wolfssl
wolfssl copied to clipboard
wolfSSL
Using Custom user_settings.h with wolfSSL in HomeKit after Version Update
Version
5.7.2
Description
Hi everyone and @gojimmypi,
I'm working on an ESP-IDF HomeKit project and using wolfSSL as a managed component to simplify version updates. I've added wolfSSL as a component by including it in components/homekit/idf_component.yml, which makes it easier to update just by adjusting the version number.
In the components/homekit/user_settings.h file, I’ve set the necessary configurations to ensure smooth compilation.
However, my challenge is maintaining these custom settings across version updates. After updating to a new version of wolfSSL (e.g., from 5.7.2 to 5.7.3), I'd like my user_settings.h file to be used by default, without requiring additional manual steps.
Here’s a summary of what I've done so far:
wolfSSL is added as a managed component in components/homekit/idf_component.yml Custom configurations are set in components/homekit/user_settings.h wolfSSL is automatically downloaded as a managed component during the build process.
Question:
What adjustments or changes can I make to ensure my custom user_settings.h file is used automatically after updating the wolfSSL version in idf_component.yml? In other words, how can I ensure the project works "out of the box" with custom configurations after a version update?
Any suggestions or insights on how to approach this would be greatly appreciated!
Thanks in advance.
Best regards, Achim Pieters
Hi @AchimPieters
Thank you again for all your help in getting wolfSSL working well with your awesome ESP32 Apple HomeKit examples. Not only is that a cool project, but your use-case has been helpful in the design of the wolfSSL Managed Component.
What adjustments or changes can I make to ensure my custom user_settings.h file is used automatically ?
That's an excellent question! The answer is that to use the Managed Components, a custom user_settings.h is not possible at this time. The user_settings.h is currently part of the component; If the component manager sees that any part of the component has changed, then the component needs to be converted to a non-managed component. This of course defeats the purpose and value of having a Managed Component in the first place.
In order to customize wolfSSL for a given project, the current plan is to use the Espressif method of having all settings defined via the idy.py menuconfig. This means having sdkconfig.defaults available with an appropriate Kconfig file as described in the Project Configuration Documentation.
I suppose in theory, it might be possible to have a cleverly-crafted CMakeLists.txt that points to a wolfSSL user_settings.h in a user-defined directory outside of the component. I could see that as being both beneficial, but also potentially problematic. I'll need to experiment a bit with that. The trick would be having a user settings both inside and outside of the component. Perhaps some sort of "supplementary user settings file"? I don't know.
For now, please take a look at my current reference template app. Introduced in https://github.com/wolfSSL/wolfssl/pull/7866 I have many new settings available in the respective Kconfig file that will allow use of menuconfig and the respective sdkconfig.default files.
- Please let me know what settings you need that are not included in the template app ASAP.
I'm expecting a wolfSSL release in the relatively near future (and a Managed Component update shortly thereafter). I'd like to add any relevant settings that the Apple HomeKit support might need. It would be great to have those included in the next release.
Like your examples, I have many different ESP32 examples, not only here in the wolfSSL repo, but also:
I would also like to have a common user_settings.h, CMakeLists.txt, and Kconfig in the components/wolfssl directory used by all of the examples.
how can I ensure the project works "out of the box" with custom configurations after a version update?
I think the best method is with the sdkconfig.defaults and respective support in the user_settings.h file as well as in settings.h (see also https://github.com/wolfSSL/wolfssl/pull/7953 and the related changes to settings.h).
Note that the template user_settings.h already has a specific Apple HomeKit Section ready for any defaults across all HomeKit apps.
I'm interested in your feedback and suggestions.
Cheers
Hi @gojimmypi
Thank you for your detailed response. I’ve attached my current user_settings.h file.
After going through your message, I agree that using a sdkconfig.defaults OR Kconfig file could indeed be the solution here. Where sdkconfig.defaults has my preference.
This way, you can set up the necessary configurations per project, outside of the wolfSSL managed component. This would allow for seamless updates to the latest version of wolfSSL without having to manually adjust everything.
One idea could be to include a sample sdkconfig.defaults file as a template, which could be copied for each project and modified as needed. This would make it easier for users to customize settings while maintaining the benefits of the managed component.
Looking forward to hearing your thoughts on this approach!
Cheers
Hi @AchimPieters , no, not yet. Sorry for the delay.
I've been working on improving the esp-tls with wolfSSL in #7936. See also the related settings.h changes there.
If you could take a look at my template and/or esp_http_client_example and let me know which settings are missing, that would be very helpful.
I'm also taking any other suggestions, and even pull requests.
Otherwise I'll try to get to that as soon as I can. Thanks for your patience. I'd definitely like to have this update in the next release of wolfSSL that I suspect will be in the coming weeks.
About WolfSSL (WS) in ESP idf and managed components
Let me try to make an analogy with a pizza restaurant.
There are pizzas on the menu and pizzas where you select your own toppings. A crossover also exists with a menu pizza with extra toppings.
Now, WS as a managed component is menu pizza. We can only get it as a fixed item and with the template initiative, WS creates the menu. If we want to mess with the toppings, we have to invade the kitchen.
If we use WS as a git component, we can build our pizza and choose all the toppings. This gives us maximum flexibility. And the git component system gives us the possibility to adjust WS or upstream components any way we want in our own fork.
The key problem I have as an inventor is the inflexibility of tinkering with the toppings in managed mode. If there is a new version of WS, it will overwrite my settings, so I will avoid that , which is bad also. And once I have created my perfect recipe, it will take a lot of effort to get it on the menu of the restaurant.
The other side is that the offering for copy-cats will be easier to use.
