults +++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults @@ -1,26 +1,71 @@ +# Set the known example app config to TLS Server (see user_settings.h) +CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER=y + +# Some wolfSSL helpers +CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y + +# FreeRTOS ticks at 1ms interval +CONFIG_FREERTOS_UNICORE=y CONFIG_FREERTOS_HZ=1000 CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y -# Set the known example app config to TLS Client (see user_settings.h) -CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER=y # # Default main stack size # # This is typically bigger than needed for stack size. # Units are words, not bytes. See user_settings.h # +# For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app. +# When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500 # Legacy stack size for older ESP-IDF versions CONFIG_MAIN_TASK_STACK_SIZE=10500 +# +# Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled +CONFIG_NEWLIB_NANO_FORMAT=n +# +# Watchdog Timers +# +# We don't want to have the watchdog timeout during tests & benchmarks +# +CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n +CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n +# Panic & Watchdog +CONFIG_ESP_INT_WDT_TIMEOUT_MS=10000 +CONFIG_ESP_TASK_WDT_EN=n CONFIG_ESP_SYSTEM_PANIC_PRINT_HALT=y +CONFIG_ESP_INT_WDT=n + +# ESP8266 Watchdog: +CONFIG_TASK_WDT=n +CONFIG_TASK_WDT_PANIC=n + +# ESP8266 WDT +# CONFIG_ESP_PANIC_PRINT_REBOOT is not set +CONFIG_ESP_PANIC_PRINT_REBOOT=n +CONFIG_ESP_PANIC_PRINT_HALT=y + +# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set +CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n + +# ESP8266 Memory +CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y +CONFIG_HEAP_DISABLE_IRAM=y + +# Performance +# CONFIG_COMPILER_OPTIMIZATION_PERF=y + +# Set max CPU frequency (falls back as needed for lower maximum) +CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y # Enable wolfSSL TLS in esp-tls CONFIG_ESP_TLS_USING_WOLFSSL=y CONFIG_TLS_STACK_WOLFSSL=y # Bundles take up flash space and are disabled unless otherwise known to be needed -CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y +CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n +# CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y # CONFIG_ESP_WOLFSSL_SMALL_CERT_VERIFY=y # CONFIG_ESP_TLS_INSECURE=y @@ -28,8 +73,6 @@ CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=y CONFIG_ESP_TLS_USING_MBEDTLS=n CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n -# Some wolfSSL helpers -CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y # Ensure mbedTLS options are disabled # CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n @@ -55,11 +98,32 @@ CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y # Compiler options # CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y +# CONFIG_COMPILER_OPTIMIZATION_SIZE is not set +# CONFIG_COMPILER_OPTIMIZATION_PERF is not set +# CONFIG_COMPILER_OPTIMIZATION_NONE is not set CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y +# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_SILENT is not set +# CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_DISABLE is not set +CONFIG_COMPILER_FLOAT_LIB_FROM_GCCLIB=y CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2 +# CONFIG_COMPILER_OPTIMIZATION_CHECKS_SILENT is not set CONFIG_COMPILER_HIDE_PATHS_MACROS=y +# CONFIG_COMPILER_CXX_EXCEPTIONS is not set +# CONFIG_COMPILER_CXX_RTTI is not set +# CONFIG_COMPILER_STACK_CHECK_MODE_NONE is not set CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y +# CONFIG_COMPILER_STACK_CHECK_MODE_STRONG is not set +# CONFIG_COMPILER_STACK_CHECK_MODE_ALL is not set CONFIG_COMPILER_STACK_CHECK=y +# CONFIG_COMPILER_WARN_WRITE_STRINGS is not set +# CONFIG_COMPILER_SAVE_RESTORE_LIBCALLS is not set +# CONFIG_COMPILER_DISABLE_GCC12_WARNINGS is not set +# CONFIG_COMPILER_DUMP_RTL_FILES is not set +# end of Compiler options + +# We don't know that the min is actually v2, +# but this is the earliest tested. +CONFIG_ESP32C3_REV_MIN_2=y # # Partition Table