From 424c45df9150028032a38e5a3c265755b835f8fc Mon Sep 17 00:00:00 2001 From: Laukik Hase Date: Mon, 17 Jan 2022 16:47:32 +0530 Subject: [PATCH] ci: Fix issues for build stage - Fixed logs expecting different format specifier - Updated ignore list for check_public_header test - Updated functions ported from mbedTLS --- .../esp_crypto_shared_gdma.c | 20 ++++--------- .../port/dynamic/esp_mbedtls_dynamic_impl.c | 8 +++--- .../port/dynamic/esp_mbedtls_dynamic_impl.h | 4 +-- components/mbedtls/port/dynamic/esp_ssl_tls.c | 28 ++++++++----------- .../mbedtls/port/esp_ds/esp_rsa_sign_alt.c | 6 ++-- components/mbedtls/port/sha/esp_sha.c | 20 ++++--------- tools/ci/check_copyright_ignore.txt | 2 -- tools/ci/check_public_headers_exceptions.txt | 1 + 8 files changed, 33 insertions(+), 56 deletions(-) diff --git a/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c b/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c index 30ec888dd7..83026a6274 100644 --- a/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c +++ b/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c @@ -1,16 +1,8 @@ -// Copyright 2021 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +/* + * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ #include "esp_crypto_shared_gdma.h" @@ -93,7 +85,7 @@ static esp_err_t crypto_shared_gdma_init(void) return ESP_OK; err: - ESP_LOGE(TAG, "Failed to acquire DMA channel, Err=0x%X", ret); + ESP_LOGE(TAG, "Failed to acquire DMA channel, Err=%d", ret); tx_channel = NULL; rx_channel = NULL; diff --git a/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.c b/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.c index 6fbce61a5a..e6329c5a42 100644 --- a/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.c +++ b/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.c @@ -258,12 +258,12 @@ int esp_mbedtls_add_tx_buffer(mbedtls_ssl_context *ssl, size_t buffer_len) esp_buf = mbedtls_calloc(1, SSL_BUF_HEAD_OFFSET_SIZE + buffer_len); if (!esp_buf) { - ESP_LOGE(TAG, "alloc(%d bytes) failed", SSL_BUF_HEAD_OFFSET_SIZE + buffer_len); + ESP_LOGE(TAG, "alloc(%zu bytes) failed", SSL_BUF_HEAD_OFFSET_SIZE + buffer_len); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - ESP_LOGV(TAG, "add out buffer %d bytes @ %p", buffer_len, esp_buf->buf); + ESP_LOGV(TAG, "add out buffer %zu bytes @ %p", buffer_len, esp_buf->buf); esp_mbedtls_init_ssl_buf(esp_buf, buffer_len); init_tx_buffer(ssl, esp_buf->buf); @@ -342,13 +342,13 @@ int esp_mbedtls_add_rx_buffer(mbedtls_ssl_context *ssl) ssl->in_hdr = msg_head; ssl->in_len = msg_head + 3; - if ((ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_hdr_len(ssl))) != 0) { + if ((ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_in_hdr_len(ssl))) != 0) { if (ret == MBEDTLS_ERR_SSL_TIMEOUT) { ESP_LOGD(TAG, "mbedtls_ssl_fetch_input reads data times out"); } else if (ret == MBEDTLS_ERR_SSL_WANT_READ) { ESP_LOGD(TAG, "mbedtls_ssl_fetch_input wants to read more data"); } else { - ESP_LOGE(TAG, "mbedtls_ssl_fetch_input error=-0x%x", -ret); + ESP_LOGE(TAG, "mbedtls_ssl_fetch_input error=%d", -ret); } goto exit; diff --git a/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.h b/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.h index a32f4e5b01..5dac6dd188 100644 --- a/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.h +++ b/components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.h @@ -26,7 +26,7 @@ TRACE_CHECK(_fn, "state"); \ \ if ((_ret = _fn) != 0) { \ - ESP_LOGV(TAG, "\"%s\" result is -0x%x", # _fn, -_ret); \ + ESP_LOGV(TAG, "\"%s\" result is %d", # _fn, -_ret); \ TRACE_CHECK(_fn, "fail"); \ return _ret; \ } \ @@ -46,7 +46,7 @@ struct esp_mbedtls_ssl_buf { unsigned char buf[]; }; -#define SSL_BUF_HEAD_OFFSET_SIZE offsetof(struct esp_mbedtls_ssl_buf, buf) +#define SSL_BUF_HEAD_OFFSET_SIZE ((int)offsetof(struct esp_mbedtls_ssl_buf, buf)) void esp_mbedtls_free_buf(unsigned char *buf); diff --git a/components/mbedtls/port/dynamic/esp_ssl_tls.c b/components/mbedtls/port/dynamic/esp_ssl_tls.c index 94ce4bf160..e64bc2e8c2 100644 --- a/components/mbedtls/port/dynamic/esp_ssl_tls.c +++ b/components/mbedtls/port/dynamic/esp_ssl_tls.