In my opinion, there are no copy-cats in the target group of WS. There are inventors that integrate WS and then there are copy-cats that use these inventions. Like the HomeKit stack Achim ported and where I have been able to contribute. Those contributions worked because the component system, but would be terrible in the managed component style. This is because the managend components are no longer git aware of their own, but become part of the main project. That last bit makes source tracking difficult and bloats the project repository.
Now, to make it worse, the HomeKit stack needs to provide the settings for WS, not the main project that uses HomeKit as a component.
So, what to do?
I would want the settings of WS to be taken from a location set in the component that includes it in the dependency file. And maybe also, a layered approach where every higher layer can add a few details to the settings.
How to do that, I do not know yet, but I think the current approach is not appealing to inventors...
And one more thing: it took me an hour to make sure that what was in the managed component was actually derived 1:1 from the official WS repository. With security in mind, we do not want a backdoor to be installed by Espressif without detection.
@gojimmypi, I hope this helps in your quest to make your great product even better!
My 2 cents, M10
Hi @M10tech and thank you for your feedback!
Yes, you have some completely valid and accurate points.
managed components are no longer git aware of their own, but become part of the main project. That last bit makes source tracking difficult and bloats the project repository.
This in particular is unfortunately very true. The Managed Components definitely have there place: making it easy to add wolfSSL library to a project and get started easily. The unfortunate thing, as you pointed out, is that the code is completely disconnected from GitHub source control. In fact, it is even painful to make the simplest changes, as the component is then no longer "managed".
As for bloat, well, the installed files could be added to .gitignore, but otherwise I agree that the files add to project size. It does, however, completely contain everything in a simple, easy-to-use example.
we do not want a backdoor to be installed by Espressif without detection
This seems unlikely, but then once "published" you are correct that there's currently no way to prove the code is the same as-published. When the publishing is completed, it is all in a tgz package from my (the publisher's) perspective when uploaded. I suspect there's a way to have a hash to prove the downloaded library is the exact same as published. I'll need to do a bit more homework on this. This is an excellent suggestion, thanks for pointing it out.
This same problem exists of course, when wolfSSL is copied to the HomeKit repo. Actually, this is probably even worse from a security perspective.
In a commercial situation, we can provide guidance to ensure code integrity and reliability.
it took me an hour to make sure that what was in the managed component was actually derived 1:1 from the official WS repository
I am open to suggestions how to make this easier, in particular if I don't find a hash feature as described above for the Managed Component. I could perhaps create my own in-directory hashes at publish time and include the hash fingerprint in an official wolfSSL source.
So, what to do?
Well, like many things: it depends. I would probably not use a Managed Component in a project actively in development. As you noted, the disconnect from GitHub and inability to contribute upstream is a pretty big disadvantage.
In the case of the Apple HomeKit project, @AchimPieters really wants to make things as simple for new users as possible. I get it: that's important. I'm trying to discourage from having an entire local copy of wolfSSL in the project. (mainly for all the same issues of source integrity, and contributing to upstream). If you think the Managed Component adds bloat, OMG, a copy of the entire repo is even worse! lol
Using a Managed Component seemed to be a good way to accomplish "using wolfSSL but not having an entire copy".
There's also of course the option of having a submodule, the way the Espressif esp_wolfssl does. There's a place for that. I'm not particularly fond of the idea for ESP32 projects. It also adds a bit of complexity for the new user.
Me, well I use my development branch of wolfSSL when working on any project. A very small number of files are needed in the local project. See the template example.
All my projects are in a workspace directory:
workspace/wolfssl
workspace/myproject
The CMakeLists.txt can find wolfSSL in a parent directory, or have a specific location by setting WOLFSSL_ROOT. This is great for development, but admittedly a bit more complex for things like the Apple HomeKit.
For example, in the case of the HomeKit LED, one could add a local wolfSSL component, and simply remove the wolfSSL from EXTRA_COMPONENT_DIRS from the project's MakeLists.txt.
I would want the settings of WS to be taken from a location set in the component that includes it in the dependency file.
I believe having your own clone of wolfSSL and using the WOLFSSL_ROOT would accomplish this. Although the "dependency file" part would not work for the Managed Components. It would need to be a regular, non-managed component. I believe this is the only option for how the Espressif Managed Components work.
I know this all needs to be documented better. In fact, just this week I've been working on this.
I hope this helps in your quest to make your great product even better!
Thank you! I sincerely appreciate your feedback. You have a well informed and accurate assessment of the pros and cons of the Managed Components.
Do you have an interest in wolfSSL beyond the public HomeKit examples? Please reach out to [email protected] if there are things you'd like to discuss for a private project.
I'm certainly open to any additional ideas and feedback you have. Thanks again for taking the time to describe your concerns.
Hi @gojimmypi ,
As for bloat, well, the installed files could be added to .gitignore,
excellent idea but hard to get in place, right?
Just for brainstorming, without thought of feasibility or usefulness:
- make a branch or a separate repo fork with submodule of wolfssl in the wolf GitHub account
- put enough .gitignore to kill the bloat
- upload that branch in your .tgz including the .git stuff
- the git engine will detect any type of mismatches and the commit-id will be your fingerprint
- with a way to point to settings outside of that managed component we might be in business.
In answer of your other replies: When I develop, I want the develop environment to be the same as the final delivery. Setting a WOLFSSL_ROOT does not achieve that. I use LCM4ESP32 from HomeACcessoryKid and really like that flow. It has a beta mode for testing stuff before it hits the final users. But like this I know that every loose end of the integration is covered.
Hi @gojimmypi ,
Is there any update on a possible solution for this issue? I know Hackaday Supercon is this weekend, but you mentioned wanting to have an update ready for it.
