alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-09-20 00:36:01 -04:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

mbedtls: Added config options for v2.28.0 upgrade

Browse Source
This commit is contained in:
Laukik Hase 2021-12-27 18:41:09 +05:30
parent 0fdc5f7490
commit 76658d5066
2 changed files with 371 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
components/mbedtls/Kconfig
View File

@ -97,6 +97,13 @@ menu "mbedTLS"
This defines maximum outgoing fragment length, overriding default
maximum content length (MBEDTLS_SSL_MAX_CONTENT_LEN).
config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
bool "Variable SSL buffer length"
default n
help
This enables the SSL buffer to be resized automatically
based on the negotiated maximum fragment length in each direction.
config MBEDTLS_DYNAMIC_BUFFER
bool "Using dynamic TX/RX buffer"
default n
@ -220,16 +227,21 @@ menu "mbedTLS"
relative to the project root directory.
endmenu
config MBEDTLS_ECP_RESTARTABLE
bool "Enable mbedTLS ecp restartable"
default n
help
Enable "non-blocking" ECC operations that can return early and be resumed.
config MBEDTLS_ECDH_LEGACY_CONTEXT
bool "Use a backward compatible ECDH context (Experimental)"
default y
depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_RESTARTABLE
help
Use the legacy ECDH context format.
Define this option only if you enable MBEDTLS_ECP_RESTARTABLE or if you
want to access ECDH context fields directly.
config MBEDTLS_CMAC_C
bool "Enable CMAC mode for block ciphers"
default n
@ -712,8 +724,94 @@ menu "mbedTLS"
help
Support for parsing X.509 Certifificate Signing Requests
config MBEDTLS_X509_TRUSTED_CERT_CALLBACK
bool "Enable trusted certificate callbacks"
default n
help
Enables users to configure the set of trusted certificates
through a callback instead of a linked list.
See mbedTLS documentation for required API and more details.
endmenu # Certificates
menu "DTLS-based configurations"
visible if MBEDTLS_SSL_PROTO_DTLS
config MBEDTLS_SSL_DTLS_CONNECTION_ID
bool "Support for the DTLS Connection ID extension"
depends on MBEDTLS_SSL_PROTO_DTLS
default n
help
Enable support for the DTLS Connection ID extension which allows to
identify DTLS connections across changes in the underlying transport.
The Connection ID extension is still in draft state.
Refer: version draft-ietf-tls-dtls-connection-id-05
config MBEDTLS_SSL_CID_IN_LEN_MAX
int "Maximum length of CIDs used for incoming DTLS messages"
default 32
range 0 32
depends on MBEDTLS_SSL_DTLS_CONNECTION_ID
help
Maximum length of CIDs used for incoming DTLS messages
config MBEDTLS_SSL_CID_OUT_LEN_MAX
int "Maximum length of CIDs used for outgoing DTLS messages"
default 32
range 0 32
depends on MBEDTLS_SSL_DTLS_CONNECTION_ID
help
Maximum length of CIDs used for outgoing DTLS messages
config MBEDTLS_SSL_CID_PADDING_GRANULARITY
int "Record plaintext padding (for DTLS 1.2)"
default 16
range 0 32
depends on MBEDTLS_SSL_DTLS_CONNECTION_ID
help
Controls the use of record plaintext padding when
using the Connection ID extension in DTLS 1.2.
The padding will always be chosen so that the length of the
padded plaintext is a multiple of the value of this option.
Notes:
A value of 1 means that no padding will be used for outgoing records.
On systems lacking division instructions, a power of two should be preferred.
config MBEDTLS_SSL_DTLS_SRTP
bool "Enable support for negotiation of DTLS-SRTP (RFC 5764)"
depends on MBEDTLS_SSL_PROTO_DTLS
default n
help
Enable support for negotiation of DTLS-SRTP (RFC 5764) through the use_srtp extension.
See mbedTLS documentation for required API and more details.
Disabling this option will save some code size.
endmenu
config MBEDTLS_SSL_CONTEXT_SERIALIZATION
bool "Enable serialization of the TLS context structures"
default n
help
Enable serialization of the TLS context structures
This is a local optimization in handling a single, potentially long-lived connection.
See mbedTLS documentation for required API and more details.
Disabling this option will save some code size.
config MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
bool "Keep peer certificate after handshake completion"
default y
help
Keep the peer's certificate after completion of the handshake.
Disabling this option will save about 4kB of heap and some code size.
