alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

NimBLE: Add optional mbedTLS support to NimBLE

Browse Source 
- Additional menuconfig option to select either mbedTLS or Tinycrypt from NimBLE.
- Addition of `CMAC` and `ECP_RESTARTABLE` to mbedTLS menuconfig option and
  `esp_config.h`.
- Changes NimBLE `component.mk` and `CMakeLists.txt` to support mbedTLS option.
- Minor changes to `app_mesh.c` application.
This commit is contained in:
Prasad Alatkar 2019-09-30 14:15:43 +08:00 committed by Mahavir Jain
parent ef5c3f3564
commit fe08f435dc
9 changed files with 94 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
components/bt/CMakeLists.txt
View File

@ -377,9 +377,13 @@ if(CONFIG_BT_ENABLED)
host/nimble/nimble/nimble/host/store/ram/include
host/nimble/nimble/nimble/host/store/config/include
host/nimble/nimble/porting/npl/freertos/include
host/nimble/nimble/ext/tinycrypt/include
host/nimble/esp-hci/include)
if(NOT CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS)
list(APPEND include_dirs
host/nimble/nimble/ext/tinycrypt/include)
list(APPEND srcs "host/nimble/nimble/ext/tinycrypt/src/utils.c"
"host/nimble/nimble/ext/tinycrypt/src/sha256.c"
"host/nimble/nimble/ext/tinycrypt/src/ecc.c"
@ -394,8 +398,10 @@ if(CONFIG_BT_ENABLED)
"host/nimble/nimble/ext/tinycrypt/src/hmac_prng.c"
"host/nimble/nimble/ext/tinycrypt/src/ecc_platform_specific.c"
"host/nimble/nimble/ext/tinycrypt/src/hmac.c"
"host/nimble/nimble/ext/tinycrypt/src/cbc_mode.c"
"host/nimble/nimble/nimble/host/util/src/addr.c"
"host/nimble/nimble/ext/tinycrypt/src/cbc_mode.c")
endif()
list(APPEND srcs "host/nimble/nimble/nimble/host/util/src/addr.c"
"host/nimble/nimble/nimble/host/services/gatt/src/ble_svc_gatt.c"
"host/nimble/nimble/nimble/host/services/tps/src/ble_svc_tps.c"
"host/nimble/nimble/nimble/host/services/ias/src/ble_svc_ias.c"

13
components/bt/component.mk
View File

@ -148,11 +148,12 @@ ifdef CONFIG_BLE_MESH
esp_ble_mesh/mesh_models/common \
esp_ble_mesh/mesh_models/client \
esp_ble_mesh/api/core \
esp_ble_mesh/api/models
esp_ble_mesh/api/models
endif
ifdef CONFIG_BT_NIMBLE_ENABLED
COMPONENT_ADD_INCLUDEDIRS += host/nimble/nimble/nimble/include \
host/nimble/nimble/nimble/host/include \
host/nimble/nimble/porting/nimble/include \
@ -167,14 +168,16 @@ COMPONENT_ADD_INCLUDEDIRS += host/nimble/nimble/nimble/include
host/nimble/nimble/nimble/host/util/include \
host/nimble/nimble/nimble/host/store/ram/include \
host/nimble/nimble/nimble/host/store/config/include \
host/nimble/nimble/ext/tinycrypt/include \
host/nimble/esp-hci/include \
host/nimble/port/include
ifndef CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS
COMPONENT_ADD_INCLUDEDIRS += host/nimble/nimble/ext/tinycrypt/include
endif
COMPONENT_SRCDIRS += host/nimble/nimble/nimble/host/src \
host/nimble/nimble/porting/nimble/src \
host/nimble/nimble/porting/npl/freertos/src \
host/nimble/nimble/ext/tinycrypt/src \
host/nimble/nimble/nimble/host/services/ans/src \
host/nimble/nimble/nimble/host/services/bas/src \
host/nimble/nimble/nimble/host/services/gap/src \
@ -187,6 +190,10 @@ COMPONENT_SRCDIRS += host/nimble/nimble/nimble/host/src
host/nimble/nimble/nimble/host/store/config/src \
host/nimble/esp-hci/src
ifndef CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS
COMPONENT_SRCDIRS += host/nimble/nimble/ext/tinycrypt/src
endif
COMPONENT_OBJEXCLUDE += host/nimble/nimble/nimble/host/store/config/src/ble_store_config_conf.o
ifdef CONFIG_BT_NIMBLE_MESH