If not, I’d love to hear how it went!
Hi @AchimPieters - many Espressif updates where included in the latest wolfSSL 5.7.4 Release, however I did not have time to determine if all the of the desired Apple HomeKit settings can be configured with the Kconfig (menuconfig) settings, nor have I had a chance to publish that release of wolfSSL as a Managed Component.
The good thing is that your HomeKit examples are all functional, but yes: I do think it would be better to have a Managed Component rather than an entire copy of wolfSSL in your repo.
@M10tech sorry for the delay in responding. There's a somewhat related topic Program can't find WolfSSL headers in ESP-IDF on the wolfSSL forum that may be of interest. You have some good ideas; let me know what I can do to help.
I want the develop environment to be the same as the final delivery. Setting a WOLFSSL_ROOT does not achieve that.
I'm curious why? I would think that specifically having a static version of wolfSSL (say, a clone checked out on a particular release tag), and shared between projects (or develop / release builds) would accomplish that goal. I must be missing something, so perhaps you could give an example? Thank you.
Hi @AchimPieters - have you had a chance to test the 5.7.4 release? Please let me know if there's anything outstanding for this issue.
I recently published another update: wolfssl v5.7.6 Managed Component.
Both of these recent versions are working well and include many new user settings options that can be selected when using the command-line idf.py menuconfig.
Options can be found at (top) -> Component config -> wolfSSL:
Reminders:
- Erase:
idf.py erase-flash -b 115200 -p /dev/ttyS44 - Set WiFi SSID and password before flash
- Program:
idf.py flash -p /dev/ttyS44 -b 115200 monitor -b 115200 - Add dee manually
- the default Apple Homekit code is
338-77-883
My serial monitor output today using an ESP32-C3:
ESP-ROM:esp32c3-api1-20210207
Build:Feb 7 2021
rst:0x1 (POWERON),boot:0xc (SPI_FAST_FLASH_BOOT)
SPIWP:0xee
mode:DIO, clock div:1
load:0x3fcd5820,len:0x1738
load:0x403cc710,len:0xb9c
load:0x403ce710,len:0x2e40
entry 0x403cc71a
I (30) boot: ESP-IDF 5.2.1.2407012 2nd stage bootloader
I (30) boot: compile time Mar 2 2025 09:32:32
I (30) boot: chip revision: v0.3
I (34) boot.esp32c3: SPI Speed : 80MHz
I (39) boot.esp32c3: SPI Mode : DIO
I (43) boot.esp32c3: SPI Flash Size : 2MB
I (48) boot: Enabling RNG early entropy source...
I (53) boot: Partition Table:
I (57) boot: ## Label Usage Type ST Offset Length
I (64) boot: 0 nvs WiFi data 01 02 00009000 00006000
I (72) boot: 1 phy_init RF data 01 01 0000f000 00001000
I (79) boot: 2 factory factory app 00 00 00010000 00100000
I (87) boot: End of partition table
I (91) esp_image: segment 0: paddr=00010020 vaddr=3c0b0020 size=2be00h (179712) map
I (127) esp_image: segment 1: paddr=0003be28 vaddr=3fc8f400 size=03000h ( 12288) load
I (130) esp_image: segment 2: paddr=0003ee30 vaddr=40380000 size=011e8h ( 4584) load
I (134) esp_image: segment 3: paddr=00040020 vaddr=42000020 size=af4e4h (718052) map
I (254) esp_image: segment 4: paddr=000ef50c vaddr=403811e8 size=0e01ch ( 57372) load
I (270) boot: Loaded app from partition at offset 0x10000
I (270) boot: Disabling RNG early entropy source...
>>> HomeKit: Starting server
>>> HomeKit: Formatting HomeKit storage
>>> HomeKit: Generated new accessory ID: 03:D8:1A:74:00:84
>>> HomeKit: Generated new accessory key
>>> HomeKit: Configuring mDNS
>>> homekit_setup_mdns: Accessory Setup ID = 1QJ8
>>> homekit_run_server: Starting HTTP server
>>> homekit_server_accept_client: Free heap: 218352
>>> HomeKit: [Client 1] Got new client connection from 192.168.1.122
>>> homekit_client_process: [Client 1] Got 132 incoming data
>>> homekit_server_on_pair_setup: Pair Setup
>>> homekit_server_on_pair_setup: Free heap: 220088
>>> tlv_debug: Got following TLV values:
>>> tlv_debug: Type 0 value (1 bytes): \x00
>>> tlv_debug: Type 6 value (1 bytes): \x01
>>> HomeKit: [Client 1] Pair Setup Step 1/3
>>> homekit_server_on_pair_setup: Free heap: 219988
>>> crypto_srp_new: Initializing SRP
>>> homekit_server_on_pair_setup: [Client 1] Initializing crypto
>>> homekit_server_on_pair_setup: Free heap: 211044
>>> homekit_server_on_pair_setup: [Client 1] Using user-specified password: 338-77-883
>>> crypto_srp_init: Generating salt
>>> crypto_srp_init: Setting SRP username
>>> crypto_srp_init: Setting SRP params
>>> crypto_srp_init: Setting SRP password
>>> crypto_srp_init: Getting SRP verifier
>>> crypto_srp_init: Setting SRP verifier
>>> crypto_srp_get_public_key: Calculating public key