See mbedTLS documentation for required API and more details.
menuconfig MBEDTLS_ECP_C
bool "Elliptic Curve Ciphers"
default y

285
components/mbedtls/port/include/mbedtls/esp_config.h
View File

@ -1,12 +1,13 @@
/**
*
* \brief Default mbedTLS configuration options for esp-idf
* \brief Default mbedTLS configuration options for ESP-IDF
*
* This set of compile-time options may be used to enable
* or disable features selectively, and reduce the global
* memory footprint.
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -20,8 +21,6 @@
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#ifndef ESP_CONFIG_H
@ -310,18 +309,54 @@
*
* \note This option only works with the default software implementation of
* elliptic curve functionality. It is incompatible with
* MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
* MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT
* and MBEDTLS_ECDH_LEGACY_CONTEXT.
*/
#ifdef CONFIG_MBEDTLS_ECP_RESTARTABLE
#define MBEDTLS_ECP_RESTARTABLE
#endif
/**
* \def MBEDTLS_ECDH_LEGACY_CONTEXT
*
* Use a backward compatible ECDH context.
*
* Mbed TLS supports two formats for ECDH contexts (#mbedtls_ecdh_context
* defined in `ecdh.h`). For most applications, the choice of format makes
* no difference, since all library functions can work with either format,
* except that the new format is incompatible with MBEDTLS_ECP_RESTARTABLE.
* The new format used when this option is disabled is smaller
* (56 bytes on a 32-bit platform). In future versions of the library, it
* will support alternative implementations of ECDH operations.
* The new format is incompatible with applications that access
* context fields directly and with restartable ECP operations.
*
* Define this macro if you enable MBEDTLS_ECP_RESTARTABLE or if you
* want to access ECDH context fields directly. Otherwise you should
* comment out this macro definition.
*
* This option has no effect if #MBEDTLS_ECDH_C is not enabled.
*
* \note This configuration option is experimental. Future versions of the
* library may modify the way the ECDH context layout is configured
* and may modify the layout of the new context type.
*/
#ifdef CONFIG_MBEDTLS_ECDH_LEGACY_CONTEXT
#define MBEDTLS_ECDH_LEGACY_CONTEXT
#endif
/**
* \def MBEDTLS_CMAC_C
*
* Enable the CMAC (Cipher-based Message Authentication Code) mode for block
* ciphers.
*
* \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying
* implementation of the CMAC algorithm is provided by an alternate
* implementation, that alternate implementation may opt to not support
* AES-192 or 3DES as underlying block ciphers for the CMAC operation.
*
* Module: library/cmac.c
*
* Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
@ -339,6 +374,7 @@
*
* Comment macros to disable the curve and functions for it
*/
/* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */
#ifdef CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED
#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
#else
@ -394,12 +430,12 @@
#else
#undef MBEDTLS_ECP_DP_BP512R1_ENABLED
#endif
/* Montgomery curves (supporting ECP) */
#ifdef CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
#else
#undef MBEDTLS_ECP_DP_CURVE25519_ENABLED
#endif
#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED
#undef MBEDTLS_ECP_DP_CURVE448_ENABLED
#endif
@ -427,7 +463,7 @@
* may result in a compromise of the long-term signing key. This is avoided by
* the deterministic variant.
*
* Requires: MBEDTLS_HMAC_DRBG_C
* Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C
*
* Comment this macro to disable deterministic ECDSA.
*/
@ -668,7 +704,7 @@
*
* Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
*
* Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
* Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@ -696,7 +732,7 @@
*
* Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
*
* Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
* Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@ -850,6 +886,69 @@
*/
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
/**
* \def MBEDTLS_SSL_DTLS_CONNECTION_ID
*
* Enable support for the DTLS Connection ID extension
* (version draft-ietf-tls-dtls-connection-id-05,
* https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05)
* which allows to identify DTLS connections across changes
* in the underlying transport.
*
* Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`,
* `mbedtls_ssl_get_peer_cid()` and `mbedtls_ssl_conf_cid()`.
* See the corresponding documentation for more information.
*
* \warning The Connection ID extension is still in draft state.
* We make no stability promises for the availability
* or the shape of the API controlled by this option.
*
* The maximum lengths of outgoing and incoming CIDs can be configured
* through the options
* - MBEDTLS_SSL_CID_OUT_LEN_MAX
* - MBEDTLS_SSL_CID_IN_LEN_MAX.
*
* Requires: MBEDTLS_SSL_PROTO_DTLS
*
* Uncomment to enable the Connection ID extension.
