It may not be as glamorous as the new ESP32 RISC-V chipsets with all the various hardware acceleration capabilities, but the ESP8266 is a well established device which has a large codebase available with an even larger user community.
Due to high customer demand, we’ve enhanced the wolfSSL libraries for the ESP8266. The recent changes have improved both the ESP-IDF CMake and traditional Makefile builds. This new capability allows for specification of the wolfSSL component source code as an alternative to using the setup script to copy everything locally.
For make, set the WOLFSSL_ROOT value in components/wolfssl/component.mk
For cmake, there are more options:
- Set the WOLFSSL_ROOT value in components/wolfssl/CMakeLists.txt
- Set the WOLFSSL_ROOT environment variable.
- Have the components/wolfssl/CMakeLists.txt as a subdirectory in wolfSSL.
When a project is in a subdirectory of wolfSSL, the cmake file will search parent directories, up to the root, looking for wolfSSL.
The ability to specify the wolfSSL component source code ensures consistent versioning across projects and facilitates easy updates via GitHub.
You may have seen our recent announcement regarding wolfCrypt hardware acceleration for the ESP32 series. There’s no such capability on the ESP8266. However, there’s still a noticeable difference between debug and release optimizations, as shown at the end of this blog.
Once the Espressif ESP8266 RTOS SDK is installed, it is easy to get the wolfSSL examples working (see the README for more details):
# Set your path to RTOS SDK, # shown here for default from WSL with VisualGDB WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4 # or WRK_IDF_PATH=~/esp/ESP8266_RTOS_SDK # Setup the environment . $WRK_IDF_PATH/export.sh # Optional: install as needed / prompted # /mnt/c/SysGCC/esp8266/rtos-sdk/v3.4/install.sh # Fetch wolfssl from GitHub if needed: cd /workspace git clone https://github.com/wolfSSL/wolfssl.git # change directory to wolfssl client example. cd wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client # Adjust settings as desired # Set IP address and wifi SSID name & password idf.py menuconfig # Build, flash and monitor idf.py build flash -p /dev/ttyS70 -b 115200 idf.py monitor -p /dev/ttyS70 -b 74880
Are you interested in using the ESP8266 or ESP32 in your next project? Let us know! We love to hear about how wolfSSL is being used, and can optionally help promote your project on social media, with your approval.
Get Started with wolfSSL
Additional information on getting Started with wolfSSL on the Espressif environment is available on the wolfSSL GitHub repository as well as this YouTube recording:
Benchmark metrics for the ESP8266, compiler optimization for size (-oS):
Chip is ESP8266 (revision v1), Crystal is 26MHz, cpu freq: 160000000 Hz (160MHz)
I (59) boot: ESP-IDF v3.4 2nd stage bootloader I (59) boot: compile time 13:01:06 I (68) qio_mode: Enabling default flash chip QIO I (68) boot: SPI Speed : 40MHz I (72) boot: SPI Mode : QIO I (78) boot: SPI Flash Size : 2MB I (84) boot: Partition Table: I (89) boot: ## Label Usage Type ST Offset Length I (101) boot: 0 nvs WiFi data 01 02 00009000 00006000 I (112) boot: 1 phy_init RF data 01 01 0000f000 00001000 I (124) boot: 2 factory factory app 00 00 00010000 000f0000 I (136) boot: End of partition table I (142) esp_image: segment 0: paddr=0x00010010 vaddr=0x40210010 size=0x40874 (264308) map I (227) esp_image: segment 1: paddr=0x0005088c vaddr=0x40250884 size=0x13cd4 ( 81108) map I (250) esp_image: segment 2: paddr=0x00064568 vaddr=0x3ffe8000 size=0x004d0 ( 1232) load I (251) esp_image: segment 3: paddr=0x00064a40 vaddr=0x40100000 size=0x00080 ( 128) load I (262) esp_image: segment 4: paddr=0x00064ac8 vaddr=0x40100080 size=0x045a8 ( 17832) load I (279) boot: Loaded app from partition at offset 0x10000 I (299) main: This is ESP8266 chip with 1 CPU cores, WiFi, I (301) main: silicon revision 1, I (303) main: 2MB external flash wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) RNG 575 KiB took 1.022 seconds, 562.622 KiB/s Cycles per byte = 1.57 AES-128-CBC-enc 125 KiB took 1.247 seconds, 100.241 KiB/s Cycles per byte = 17.25 AES-128-CBC-dec 250 KiB took 1.089 seconds, 229.568 KiB/s Cycles per byte = 12.82 AES-192-CBC-enc 100 KiB took 1.087 seconds, 91.996 KiB/s Cycles per byte = 42.30 AES-192-CBC-dec 225 KiB took 1.019 seconds, 220.805 KiB/s Cycles per byte = 23.32 AES-256-CBC-enc 100 KiB took 1.189 seconds, 84.104 KiB/s Cycles per byte = 64.92 AES-256-CBC-dec 225 KiB took 1.075 seconds, 209.302 KiB/s Cycles per byte = 33.33 AES-128-GCM-enc 75 KiB took 1.001 seconds, 74.925 KiB/s Cycles per byte = 113.90 AES-128-GCM-dec 75 KiB took 1.001 seconds, 74.925 KiB/s Cycles per byte = 126.15 AES-192-GCM-enc 75 KiB took 1.053 seconds, 71.225 KiB/s Cycles per byte = 139.33 AES-192-GCM-dec 75 KiB took 1.053 seconds, 71.225 KiB/s Cycles per byte = 153.21 AES-256-GCM-enc 75 KiB took 1.137 seconds, 65.963 KiB/s Cycles per byte = 168.58 AES-256-GCM-dec 75 KiB took 1.137 seconds, 65.963 KiB/s Cycles per byte = 183.13 GMAC Default 342 KiB took 1.001 seconds, 341.658 KiB/s Cycles per byte = 43.08 3DES 200 KiB took 1.115 seconds, 179.372 KiB/s Cycles per byte = 79.45 MD5 5225 KiB took 1.000 seconds, 5225.000 KiB/s Cycles per byte = 3.22 SHA 2300 KiB took 1.000 seconds, 2300.000 KiB/s Cycles per byte = 7.76 SHA-224 1475 KiB took 1.009 seconds, 1461.843 KiB/s Cycles per byte = 12.71 SHA-256 1475 KiB took 1.008 seconds, 1463.294 KiB/s Cycles per byte = 13.40 SHA-384 475 KiB took 1.014 seconds, 468.442 KiB/s Cycles per byte = 43.79 SHA-512 475 KiB took 1.012 seconds, 469.368 KiB/s Cycles per byte = 45.90 SHA-512/224 475 KiB took 1.012 seconds, 469.368 KiB/s Cycles per byte = 47.99 SHA-512/256 475 KiB took 1.013 seconds, 468.904 KiB/s Cycles per byte = 50.12 SHA3-224 1250 KiB took 1.018 seconds, 1227.898 KiB/s Cycles per byte = 19.77 SHA3-256 1175 KiB took 1.003 seconds, 1171.486 KiB/s Cycles per byte = 21.96 SHA3-384 925 KiB took 1.021 seconds, 905.975 KiB/s Cycles per byte = 28.84 SHA3-512 650 KiB took 1.024 seconds, 634.766 KiB/s Cycles per byte = 42.68 SHAKE128 1450 KiB took 1.011 seconds, 1434.224 KiB/s Cycles per byte = 19.80 SHAKE256 1175 KiB took 1.002 seconds, 1172.655 KiB/s Cycles per byte = 25.22 RIPEMD 4375 KiB took 1.002 seconds, 4366.267 KiB/s Cycles per byte = 7.01 HMAC-MD5 5175 KiB took 1.002 seconds, 5164.671 KiB/s Cycles per byte = 6.11 HMAC-SHA 2325 KiB took 1.009 seconds, 2304.262 KiB/s Cycles per byte = 14.05 HMAC-SHA224 1475 KiB took 1.017 seconds, 1450.344 KiB/s