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/pairing+tlv8\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x31\x39\x39\x0D\x0A\x03\xFF\x05\x71\x02\x55\xE5\x1F\x75\x6B\x12\x77\x75\xD0\x18\xF3\x75\x97\xB1\x87\x00\xA9\x25\x0C\x49\x42\xC8\x3B\xE0\x06\x74\x29\x21\xF9\x1D\x1F\x9F\x4C\x5C\x66\xA6\x39\x7D\xA9\xB1\xE7\x8E\xEE\x4F\x53\xCF\x3C\x9A\x67\xFC\xE9\xF2\x0A\x38\xA6\x7D\x7C\xFC\x74\x72\x00\xD2\xC5\xB6\xE6\x6D\xED\xD2\x4B\xD3\x54\x9C\x8B\xAF\xE8\x33\xC9\x0C\x52\xD8\x68\x28\x18\x64\x5B\x33\xE0\x5A\x87\x70\x00\x1F\xD9\xC3\x2B\x4B\x26\xB8\xC1\x6B\x78\xA9\xB2\x56\xB6\x82\x09\x9A\x59\x79\xDE\xEC\xFF\x5B\xDA\xA2\x7D\xA5\x23\x27\xC4\xBF\x2B\xBF\x43\x3E\x4D\x51\x98\x59\xEE\x1A\x11\x87\xAD\xAA\xED\x24\x2E\x75\xE2\x2B\x25\x07\xF2\xEC\xC8\xB8\x71\x23\x93\xAC\x2D\xE7\x3A\x7E\x50\x28\x46\x2E\x9E\x2A\x46\xD6\x8E\xFA\xC4\x79\x58\xE5\xC0\x7B\x3D\x3C\x12\x13\x13\x16\x77\x1C\xD5\x9B\x64\x76\x02\xCA\x8C\xCC\x4E\x9F\xF5\xBC\x66\xC4\xF7\x55\xA8\x6B\x89\xE8\x9E\x1F\x4E\xB9\xAB\xAF\x84\x00\xE5\xEC\x66\x38\xCC\xD5\x4E\x5F\xDF\x41\xD3\xDB\x36\x73\xC6\x7E\x8A\x7B\x79\xDE\x33\x97\x60\x5D\xDA\xA2\xBB\x6B\xE7\x34\xB4\x42\x33\xE4\x2D\xF3\xE1\x24\xA8\x46\x1F\x8E\xC8\x76\x03\x81\xD3\x33\x99\x3E\x93\x99\xFC\xE9\x20\xD0\xE6\xA9\x7B\x2A\xA3\x51\x9C\x9B\x0E\xA9\xAC\x93\x03\xE2\x55\x91\x0E\xF2\x21\xE4\x3E\xB7\x91\x6F\x58\x21\x44\xC0\x0B\x1F\x56\xBE\x33\xE5\xF3\x40\x74\x80\x7F\x04\xA4\x98\x20\x65\x84\x53\x0D\xC0\x84\xCB\x67\x87\xF4\x85\x62\xBB\xEC\x26\xAF\x65\xC1\x82\xF7\xAE\x67\x38\xAD\xA4\x85\x52\x86\xE2\xCB\x68\x9B\x1A\x93\x75\x82\x20\x5B\xBA\x59\x44\xE2\x0B\x9D\x8E\xBE\xFD\x26\x09\x03\xA6\xC0\x78\xA6\xCF\x8D\x7E\x95\x70\x8E\x7C\xF6\xD1\xF0\x65\xBD\x6A\x5F\x0E\x24\x67\xC2\xD0\x08\x94\x14\x02\x10\xAC\xA4\x1B\x68\x12\x03\x04\x33\xA1\xAD\x85\x21\x5E\x8D\x9B\xF0\x06\x01\x02\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 585 incoming data
>>> homekit_server_on_pair_setup: Pair Setup
>>> homekit_server_on_pair_setup: Free heap: 210872
>>> tlv_debug: Got following TLV values:
>>> tlv_debug: Type 6 value (1 bytes): \x03
>>> tlv_debug: Type 3 value (384 bytes): [omit]
>>> tlv_debug: Type 4 value (64 bytes): [omit]
>>> HomeKit: [Client 1] Pair Setup Step 2/3
>>> homekit_server_on_pair_setup: Free heap: 210336
>>> homekit_server_on_pair_setup: [Client 1] Computing SRP shared secret
>>> homekit_server_on_pair_setup: Free heap: 210336
>>> homekit_server_on_pair_setup: [Client 1] Verifying peer's proof
>>> homekit_server_on_pair_setup: Free heap: 210656
>>> homekit_server_on_pair_setup: [Client 1] Generating own proof
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/pairing+tlv8\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: [omit]
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 287 incoming data
>>> homekit_server_on_pair_setup: Pair Setup
>>> homekit_server_on_pair_setup: Free heap: 211192
>>> tlv_debug: Got following TLV values:
>>> tlv_debug: Type 5 value (154 bytes): [omit]
>>> tlv_debug: Type 6 value (1 bytes): \x05
>>> HomeKit: [Client 1] Pair Setup Step 3/3
>>> homekit_server_on_pair_setup: Free heap: 210972
>>> homekit_server_on_pair_setup: [Client 1] Calculating shared secret
>>> homekit_server_on_pair_setup: [Client 1] Decrypting payload
>>> homekit_server_on_pair_setup: [Client 1] Importing device public key
>>> homekit_server_on_pair_setup: [Client 1] Calculating DeviceX
>>> homekit_server_on_pair_setup: [Client 1] Verifying device signature
>>> HomeKit: Added pairing with CD52A808-E26A-45C1-AE40-296B389AD1D9
>>> homekit_server_on_pair_setup: [Client 1] Exporting accessory public key
>>> homekit_server_on_pair_setup: [Client 1] Calculating AccessoryX
>>> homekit_server_on_pair_setup: [Client 1] Generating accessory signature
>>> homekit_server_on_pair_setup: Free heap: 210848
>>> tlv_debug: Got following TLV values:
>>> tlv_debug: Type 1 value (17 bytes): \x30\x33\x3A\x44\x38\x3A\x31\x41\x3A\x37\x34\x3A\x30\x30\x3A\x38\x34
>>> tlv_debug: Type 3 value (32 bytes): \x6B\x08\x2E\x43\x2A\x20\x8B\x87\x0B\xD7\x70\xDE\x4C\x2F\x21\x97\x20\x7E\x9E\x80\xA8\xBD\x80\x94\x96\xFA\xD6\x75\x72\x19\xEB\x70
>>> tlv_debug: Type 10 value (64 bytes): \xD4\x26\x1B\x7E\x2E\xAE\xEF\xA8\xD9\xB5\x3C\x78\x04\x63\x05\x5F\x90\xFA\x3C\x93\x07\x15\x36\xAB\x43\x57\x4A\x18\xBC\xF6\xCB\x34\x3C\x7E\x38\x7E\x04\x75\x25\x71\x91\xED\xA0\xBC\xE4\x3A\x49\x10\x22\x40\x14\xB6\xD3\x00\x04\x99\xCC\xDD\xC9\xE4\x6C\xAB\x86\x08
>>> homekit_server_on_pair_setup: [Client 1] Encrypting response
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/pairing+tlv8\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: [omit]
>>> HomeKit: Configuring mDNS
E (25296) mdns: mdns_service_add_for_host(6005): Service already exists
>>> homekit_setup_mdns: Accessory Setup ID = 1QJ8