*/
#ifdef CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
#else
#undef MBEDTLS_SSL_DTLS_CONNECTION_ID
#endif
/**
* \def MBEDTLS_SSL_CONTEXT_SERIALIZATION
*
* Enable serialization of the TLS context structures, through use of the
* functions mbedtls_ssl_context_save() and mbedtls_ssl_context_load().
*
* This pair of functions allows one side of a connection to serialize the
* context associated with the connection, then free or re-use that context
* while the serialized state is persisted elsewhere, and finally deserialize
* that state to a live context for resuming read/write operations on the
* connection. From a protocol perspective, the state of the connection is
* unaffected, in particular this is entirely transparent to the peer.
*
* Note: this is distinct from TLS session resumption, which is part of the
* protocol and fully visible by the peer. TLS session resumption enables
* establishing new connections associated to a saved session with shorter,
* lighter handshakes, while context serialization is a local optimization in
* handling a single, potentially long-lived connection.
*
* Enabling these APIs makes some SSL structures larger, as 64 extra bytes are
* saved after the handshake to allow for more efficient serialization, so if
* you don't need this feature you'll save RAM by disabling it.
*
* Comment to disable the context serialization APIs.
*/
#ifdef CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION
#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
#else
#undef MBEDTLS_SSL_CONTEXT_SERIALIZATION
#endif
/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
*
* Enable support for Encrypt-then-MAC, RFC 7366.
@ -874,8 +973,8 @@
/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
*
* Enable support for Extended Master Secret, aka Session Hash
* (draft-ietf-tls-session-hash-02).
* Enable support for RFC 7627: Session Hash and Extended Master Secret
* Extension.
*
* This was introduced as "the proper fix" to the Triple Handshake familiy of
* attacks, but it is recommended to always use it (even if you disable
@ -897,7 +996,8 @@
/**
* \def MBEDTLS_SSL_FALLBACK_SCSV
*
* Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
* Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV)
* for Preventing Protocol Downgrade Attacks.
*
* For servers, it is recommended to always enable this, unless you support
* only one version of TLS, or know for sure that none of your clients
@ -911,6 +1011,32 @@
*/
#define MBEDTLS_SSL_FALLBACK_SCSV
/**
* \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
*
* This option controls the availability of the API mbedtls_ssl_get_peer_cert()
* giving access to the peer's certificate after completion of the handshake.
*
* Unless you need mbedtls_ssl_peer_cert() in your application, it is
* recommended to disable this option for reduced RAM usage.
*
* \note If this option is disabled, mbedtls_ssl_get_peer_cert() is still
* defined, but always returns \c NULL.
*
* \note This option has no influence on the protection against the
* triple handshake attack. Even if it is disabled, Mbed TLS will
* still ensure that certificates do not change during renegotiation,
* for exaple by keeping a hash of the peer's certificate.
*
* Comment this macro to disable storing the peer's certificate
* after the handshake.
*/
#ifdef CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
#else
#undef MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
#endif
/**
* \def MBEDTLS_SSL_PROTO_TLS1
*
@ -935,6 +1061,9 @@
* Requires: MBEDTLS_MD5_C
* MBEDTLS_SHA1_C
*
* \deprecated This option is deprecated and will be removed in a future
* version of Mbed TLS.
*
* Comment this macro to disable support for SSL 3.0
*/
#ifdef CONFIG_MBEDTLS_SSL_PROTO_SSL3
@ -1092,6 +1221,41 @@
#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
#endif
/**
* \def MBEDTLS_SSL_DTLS_SRTP
*
* Enable support for negotiation of DTLS-SRTP (RFC 5764)
* through the use_srtp extension.
*
* \note This feature provides the minimum functionality required
* to negotiate the use of DTLS-SRTP and to allow the derivation of
* the associated SRTP packet protection key material.
* In particular, the SRTP packet protection itself, as well as the
* demultiplexing of RTP and DTLS packets at the datagram layer
* (see Section 5 of RFC 5764), are not handled by this feature.
* Instead, after successful completion of a handshake negotiating
* the use of DTLS-SRTP, the extended key exporter API
* mbedtls_ssl_conf_export_keys_ext_cb() should be used to implement
* the key exporter described in Section 4.2 of RFC 5764 and RFC 5705
* (this is implemented in the SSL example programs).
* The resulting key should then be passed to an SRTP stack.
*
* Setting this option enables the runtime API
* mbedtls_ssl_conf_dtls_srtp_protection_profiles()
* through which the supported DTLS-SRTP protection
* profiles can be configured. You must call this API at
* runtime if you wish to negotiate the use of DTLS-SRTP.