Cycles per byte = 22.83 HMAC-SHA256 1475 KiB took 1.017 seconds, 1450.344 KiB/s Cycles per byte = 23.46 HMAC-SHA384 475 KiB took 1.049 seconds, 452.812 KiB/s Cycles per byte = 74.96 HMAC-SHA512 475 KiB took 1.048 seconds, 453.244 KiB/s Cycles per byte = 77.12 PBKDF2 0 KiB took 1.077 seconds, 0.174 KiB/s Cycles per byte = 201056.28 RSA 1024 key gen 1 ops took 65.685 sec, avg 65685.000 ms, 0.015 ops/sec RSA 2048 key gen 1 ops took 77.480 sec, avg 77480.000 ms, 0.013 ops/sec RSA 2048 public 10 ops took 1.035 sec, avg 103.500 ms, 9.662 ops/sec RSA 2048 private 2 ops took 44.756 sec, avg 22378.000 ms, 0.045 ops/sec ECC [ SECP256R1] 256 key gen 2 ops took 1.662 sec, avg 831.000 ms, 1.203 ops/sec ECDHE [ SECP256R1] 256 agree 2 ops took 1.668 sec, avg 834.000 ms, 1.199 ops/sec ECDSA [ SECP256R1] 256 sign 2 ops took 1.688 sec, avg 844.000 ms, 1.185 ops/sec ECDSA [ SECP256R1] 256 verify 2 ops took 3.212 sec, avg 1606.000 ms, 0.623 ops/sec CURVE 25519 key gen 2 ops took 1.785 sec, avg 892.500 ms, 1.120 ops/sec CURVE 25519 agree 2 ops took 1.326 sec, avg 663.000 ms, 1.508 ops/sec ED 25519 key gen 15 ops took 1.009 sec, avg 67.267 ms, 14.866 ops/sec ED 25519 sign 14 ops took 1.008 sec, avg 72.000 ms, 13.889 ops/sec ED 25519 verify 6 ops took 1.140 sec, avg 190.000 ms, 5.263 ops/sec Benchmark complete
Benchmark metrics for the ESP8266, No Compiler Optimization (debug -Og):
Chip is ESP8266 (revision v1), Crystal is 26MHz, cpu freq: 160000000 Hz (160MHz)
I (60) boot: ESP-IDF v3.4 2nd stage bootloader I (60) boot: compile time 14:00:00 I (69) qio_mode: Enabling default flash chip QIO I (69) boot: SPI Speed : 40MHz I (73) boot: SPI Mode : QIO I (79) boot: SPI Flash Size : 2MB I (85) boot: Partition Table: I (91) boot: ## Label Usage Type ST Offset Length I (102) boot: 0 nvs WiFi data 01 02 00009000 00006000 I (114) boot: 1 phy_init RF data 01 01 0000f000 00001000 I (125) boot: 2 factory factory app 00 00 00010000 000f0000 I (137) boot: End of partition table I (143) esp_image: segment 0: paddr=0x00010010 vaddr=0x40210010 size=0x46e48 (290376) map I (255) esp_image: segment 1: paddr=0x00056e60 vaddr=0x40256e58 size=0x14560 ( 83296) map I (284) esp_image: segment 2: paddr=0x0006b3c8 vaddr=0x3ffe8000 size=0x004dc ( 1244) load I (285) esp_image: segment 3: paddr=0x0006b8ac vaddr=0x40100000 size=0x00080 ( 128) load I (296) esp_image: segment 4: paddr=0x0006b934 vaddr=0x40100080 size=0x046a4 ( 18084) load I (315) boot: Loaded app from partition at offset 0x10000 I (334) main: This is ESP8266 chip with 1 CPU cores, WiFi, I (337) main: silicon revision 1, I (339) main: 2MB external flash wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) RNG 375 KiB took 1.019 seconds, 368.008 KiB/s Cycles per byte = 2.74 AES-128-CBC-enc 75 KiB took 1.168 seconds, 64.212 KiB/s Cycles per byte = 27.59 AES-128-CBC-dec 475 KiB took 1.045 seconds, 454.545 KiB/s Cycles per byte = 6.43 AES-192-CBC-enc 75 KiB took 1.272 seconds, 58.962 KiB/s Cycles per byte = 57.19 AES-192-CBC-dec 425 KiB took 1.007 seconds, 422.046 KiB/s Cycles per byte = 12.70 AES-256-CBC-enc 75 KiB took 1.362 seconds, 55.066 KiB/s Cycles per byte = 88.98 AES-256-CBC-dec 400 KiB took 1.053 seconds, 379.867 KiB/s Cycles per byte = 19.31 AES-128-GCM-enc 75 KiB took 1.440 seconds, 52.083 KiB/s