>>> HomeKit: [Client 1] Successfully paired
>>> homekit_client_process: [Client 1] Finished processing
>>> HomeKit: [Client 1] Closing client connection from 192.168.1.122
>>> homekit_server_accept_client: Free heap: 218204
>>> HomeKit: [Client 1] Got new client connection from 192.168.1.122
>>> homekit_client_process: [Client 1] Got 165 incoming data
>>> homekit_server_on_pair_verify: HomeKit Pair Verify
>>> homekit_server_on_pair_verify: Free heap: 219940
>>> tlv_debug: Got following TLV values:
>>> tlv_debug: Type 6 value (1 bytes): \x01
>>> tlv_debug: Type 3 value (32 bytes): \x04\x04\x33\xD5\x0D\xE5\x18\xBB\x7F\x3E\x81\x5F\x47\x3B\x79\x33\x30\x41\x44\x50\xE4\xC6\x00\x00\x89\x3B\xC3\x08\x8C\xC9\x6C\x5B
>>> HomeKit: [Client 1] Pair Verify Step 1/2
>>> homekit_server_on_pair_verify: [Client 1] Importing device Curve25519 public key
>>> homekit_server_on_pair_verify: [Client 1] Generating accessory Curve25519 key
>>> homekit_server_on_pair_verify: [Client 1] Exporting accessory Curve25519 public key
>>> homekit_server_on_pair_verify: [Client 1] Generating Curve25519 shared secret
>>> homekit_server_on_pair_verify: [Client 1] Generating signature
>>> homekit_server_on_pair_verify: [Client 1] Generating proof
>>> homekit_server_on_pair_verify: [Client 1] Encrypting response
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/pairing+tlv8\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: [omit]
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 254 incoming data
>>> homekit_server_on_pair_verify: HomeKit Pair Verify
>>> homekit_server_on_pair_verify: Free heap: 219632
>>> tlv_debug: Got following TLV values:
>>> tlv_debug: Type 5 value (120 bytes): [omit]
>>> tlv_debug: Type 6 value (1 bytes): \x03
>>> HomeKit: [Client 1] Pair Verify Step 2/2
>>> homekit_server_on_pair_verify: [Client 1] Decrypting payload
>>> homekit_server_on_pair_verify: [Client 1] Searching pairing with CD52A808-E26A-45C1-AE40-296B389AD1D9
>>> HomeKit: [Client 1] Found pairing with CD52A808-E26A-45C1-AE40-296B389AD1D9
>>> homekit_server_on_pair_verify: [Client 1] Verifying device signature
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/pairing+tlv8\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x33\x0D\x0A\x06\x01\x04\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
>>> HomeKit: [Client 1] Verification successful, secure session established
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 85 incoming data
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 67 bytes, available 0
Decrypted data (67 bytes): "\x47\x45\x54\x20\x2F\x61\x63\x63\x65\x73\x73\x6F\x72\x69\x65\x73\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x0D\x0A"
>>> HomeKit: [Client 1] Get Accessories
>>> homekit_server_on_get_accessories: Free heap: 219840
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/hap+json\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: 400\x0D\x0A{"accessories":[{"aid":1,"services":[{"iid":1,"type":"0000003E-0000-1000-8000-0026BB765291","hidden":false,"primary":false,"characteristics":[{"aid":1,"iid":2,"type":"00000023-0000-1000-8000-0026BB765291","perms":["pr"],"description":"Name","format":"string","value":"HomeKit LED"},{"aid":1,"iid":3,"type":"00000020-0000-1000-8000-0026BB765291","perms":["pr"],"description":"Manufacturer","format":"string","value":"StudioPieters\xC2\xAE"},{"aid":1,"iid":4,"type":"00000030-0000-1000-8000-0026BB765291","perms":["pr"],"description":"Serial Number","format":"string","value":"NLDA4SQN1466"},{"aid":1,"iid":5,"type":"00000021-0000-1000-8000-0026BB765291","perms":["pr"],"description":"Model","format":"string","value":"SD466NL/A"},{"aid":1,"iid":6,"type":"00000052-0000-1000-8000-0026BB765291","perms":["pr"],"description":"Firmware Revision","format":"string","value":"0.0.1"},{"aid":1,"iid":7,"type":"00000014-0000-1000-8000-0026BB765291","perms":["pw"],"description":"Identify","format":"bool"}]},{"iid":8,"type":"00000043-0000-1\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: 16f\x0D\x0A000-8000-0026BB765291","hidden":false,"primary":true,"characteristics":[{"aid":1,"iid":9,"type":"00000023-0000-1000-8000-0026BB765291","perms":["pr"],"description":"Name","format":"string","value":"HomeKit LED"},{"aid":1,"iid":10,"type":"00000025-0000-1000-8000-0026BB765291","perms":["pr","pw","ev"],"ev":false,"description":"On","format":"bool","value":false}]}]}]}\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 195 incoming data
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 177 bytes, available 0