13
components/bt/host/nimble/Kconfig.in
View File

@ -99,11 +99,11 @@ config BT_NIMBLE_SM_SC
Enable security manager secure connections
config BT_NIMBLE_DEBUG
bool "Enable host debugging"
bool "Enable extra runtime asserts and host debugging"
default n
depends on BT_NIMBLE_ENABLED
help
This enables extra runtime assertions
This enables extra runtime asserts and host debugging
config BT_NIMBLE_SVC_GAP_DEVICE_NAME
string "BLE GAP default device name"
@ -257,3 +257,12 @@ config BT_NIMBLE_MESH_DEVICE_NAME
help
This value defines Bluetooth Mesh device/node name
config BT_NIMBLE_CRYPTO_STACK_MBEDTLS
bool "Override TinyCrypt with mbedTLS for crypto computations"
default y
depends on BT_NIMBLE_ENABLED
select MBEDTLS_ECP_RESTARTABLE
select MBEDTLS_CMAC_C
help
Enable this option to choose mbedTLS instead of TinyCrypt for crypto
computations.

2
components/bt/host/nimble/nimble

@ -1 +1 @@
Subproject commit adcd9408695cb4f873f117eb8c92007455b2c066
Subproject commit 6c91a9a153c421231b686d30c822e53fea7510c0

4
components/bt/host/nimble/port/include/esp_nimble_cfg.h
View File

@ -567,6 +567,10 @@
#define MYNEWT_VAL_BLE_SM_THEIR_KEY_DIST (0)
#endif
#ifndef MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS
#define MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS (CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS)
#endif
#ifndef MYNEWT_VAL_BLE_STORE_MAX_BONDS
#define MYNEWT_VAL_BLE_STORE_MAX_BONDS CONFIG_BT_NIMBLE_MAX_BONDS
#endif

13
components/mbedtls/Kconfig
View File

@ -116,6 +116,19 @@ menu "mbedTLS"
default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG
default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE
config MBEDTLS_ECP_RESTARTABLE
bool "Enable mbedTLS ecp restartable"
default n
help
Enable "non-blocking" ECC operations that can return early and be resumed.
config MBEDTLS_CMAC_C
bool "Enable CMAC mode for block ciphers"
default n
help
Enable the CMAC (Cipher-based Message Authentication Code) mode for
block ciphers.
config MBEDTLS_HARDWARE_AES
bool "Enable hardware AES acceleration"
default y

2
components/mbedtls/mbedtls

@ -1 +1 @@
Subproject commit 97959e77912524bd8db7cbb2e00fc9f6189f7a82
Subproject commit f5f2e5926cd294ae7cb579ff6a12ad9303caeb6e

43
components/mbedtls/port/include/mbedtls/esp_config.h
View File

@ -218,7 +218,7 @@
/**
* \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES & MBEDTLS_ARC4_C
*
*
* MBEDTLS_ARC4_C
* Enable the ARCFOUR stream cipher.
*
@ -253,6 +253,47 @@
#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
#endif
/**
* \def MBEDTLS_ECP_RESTARTABLE
*
* Enable "non-blocking" ECC operations that can return early and be resumed.
*
* This allows various functions to pause by returning
* #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
* #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
* order to further progress and eventually complete their operation. This is
* controlled through mbedtls_ecp_set_max_ops() which limits the maximum
* number of ECC operations a function may perform before pausing; see
* mbedtls_ecp_set_max_ops() for more information.
*
* This is useful in non-threaded environments if you want to avoid blocking
* for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
*
* Uncomment this macro to enable restartable ECC computations.
*
* \note This option only works with the default software implementation of
* elliptic curve functionality. It is incompatible with
* MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
*/
#ifdef CONFIG_MBEDTLS_ECP_RESTARTABLE
#define MBEDTLS_ECP_RESTARTABLE
#endif
/**
* \def MBEDTLS_CMAC_C
*
* Enable the CMAC (Cipher-based Message Authentication Code) mode for block
* ciphers.
*
* Module: library/cmac.c
*
* Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
*
*/
#ifdef CONFIG_MBEDTLS_CMAC_C
#define MBEDTLS_CMAC_C
#endif
/**
* \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
*

5
examples/bluetooth/nimble/blemesh/main/app_mesh.c
View File

@ -32,7 +32,7 @@
#include "mesh/mesh.h"
static const char *tag = "NimBLE_MESH";
void ble_store_ram_init(void);
void ble_store_config_init(void);
#define BT_DBG_ENABLED (MYNEWT_VAL(BLE_MESH_DEBUG))
@ -418,6 +418,7 @@ void blemesh_host_task(void *param)
health_pub_init();
nimble_port_run();
nimble_port_freertos_deinit();
}
void app_main(void)
@ -438,7 +439,7 @@ void app_main(void)
bt_mesh_register_gatt();
/* XXX Need to have template for store */
ble_store_ram_init();
ble_store_config_init();
nimble_port_freertos_init(blemesh_host_task);
}