Merge branch 'feature/esp8266' (version 0.4.0)

* add support for esp8266 boards * switch to an asynchronous DNS resolution of endpoint hostname * switch to curve25519 implementation from libsodium-esphome
droscy · Feb 25, 2024 · d1262a2 · d1262a2
2 parents 4e17811 + b7bdbf0
commit d1262a2
Show file tree

Hide file tree

Showing 17 changed files with 328 additions and 708 deletions.
diff --git a/.gitignore b/.gitignore
@@ -4,4 +4,5 @@
 /.settings/
 /lib/
 /build/
+/dist/
 *.tar.gz
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 Copyright (c) 2021 Kenta Ida ([email protected])
 Copyright (c) 2022 Tomoyuki Sakurai ([email protected])
-Copyright (c) 2023 Simone Rossetto ([email protected])
+Copyright (c) 2023-2024 Simone Rossetto ([email protected])
 
 The original license is below:
 Copyright (c) 2021 Daniel Hope (www.floorsense.nz)

diff --git a/README.md b/README.md
@@ -8,50 +8,37 @@ for [ESPHome](https://esphome.io/), based on
 [![PlatformIO Registry](https://badges.registry.platformio.org/packages/droscy/library/esp_wireguard.svg)](https://registry.platformio.org/libraries/droscy/esp_wireguard)
 
 
-## Status and platforms
-
-The code is alpha and works only on `esp32` boards with both
-frameworks: `esp-idf` and `Arduino`.
-
-
 ## Usage
 
-Add the following snippet to your ESPHome `yaml` file:
+Please refer to the official documentation of [WireGuard Component](https://esphome.io/components/wireguard)
+in ESPHome website.
 
-```yaml
-external_components:
-  - source: github://pr#4256
-    components: [wireguard]
 
-  # or use my repo with code possibly not yet merged in official PR
-  #- source:
-  #    type: git
-  #    url: https://github.com/droscy/esphome
-  #    ref: wireguard/main
-  #  components: [wireguard]
-```
+## Compatibility
 
-and then read the [preview](https://deploy-preview-2948--esphome.netlify.app/components/wireguard.html)
-of the documentation with the description on how to use this component
-along with its sensors.
+This code targets only ESPHome and has been tested on `esp32` boards (with both frameworks `esp-idf` and `Arduino`)
+and on `esp8266` boards.
 
 
 ## References
 
 For additional information see:
 
-* the official PR [esphome/esphome#4256](https://github.com/esphome/esphome/pull/4256)
-
-* the documentation PR [esphome/esphome-docs#2948](https://github.com/esphome/esphome-docs/pull/2948)
-
 * the original feature-request [esphome/feature-requests#1444](https://github.com/esphome/feature-requests/issues/1444)
 
+* the first pull-request [esphome/esphome#4256](https://github.com/esphome/esphome/pull/4256)
+
 
 ## License
 
-BSD 3-Clause License (SPDX ID: BSD-3-Clause).
+BSD 3-Clause License (SPDX ID: BSD-3-Clause)
+
+This project is licensed under [BSD 3-Clause License](https://spdx.org/licenses/BSD-3-Clause.html)
+except where explicitly written in files themselves or when other license files state differently.
 
-Except where explicitly written in files themselves or when other license files state differently.
+"WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld.
+Please see ["WireGuard" Trademark Usage Policy](https://www.wireguard.com/trademark-policy/)
+for additional information.
 
 
 ## Authors

diff --git a/include/esp_wireguard.h b/include/esp_wireguard.h
@@ -1,6 +1,6 @@
 /*
  * Copyright (c) 2022 Tomoyuki Sakurai <[email protected]>
- * Copyright (c) 2023 Simone Rossetto <[email protected]>
+ * Copyright (c) 2023-2024 Simone Rossetto <[email protected]>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without modification,
@@ -38,8 +38,8 @@ extern "C" {
 
 #include <stdint.h>
 #include <time.h>
-#include <esp_err.h>
 #include <lwip/netif.h>
+#include "esp_wireguard_err.h"
 