Decrypted data (177 bytes): "\x50\x55\x54\x20\x2F\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x4C\x65\x6E\x67\x74\x68\x3A\x20\x35\x30\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x54\x79\x70\x65\x3A\x20\x61\x70\x70\x6C\x69\x63\x61\x74\x69\x6F\x6E\x2F\x68\x61\x70\x2B\x6A\x73\x6F\x6E\x0D\x0A\x0D\x0A\x7B\x22\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x22\x3A\x5B\x7B\x22\x61\x69\x64\x22\x3A\x31\x2C\x22\x69\x69\x64\x22\x3A\x31\x30\x2C\x22\x65\x76\x22\x3A\x74\x72\x75\x65\x7D\x5D\x7D"
>>> HomeKit: [Client 1] Update Characteristics
>>> homekit_server_on_update_characteristics: Free heap: 219840
>>> homekit_server_on_update_characteristics: [Client 1] Processing element {
"aid": 1,
"iid": 10,
"ev": true
}
>>> HomeKit: [Client 1] Subscribed to notifications of characteristic 1.10 ("On")
>>> homekit_server_on_update_characteristics: [Client 1] There were no processing errors, sending No Content response
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 204 No Content\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 97 incoming data
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 79 bytes, available 0
Decrypted data (79 bytes): "\x47\x45\x54\x20\x2F\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x3F\x69\x64\x3D\x31\x2E\x31\x30\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x0D\x0A"
>>> HomeKit: [Client 1] Get Characteristics
>>> homekit_server_on_get_characteristics: Free heap: 220096
>>> homekit_server_on_get_characteristics: [Client 1] Requested characteristic info for 1.10
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/hap+json\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> HomeKit: [Client 1] Requested characteristic info for 1.10 ("On")
>>> client_sendv: [Client 1] Sending payload: 36\x0D\x0A{"characteristics":[{"aid":1,"iid":10,"value":false}]}\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 197 incoming data
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 179 bytes, available 0
Decrypted data (179 bytes): "\x50\x55\x54\x20\x2F\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x4C\x65\x6E\x67\x74\x68\x3A\x20\x35\x32\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x54\x79\x70\x65\x3A\x20\x61\x70\x70\x6C\x69\x63\x61\x74\x69\x6F\x6E\x2F\x68\x61\x70\x2B\x6A\x73\x6F\x6E\x0D\x0A\x0D\x0A\x7B\x22\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x22\x3A\x5B\x7B\x22\x61\x69\x64\x22\x3A\x31\x2C\x22\x69\x69\x64\x22\x3A\x37\x2C\x22\x76\x61\x6C\x75\x65\x22\x3A\x74\x72\x75\x65\x7D\x5D\x7D"
>>> HomeKit: [Client 1] Update Characteristics
>>> homekit_server_on_update_characteristics: Free heap: 220108
>>> homekit_server_on_update_characteristics: [Client 1] Processing element {
"aid": 1,
"iid": 7,
"value": true
}
>>> HomeKit: [Client 1] Updating characteristic 1.7 ("Identify") with boolean true
>>> homekit_server_on_update_characteristics: [Client 1] There were no processing errors, sending No Content response
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 204 No Content\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 97 incoming data
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 79 bytes, available 0
Decrypted data (79 bytes): "\x47\x45\x54\x20\x2F\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x3F\x69\x64\x3D\x31\x2E\x31\x30\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x0D\x0A"
>>> HomeKit: [Client 1] Get Characteristics
>>> homekit_server_on_get_characteristics: Free heap: 220108
>>> homekit_server_on_get_characteristics: [Client 1] Requested characteristic info for 1.10
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 200 OK\x0D\x0AContent-Type: application/hap+json\x0D\x0ATransfer-Encoding: chunked\x0D\x0AConnection: keep-alive\x0D\x0A\x0D\x0A
>>> HomeKit: [Client 1] Requested characteristic info for 1.10 ("On")
>>> client_sendv: [Client 1] Sending payload: 36\x0D\x0A{"characteristics":[{"aid":1,"iid":10,"value":false}]}\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_client_process: [Client 1] Got 195 incoming data
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 177 bytes, available 0
Decrypted data (177 bytes): "\x50\x55\x54\x20\x2F\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x4C\x65\x6E\x67\x74\x68\x3A\x20\x35\x30\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x54\x79\x70\x65\x3A\x20\x61\x70\x70\x6C\x69\x63\x61\x74\x69\x6F\x6E\x2F\x68\x61\x70\x2B\x6A\x73\x6F\x6E\x0D\x0A\x0D\x0A\x7B\x22\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x22\x3A\x5B\x7B\x22\x61\x69\x64\x22\x3A\x31\x2C\x22\x69\x69\x64\x22\x3A\x31\x30\x2C\x22\x76\x61\x6C\x75\x65\x22\x3A\x31\x7D\x5D\x7D"
>>> HomeKit: [Client 1] Update Characteristics
>>> homekit_server_on_update_characteristics: Free heap: 220108