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -39,22 +39,11 @@ static int rx_done(mbedtls_ssl_context *ssl) return 1; } - ESP_LOGD(TAG, "RX left %d bytes", ssl->in_msglen); + ESP_LOGD(TAG, "RX left %zu bytes", ssl->in_msglen); return 0; } -static void ssl_transform_init( mbedtls_ssl_transform *transform ) -{ - memset( transform, 0, sizeof(mbedtls_ssl_transform) ); - - mbedtls_cipher_init( &transform->cipher_ctx_enc ); - mbedtls_cipher_init( &transform->cipher_ctx_dec ); - - mbedtls_md_init( &transform->md_ctx_enc ); - mbedtls_md_init( &transform->md_ctx_dec ); -} - static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -98,7 +87,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) handshake->update_checksum = ssl_update_checksum_start; #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs ); #endif @@ -116,13 +105,18 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #endif #endif -#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) +#if defined(MBEDTLS_SSL_ECP_RESTARTABLE) mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); #endif #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET; #endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_pk_init( &handshake->peer_pubkey ); +#endif } static int ssl_handshake_init( mbedtls_ssl_context *ssl ) @@ -174,7 +168,7 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl ) /* Initialize structures */ mbedtls_ssl_session_init( ssl->session_negotiate ); - ssl_transform_init( ssl->transform_negotiate ); + mbedtls_ssl_transform_init( ssl->transform_negotiate ); ssl_handshake_params_init( ssl->handshake ); return( 0 ); @@ -219,7 +213,7 @@ int __wrap_mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t ESP_LOGD(TAG, "fail, the connection indicated an EOF"); return 0; } else if (ret < 0) { - ESP_LOGD(TAG, "fail, error=-0x%x", -ret); + ESP_LOGD(TAG, "fail, error=%d", -ret); return ret; } ESP_LOGD(TAG, "end"); diff --git a/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c b/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c index 8eeebf2b5f..7368ac4fac 100644 --- a/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c +++ b/components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c @@ -222,7 +222,7 @@ int esp_ds_rsa_sign( void *ctx, } if ((ret = (rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, ((s_ds_data->rsa_length + 1) * FACTOR_KEYLEN_IN_BYTES), sig ))) != 0) { - ESP_LOGE(TAG, "Error in pkcs1_v15 encoding, returned %02x", ret); + ESP_LOGE(TAG, "Error in pkcs1_v15 encoding, returned %d", ret); heap_caps_free(signature); return -1; } @@ -236,14 +236,14 @@ int esp_ds_rsa_sign( void *ctx, s_esp_ds_hmac_key_id, &esp_ds_ctx); if (ds_r != ESP_OK) { - ESP_LOGE(TAG, "Error in esp_ds_start_sign, returned %02x ", ds_r); + ESP_LOGE(TAG, "Error in esp_ds_start_sign, returned %d ", ds_r); heap_caps_free(signature); return -1; } ds_r = esp_ds_finish_sign((void *)signature, esp_ds_ctx); if (ds_r != ESP_OK) { - ESP_LOGE(TAG, "Error in esp_ds_finish sign, returned %02X ", ds_r); + ESP_LOGE(TAG, "Error in esp_ds_finish sign, returned %d ", ds_r); heap_caps_free(signature); return -1; } diff --git a/components/mbedtls/port/sha/esp_sha.c b/components/mbedtls/port/sha/esp_sha.c index 82a7ac1d0d..aa4fc23b17 100644 --- a/components/mbedtls/port/sha/esp_sha.c +++ b/components/mbedtls/port/sha/esp_sha.c @@ -1,16 +1,8 @@ -// Copyright 2018-2019 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +/* + * SPDX-FileCopyrightText: 2018-2022 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ #include #include @@ -100,6 +92,6 @@ void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, uns } #endif //SOC_SHA_SUPPORT_SHA512 - ESP_LOGE(TAG, "SHA type %d not supported", sha_type); + ESP_LOGE(TAG, "SHA type %d not supported", (int)sha_type); abort(); } diff --git a/tools/ci/check_copyright_ignore.txt b/tools/ci/check_copyright_ignore.txt index 31cec22de0..a95a26993f 100644 --- a/tools/ci/check_copyright_ignore.txt +++ b/tools/ci/check_copyright_ignore.txt @@ -1250,7 +1250,6 @@ components/mbedtls/port/aes/dma/include/esp_aes_dma_priv.h components/mbedtls/port/aes/esp_aes_common.c components/mbedtls/port/aes/esp_aes_gcm.c components/mbedtls/port/aes/esp_aes_xts.c -components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c components/mbedtls/port/esp32/bignum.c components/mbedtls/port/esp32c2/bignum.c components/mbedtls/port/esp32c3/bignum.c @@ -1294,7 +1293,6 @@ components/mbedtls/port/sha/dma/esp_sha_crypto_dma_impl.c components/mbedtls/port/sha/dma/esp_sha_gdma_impl.c components/mbedtls/port/sha/dma/include/esp_sha_dma_priv.h components/mbedtls/port/sha/dma/sha.c -components/mbedtls/port/sha/esp_sha.c components/mbedtls/port/sha/parallel_engine/esp_sha1.c components/mbedtls/port/sha/parallel_engine/esp_sha256.c components/mbedtls/port/sha/parallel_engine/esp_sha512.c diff --git a/tools/ci/check_public_headers_exceptions.txt b/tools/ci/check_public_headers_exceptions.txt index 949adf0557..ea1a9908d9 100644 --- a/tools/ci/check_public_headers_exceptions.txt +++ b/tools/ci/check_public_headers_exceptions.txt @@ -47,6 +47,7 @@ components/wpa_supplicant/esp_supplicant/include/ components/mbedtls/port/include/ components/mbedtls/mbedtls/include/mbedtls/ +components/mbedtls/mbedtls/include/psa/ components/coap/