 #define ESP_WIREGUARD_CONFIG_DEFAULT() { \
     .private_key = NULL, \
@@ -50,6 +50,7 @@ extern "C" {
     .address = NULL, \
     .netmask = NULL, \
     .endpoint = NULL, \
+    .endpoint_ip = IPADDR4_INIT(0), \
     .port = 51820, \
     .persistent_keepalive = 0, \
 }
@@ -71,6 +72,7 @@ typedef struct {
     const char* address;                /**< a local IP address. */
     const char* netmask;                /**< a subnet mask of the local IP address. */
     const char* endpoint;               /**< an endpoint IP address or hostname. */
+    ip_addr_t   endpoint_ip;            /**< endpoint IP address (internal use, resolved through dns query) */
     uint16_t    port;                   /**< a port number of remote endpoint. Default is 51820. */
     uint16_t    persistent_keepalive;   /**< a seconds interval, between 1 and 65535 inclusive, of how often to send an
                                              authenticated empty packet to the peer for the purpose of keeping a stateful
@@ -87,19 +89,22 @@ typedef struct {
 /**
  * @brief Initialize WireGuard
  *
- * Call this function to initilize the context of WireGuard.
+ * Call this function to initialize the context of WireGuard.
  *
  * Do not call this function multiple times.
  *
  * To connect to other peer, use `esp_wireguard_disconnect()`, and
- * `esp_wireguard_init()` with a new configuration.
+ * `esp_wireguard_init()` with a new configuration. To reconnect to
+ * the same peer just use `esp_wireguard_disconnect()` and then
+ * `esp_wireguard_connect()`.
  *
  * @param       config WireGuard configuration.
  * @param[out]  ctx Context of WireGuard.
  *
  * @return
  *      - ESP_OK: Successfully initilized WireGuard interface.
  *      - ESP_ERR_INVALID_ARG: given argument is invalid.
+ *      - ESP_ERR_INVALID_STATE: hostname dns resolution cannot start
  *      - ESP_FAIL: Other error.
  */
 esp_err_t esp_wireguard_init(wireguard_config_t *config, wireguard_ctx_t *ctx);
@@ -108,15 +113,18 @@ esp_err_t esp_wireguard_init(wireguard_config_t *config, wireguard_ctx_t *ctx);
  * @brief Create a WireGuard interface and start establishing the connection
  *        to the peer.
  *
- * Call the funtion to start establishing the connection. Note that `ESP_OK`
+ * Call this function to start establishing the connection. Note that `ESP_OK`
  * does not mean the connection is established. To see if the connection is
- * established, or the peer is up, use `esp_wireguardif_peer_is_up()`.
+ * established, or the peer is up, use `esp_wireguard_peer_is_up()`.
  *
  * Do not call this function multiple times.
  *
- * @param       ctx Context of WireGuard.
+ * @param ctx Context of WireGuard.
  * @return
  *      - ESP_OK on success.
+ *      - ESP_ERR_INVALID_ARG if input arguments are invalid
+ *      - ESP_ERR_RETRY dns query still ongoing for endpoint hostname resolution (retry connection)
+ *      - ESP_ERR_INVALID_IP if endpoint IP address is missing or invalid (dns query failed)
  *      - ESP_FAIL on failure.
  */
 esp_err_t esp_wireguard_connect(wireguard_ctx_t *ctx);
@@ -143,8 +151,14 @@ esp_err_t esp_wireguard_restore_default(const wireguard_ctx_t *ctx);
 
 /**
  * @brief Test if the peer is up.
+ * @param ctx Context of WireGuard
+ * @return
+ *      - ESP_OK on peer up.
+ *      - ESP_ERR_INVALID_ARG if ctx is NULL.
+ *      - ESP_FAIL on peer still down.
  */
-esp_err_t esp_wireguardif_peer_is_up(const wireguard_ctx_t *ctx);
+esp_err_t esp_wireguard_peer_is_up(const wireguard_ctx_t *ctx);
+#define esp_wireguardif_peer_is_up(ctx) esp_wireguard_peer_is_up(ctx)  /**< backward compatibility with esp_wireguard before v0.4 */
 
 /**
  * @brief Get timestamp of the latest handshake (with seconds resolution since unix epoch)

diff --git a/library.json b/library.json
@@ -1,8 +1,9 @@
 {
    "name": "esp_wireguard",
-   "version": "0.3.2",
+   "version": "0.4.0",
    "description": "WireGuard implementation for ESPHome",
    "keywords":[
+      "esphome",
       "communication",
       "network",
       "wireguard",
@@ -42,21 +43,45 @@
       }
    ],
    "license": "BSD-3-Clause",
+   "platforms": [
+      "espressif32",
+      "espressif8266"
+   ],
    "frameworks":[
       "espidf",
       "arduino"
    ],
+   "dependencies": [
+      {
+        "owner": "esphome",
+        "name": "libsodium",
+        "version": "^1.10018.1"
+      },
+      {
+        "owner": "droscy",
+        "name": "esp_mbedtls_esp8266",
+        "version": "^2.23.0",
+        "platforms": "espressif8266",
+        "frameworks": "arduino"
+      }
+   ],
    "headers":[
       "esp_wireguard.h"
    ],
    "export":{
       "include":[
+         "LICENSE",
+         "README.md",
+         "library.json",
          "include/*",
          "src/*"
       ]
    },
    "build":{
       "includeDir": "include",
-      "srcDir": "src"
+      "srcDir": "src",
+      "flags": [
+        "-Wno-unused-result"
+      ]
    }
 }
diff --git a/src/crypto.c b/src/crypto.c
@@ -15,8 +15,11 @@ bool crypto_equal(const void *a, const void *b, size_t size) {
 	uint8_t neq = 0;
 	while (size > 0) {
 		neq |= *(uint8_t *)a ^ *(uint8_t *)b;
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wpointer-arith"
 		a += 1;
 		b += 1;
+#pragma GCC diagnostic pop
 		size -= 1;
 	}
 	return (neq) ? false : true;

diff --git a/src/crypto.h b/src/crypto.h
@@ -18,8 +18,8 @@ extern "C" {
 #define wireguard_blake2s(out,outlen,key,keylen,in,inlen) blake2s(out,outlen,key,keylen,in,inlen)
 
 // X25519 IMPLEMENTATION
-#include "crypto/refc/x25519.h"
-#define wireguard_x25519(a,b,c)	x25519(a,b,c,1)
+#include <sodium.h>
+#define wireguard_x25519(a,b,c) crypto_scalarmult_curve25519(a,b,c)
 
 // CHACHA20POLY1305 IMPLEMENTATION
 #include "crypto/refc/chacha20poly1305.h"

diff --git a/src/crypto/refc/x25519-license.txt b/src/crypto/refc/x25519-license.txt