>>> homekit_server_on_update_characteristics: [Client 1] Processing element {
"aid": 1,
"iid": 10,
"value": 1
}
>>> HomeKit: [Client 1] Updating characteristic 1.10 ("On") with boolean true
>>> homekit_characteristic_notify: Got characteristic 1.10 change event
>>> homekit_server_on_update_characteristics: [Client 1] There were no processing errors, sending No Content response
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 204 No Content\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_server_process_notifications: [Client 1] Sending EVENT
>>> homekit_server_process_notifications: Free heap: 220108
>>> client_sendv: [Client 1] Sending payload: EVENT/1.0 200 OK\x0D\x0AContent-Type: application/hap+json\x0D\x0ATransfer-Encoding: chunked\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: 35\x0D\x0A{"characteristics":[{"aid":1,"iid":10,"value":true}]}\x0D\x0A
>>> homekit_client_process: [Client 1] Got 195 incoming data0D\x0A
>>> homekit_client_process: [Client 1] Decrypting data
>>> homekit_client_process: [Client 1] Decrypted 177 bytes, available 0
Decrypted data (177 bytes): "\x50\x55\x54\x20\x2F\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x20\x48\x54\x54\x50\x2F\x31\x2E\x31\x0D\x0A\x48\x6F\x73\x74\x3A\x20\x48\x6F\x6D\x65\x4B\x69\x74\x5C\x30\x33\x32\x4C\x45\x44\x2E\x5F\x68\x61\x70\x2E\x5F\x74\x63\x70\x2E\x6C\x6F\x63\x61\x6C\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x4C\x65\x6E\x67\x74\x68\x3A\x20\x35\x30\x0D\x0A\x43\x6F\x6E\x74\x65\x6E\x74\x2D\x54\x79\x70\x65\x3A\x20\x61\x70\x70\x6C\x69\x63\x61\x74\x69\x6F\x6E\x2F\x68\x61\x70\x2B\x6A\x73\x6F\x6E\x0D\x0A\x0D\x0A\x7B\x22\x63\x68\x61\x72\x61\x63\x74\x65\x72\x69\x73\x74\x69\x63\x73\x22\x3A\x5B\x7B\x22\x61\x69\x64\x22\x3A\x31\x2C\x22\x69\x69\x64\x22\x3A\x31\x30\x2C\x22\x76\x61\x6C\x75\x65\x22\x3A\x30\x7D\x5D\x7D"
>>> HomeKit: [Client 1] Update Characteristics
>>> homekit_server_on_update_characteristics: Free heap: 220132
>>> homekit_server_on_update_characteristics: [Client 1] Processing element {
"aid": 1,
"iid": 10,
"value": 0
}
>>> HomeKit: [Client 1] Updating characteristic 1.10 ("On") with boolean false
>>> homekit_characteristic_notify: Got characteristic 1.10 change event
>>> homekit_server_on_update_characteristics: [Client 1] There were no processing errors, sending No Content response
>>> client_sendv: [Client 1] Sending payload: HTTP/1.1 204 No Content\x0D\x0A\x0D\x0A
>>> homekit_client_process: [Client 1] Finished processing
>>> homekit_server_process_notifications: [Client 1] Sending EVENT
>>> homekit_server_process_notifications: Free heap: 220096
>>> client_sendv: [Client 1] Sending payload: EVENT/1.0 200 OK\x0D\x0AContent-Type: application/hap+json\x0D\x0ATransfer-Encoding: chunked\x0D\x0A\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: 36\x0D\x0A{"characteristics":[{"aid":1,"iid":10,"value":false}]}\x0D\x0A
>>> client_sendv: [Client 1] Sending payload: \x30\x0D\x0A\x0D\x0A
@gojimmypi I have tested the new version of wolfs version: 5.7.6
It looks like wolfSSL is working out of the box on most ESP platforms, including ESP32, ESP32C3, ESP32C5, ESP32C6, ESP62C61, ESP32S2, and ESP32S3. 🎉
However, there are some issues with:
ESP32C2 ESP32H2 ESP32P4
All of these are failing due to missing esp32/rom/aes.h, which seems to be unavailable in their respective ESP-IDF component directories. The error messages suggest that the missing header might need to be explicitly added to the INCLUDE_DIRS in idf_component_register within the CMakeLists.txt file.
For ESP32P4, there’s also an additional warning about an unexpected CONFIG_IDF_TARGET_NN value in user_settings.h. This might need further investigation to confirm if it's related to the unsupported target.
Possible next steps:
Verify if esp32/rom/aes.h is available for these chips in the ESP-IDF version being used. Check if these targets require a different approach for hardware crypto acceleration. Investigate the CONFIG_IDF_TARGET_NN issue on ESP32P4 and whether it's a misconfiguration or missing support.
ESP32C2 error:
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/sha256.h:85,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/random.h:109,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/tfm.h:48,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/wolfmath.h:44,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/rsa.h:61,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/asn.c:114:
/project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h:723:18: fatal error: esp32/rom/aes.h: No such file or directory
723 | #include "esp32/rom/aes.h"
| ^~~~~~~~~~~~~~~~~
compilation terminated.
ninja: build stopped: subcommand failed.
Missing "esp32/rom/aes.h" file name found in the following component(s): esp_rom(/opt/esp/idf/components/esp_rom/esp32/include/esp32/rom/aes.h). Maybe one of the components needs to add the missing header directory to INCLUDE_DIRS of idf_component_register call in CMakeLists.txt.
ninja failed with exit code 1, output of the command is in the /project/examples/led/build/log/idf_py_stderr_output_11179 and /project/examples/led/build/log/idf_py_stdout_output_11179
root@2a26bb907e69:/project/examples/led#
ESP32H2 error:
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/tfm.c:57:
/project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h:723:18: fatal error: esp32/rom/aes.h: No such file or directory
723 | #include "esp32/rom/aes.h"
| ^~~~~~~~~~~~~~~~~
compilation terminated.
[840/898] Building C object esp-idf/wo...ssl.dir/wolfcrypt/src/wc_encrypt.c.obj
ninja: build stopped: subcommand failed.
Missing "esp32/rom/aes.h" file name found in the following component(s): esp_rom(/opt/esp/idf/components/esp_rom/esp32/include/esp32/rom/aes.h). Maybe one of the components needs to add the missing header directory to INCLUDE_DIRS of idf_component_register call in CMakeLists.txt.
ninja failed with exit code 1, output of the command is in the /project/examples/led/build/log/idf_py_stderr_output_16992 and /project/examples/led/build/log/idf_py_stdout_output_16992
root@2a26bb907e69:/project/examples/led#
ESP32P4 error:
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/tfm.c:39:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/tfm.c:57:
/project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h:723:18: fatal error: esp32/rom/aes.h: No such file or directory
723 | #include "esp32/rom/aes.h"
| ^~~~~~~~~~~~~~~~~
compilation terminated.
[863/932] Building C object esp-idf/wo...fssl.dir/wolfcrypt/src/wc_pkcs11.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_pkcs11.c:26:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[864/932] Building C object esp-idf/wo...wolfssl.dir/wolfcrypt/src/wc_dsp.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_dsp.c:26:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[865/932] Building C object esp-idf/wo....dir/wolfcrypt/src/wc_kyber_poly.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_kyber_poly.c:70:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[866/932] Building C object esp-idf/wo...wolfssl.dir/wolfcrypt/src/wc_lms.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_lms.c:26:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[867/932] Building C object esp-idf/wo...lfssl.dir/wolfcrypt/src/wc_kyber.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_kyber.c:31:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[868/932] Building C object esp-idf/wo...sl.dir/wolfcrypt/src/wc_lms_impl.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_lms_impl.c:44:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[869/932] Building C object esp-idf/wo...l__wolfssl.dir/wolfcrypt/src/srp.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/srp.c:27:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[870/932] Building C object esp-idf/wo...ssl.dir/wolfcrypt/src/wc_encrypt.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_encrypt.c:27:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[871/932] Building C object esp-idf/wo...olfssl.dir/wolfcrypt/src/wc_xmss.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_xmss.c:26:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[872/932] Building C object esp-idf/wo...fssl.dir/wolfcrypt/src/wolfevent.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wolfevent.c:26:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[873/932] Building C object esp-idf/wo...olfssl.dir/wolfcrypt/src/wc_port.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_port.c:31:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[874/932] Building C object esp-idf/wo...l.dir/wolfcrypt/src/wc_xmss_impl.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wc_xmss_impl.c:36:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
[875/932] Building C object esp-idf/wo...lfssl.dir/wolfcrypt/src/wolfmath.c.obj
In file included from /project/examples/led/managed_components/wolfssl__wolfssl/wolfssl/wolfcrypt/settings.h:333,
from /project/examples/led/managed_components/wolfssl__wolfssl/wolfcrypt/src/wolfmath.c:34:
/project/examples/led/managed_components/wolfssl__wolfssl/include/user_settings.h:794:6: warning: #warning "Unexpected CONFIG_IDF_TARGET_NN value" [-Wcpp]
794 | #warning "Unexpected CONFIG_IDF_TARGET_NN value"
| ^~~~~~~
ninja: build stopped: subcommand failed.
Missing "esp32/rom/aes.h" file name found in the following component(s): esp_rom(/opt/esp/idf/components/esp_rom/esp32/include/esp32/rom/aes.h). Maybe one of the components needs to add the missing header directory to INCLUDE_DIRS of idf_component_register call in CMakeLists.txt.
ninja failed with exit code 1, output of the command is in the /project/examples/led/build/log/idf_py_stderr_output_23609 and /project/examples/led/build/log/idf_py_stdout_output_23609
root@2a26bb907e69:/project/examples/led#
@gojimmypi I also made a Major change to the ESP32-Homekit and ESP32-homekit-demo I made the ESP32-HomeKit available as Component at the ESP Registry
Hi @AchimPieters
it looks like wolfSSL is working out of the box on most ESP platforms, including ESP32, ESP32C3, ESP32C5, ESP32C6, ESP62C61, ESP32S2, and ESP32S3.
YAY!
I also made a Major change to the ESP32-Homekit and ESP32-homekit-demo I made the ESP32-HomeKit available as Component at the ESP Registry
That's very cool! I might suggest not instructing the user to use docker. Most people will probably be using the Official Espressif Instructions. (e.g. export.bat, etc.)
Otherwise that's really awesome to have the Apple Homekit as a Managed Cmoponent!
However, there are some issues with: ESP32C2, ESP32H2, ESP32P4
I believe some of the issues have ben worked ut since the most recent release of the 5.7.6 Managed Component.
Others were not, and some new polishing was needed; I've created https://github.com/wolfSSL/wolfssl/pull/8641 to address.
In any case, we'd really like to keep issues small and succinct. As such, since the original topic of this PR regarding user_settings.h has been addressed, I will close this issue.
Please feel free to open any new issues. Thank you again your help in testing and the awesome integration into your Apple Homekit examples.