Cycles per byte = 121.83 AES-128-GCM-dec 75 KiB took 1.440 seconds, 52.083 KiB/s Cycles per byte = 141.40 AES-192-GCM-enc 50 KiB took 1.026 seconds, 48.733 KiB/s Cycles per byte = 230.32 AES-192-GCM-dec 50 KiB took 1.026 seconds, 48.733 KiB/s Cycles per byte = 249.89 AES-256-GCM-enc 50 KiB took 1.076 seconds, 46.468 KiB/s Cycles per byte = 273.47 AES-256-GCM-dec 50 KiB took 1.076 seconds, 46.468 KiB/s Cycles per byte = 294.31 GMAC Default 247 KiB took 1.003 seconds, 246.261 KiB/s Cycles per byte = 63.60 3DES 175 KiB took 1.121 seconds, 156.111 KiB/s Cycles per byte = 95.82 MD5 1100 KiB took 1.008 seconds, 1091.270 KiB/s Cycles per byte = 16.18 SHA 3900 KiB took 1.000 seconds, 3900.000 KiB/s Cycles per byte = 4.82 SHA-224 925 KiB took 1.007 seconds, 918.570 KiB/s Cycles per byte = 21.27 SHA-256 925 KiB took 1.002 seconds, 923.154 KiB/s Cycles per byte = 22.43 SHA-384 850 KiB took 1.009 seconds, 842.418 KiB/s Cycles per byte = 25.58 SHA-512 850 KiB took 1.007 seconds, 844.091 KiB/s Cycles per byte = 26.63 SHA-512/224 850 KiB took 1.004 seconds, 846.614 KiB/s Cycles per byte = 27.75 SHA-512/256 850 KiB took 1.008 seconds, 843.254 KiB/s Cycles per byte = 28.90 SHA3-224 700 KiB took 1.000 seconds, 700.000 KiB/s Cycles per byte = 36.47 SHA3-256 675 KiB took 1.021 seconds, 661.117 KiB/s Cycles per byte = 39.45 SHA3-384 525 KiB took 1.035 seconds, 507.246 KiB/s Cycles per byte = 52.72 SHA3-512 375 KiB took 1.048 seconds, 357.824 KiB/s Cycles per byte = 76.24 SHAKE128 800 KiB took 1.001 seconds, 799.201 KiB/s Cycles per byte = 37.12 SHAKE256 675 KiB took 1.031 seconds, 654.704 KiB/s Cycles per byte = 45.49 RIPEMD 4300 KiB took 1.002 seconds, 4291.417 KiB/s Cycles per byte = 7.35 HMAC-MD5 1100 KiB took 1.017 seconds, 1081.613 KiB/s Cycles per byte = 29.67 HMAC-SHA 4100 KiB took 1.004 seconds, 4083.665 KiB/s Cycles per byte = 8.20 HMAC-SHA224 925 KiB took 1.021 seconds, 905.975 KiB/s Cycles per byte = 37.38 HMAC-SHA256 925 KiB took 1.016 seconds, 910.433 KiB/s Cycles per byte = 38.53 HMAC-SHA384 825 KiB took 1.002 seconds, 823.353 KiB/s Cycles per byte = 44.42 HMAC-SHA512 850 KiB took 1.024 seconds, 830.078 KiB/s Cycles per byte = 44.23 PBKDF2 0 KiB took 1.283 seconds, 0.097 KiB/s Cycles per byte = 311171.78 RSA 1024 key gen 1 ops took 28.932 sec, avg 28932.000 ms, 0.035 ops/sec RSA 2048 key gen 1 ops took 382.088 sec, avg 382088.000 ms, 0.003 ops/sec RSA 2048 public 12 ops took 1.130 sec, avg 94.167 ms, 10.619 ops/sec RSA 2048 private 2 ops took 39.968 sec, avg 19984.000 ms, 0.050 ops/sec ECC [ SECP256R1] 256 key gen 2 ops took 1.591 sec, avg 795.500 ms, 1.257 ops/sec ECDHE [ SECP256R1] 256 agree 2 ops took 1.597 sec, avg 798.500 ms, 1.252 ops/sec ECDSA [ SECP256R1] 256 sign 2 ops took 1.619 sec, avg 809.500 ms, 1.235 ops/sec ECDSA [ SECP256R1] 256 verify 2 ops took 3.093 sec, avg 1546.500 ms, 0.647 ops/sec CURVE 25519 key gen 2 ops took 1.988 sec, avg 994.000 ms, 1.006 ops/sec CURVE 25519 agree 2 ops took 1.529 sec, avg 764.500 ms, 1.308 ops/sec ED 25519 key gen 17 ops took 1.038 sec, avg 61.059 ms, 16.378 ops/sec ED 25519 sign 16 ops took 1.041 sec, avg 65.062 ms, 15.370 ops/sec ED 25519 verify 6 ops took 1.334 sec, avg 222.333 ms, 4.498 ops/sec Benchmark complete
Questions?
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now