*
* Requires: MBEDTLS_SSL_PROTO_DTLS
*
* Uncomment this to enable support for use_srtp extension.
*/
#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_DTLS_SRTP
#else
#undef MBEDTLS_SSL_DTLS_SRTP
#endif
/**
* \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
*
@ -1176,6 +1340,21 @@
#define MBEDTLS_SSL_TRUNCATED_HMAC
/**
* \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
*
* When this option is enabled, the SSL buffer will be resized automatically
* based on the negotiated maximum fragment length in each direction.
*
* Requires: MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
*/
#if defined MBEDTLS_SSL_MAX_FRAGMENT_LENGTH && CONFIG_MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
#else
#undef MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
#endif
/**
*
* \def MBEDTLS_VERSION_FEATURES
*
* Allow run-time checking of compile-time enabled features. Thus allowing users
@ -1641,7 +1820,9 @@
* This module is used by the following key exchanges:
* ECDHE-ECDSA
*
* Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
* Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C,
* and at least one MBEDTLS_ECP_DP_XXX_ENABLED for a
* short Weierstrass curve.
*/
#ifdef CONFIG_MBEDTLS_ECDSA_C
#define MBEDTLS_ECDSA_C
@ -1719,11 +1900,11 @@
/**
* \def MBEDTLS_GCM_C
*
* Enable the Galois/Counter Mode (GCM) for AES.
* Enable the Galois/Counter Mode (GCM).
*
* Module: library/gcm.c
*
* Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
* Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C or MBEDTLS_ARIA_C
*
* This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
* requisites are enabled as well.
@ -2323,6 +2504,29 @@
#undef MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
#endif
/**
* \def MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
*
* If set, this enables the X.509 API `mbedtls_x509_crt_verify_with_ca_cb()`
* and the SSL API `mbedtls_ssl_conf_ca_cb()` which allow users to configure
* the set of trusted certificates through a callback instead of a linked
* list.
*
* This is useful for example in environments where a large number of trusted
* certificates is present and storing them in a linked list isn't efficient
* enough, or when the set of trusted certificates changes frequently.
*
* See the documentation of `mbedtls_x509_crt_verify_with_ca_cb()` and
* `mbedtls_ssl_conf_ca_cb()` for more information.
*
* Uncomment to enable trusted certificate callbacks.
*/
#ifdef CONFIG_MBEDTLS_X509_TRUSTED_CERT_CALLBACK
#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
#else
#undef MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
#endif
/**
* \def MBEDTLS_X509_CSR_WRITE_C
*
@ -2383,6 +2587,51 @@
*/
#define MBEDTLS_SSL_IN_CONTENT_LEN CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN
/** \def MBEDTLS_SSL_CID_IN_LEN_MAX
*
* The maximum length of CIDs used for incoming DTLS messages.
*
*/
#ifdef CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID
#define MBEDTLS_SSL_CID_IN_LEN_MAX CONFIG_MBEDTLS_SSL_CID_IN_LEN_MAX
#else
#undef MBEDTLS_SSL_CID_IN_LEN_MAX
#endif
/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX
*
* The maximum length of CIDs used for outgoing DTLS messages.
*
*/
#ifdef CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID
#define MBEDTLS_SSL_CID_OUT_LEN_MAX CONFIG_MBEDTLS_SSL_CID_OUT_LEN_MAX
#else
#undef MBEDTLS_SSL_CID_OUT_LEN_MAX
#endif
/** \def MBEDTLS_SSL_CID_PADDING_GRANULARITY
*
* This option controls the use of record plaintext padding
* when using the Connection ID extension in DTLS 1.2.
*
* The padding will always be chosen so that the length of the
* padded plaintext is a multiple of the value of this option.
*
* Note: A value of \c 1 means that no padding will be used
* for outgoing records.
*
* Note: On systems lacking division instructions,
* a power of two should be preferred.
*
*/
#ifdef CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID
#define MBEDTLS_SSL_CID_PADDING_GRANULARITY CONFIG_MBEDTLS_SSL_CID_PADDING_GRANULARITY
#else
#undef MBEDTLS_SSL_CID_PADDING_GRANULARITY
#endif
/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
*
* Maximum outgoing fragment length in bytes.
@ -2416,6 +2665,10 @@
* default. At the time of writing, there is no practical attack on the use
* of SHA-1 in handshake signatures, hence this option is turned on by default
* for compatibility with existing peers.
*
* \warning SHA-1 is considered a weak message digest and its use constitutes
* a security risk. If possible, we recommend avoiding dependencies
* on it, and considering stronger message digests instead.
*/
#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE