Commit Graph

184 Commits

Author SHA1 Message Date
Harshit Malpani
07f2cbeb0c
fix(esp-tls): Use TLS 1.2 and TLS 1.3 simultaneously
This commit fixes the issue with TLS 1.2 connection when TLS 1.3 is
enabled in config.
2024-05-02 16:57:50 +05:30
Harshit Malpani
ff03fd934a
fix(esp-tls): Retry reads if using session tickets with TLS 1.3
Fixed the error that occurred while performing OTA upgrades over
TLS 1.3 connection. After handshake is completed, post-handshake message
is received and internal state is changed. While performing mbedtls_ssl_read(),
it checks handshake state and if it is not MBEDTLS_SSL_HANDSHAKE_OVER,
mbedtls_ssl_handshake is called again.
2024-05-02 16:55:34 +05:30
Mahavir Jain
499b579986
esp_tls: add initial support for TLS 1.3 connection 2024-05-02 16:53:37 +05:30
Jiang Jiang Jian
9f76b1a57b Merge branch 'fix/wrong_order_of_includes_in_esp_tls_v5.1' into 'release/v5.1'
fix(esp-tls): Fix missing header files in esp_tls_errors.h header file (v5.1)

See merge request espressif/esp-idf!27704
2023-12-12 13:44:36 +08:00
harshal.patil
4c30f2a4a0 fix(mbedtls): move interrupt allocation during initialization phase 2023-12-11 06:46:24 +00:00
Harshit Malpani
1bce7d255d fix(esp-tls): Add headers in esp_tls_errors.h header file
Closes https://github.com/espressif/esp-idf/issues/12541
2023-12-07 10:13:43 +00:00
Harshit Malpani
37836b3c62
feat: ECDSA peripheral while performing http connection with mutual auth 2023-11-17 16:24:10 +05:30
Alex
1360b5fa83
fix(esp-tls): fix pointer cast and condition for CONFIG_ATECC608A_TCUSTOM
Closes https://github.com/espressif/esp-idf/pull/11923
2023-08-23 15:49:56 +05:30
Aditya Patwardhan
e24e674e2f
esp-tls: Added getter/setter function for the conn_state.
* Added the setter function to set the connection sockfd value
Closes https://github.com/espressif/esp-idf/issues/10871
2023-04-24 14:49:26 +05:30
Aditya Patwardhan
7c8e8557a6 Merge branch 'bugfix/esp_tls_coverity_warning' into 'master'
Fix coverity warning in esp-tls component

See merge request espressif/esp-idf!22934
2023-03-31 15:22:58 +08:00
boarchuz
0c85f7407e
fix preprocessor log condition in esp_tls_mbedtls 2023-03-30 14:08:57 +11:00
Mahavir Jain
496cd83944
Fix coverity warning in esp-tls component
The regressions was introduced in the commit: 0abd1cb51f
2023-03-27 12:03:49 +05:30
Mahavir Jain
8d90249829 Merge branch 'contrib/github_pr_10967' into 'master'
[esp-tls] Add addr_family option to esp_tls_cfg_t (GitHub PR)

Closes IDFGH-9620

See merge request espressif/esp-idf!22892
2023-03-24 18:02:31 +08:00
Marius Vikhammer
75591a8a13 Merge branch 'ci/driver_single_board' into 'master'
ci: update test apps to use run_all_single_board_cases

See merge request espressif/esp-idf!22669
2023-03-13 09:25:42 +08:00
Mark H. Spatz
0abd1cb51f [esp-tls] Add addr_family option to esp_tls_cfg_t 2023-03-12 17:41:30 -04:00
Marius Vikhammer
0be8e03907 ci: update test apps to use run_all_single_board_cases 2023-03-10 14:27:09 +08:00
Harshit Malpani
866e6b0d6b
esp-tls: Fix esp-tls component to resolve esp_http_client example failure for Linux target.
esp_http_client does not use lwip component when building for linux target. Using lwip configs directly in esp-tls caused the test failures
2023-03-08 14:56:04 +05:30
David Cermak
5f6cb31105 lwip: Support IPv6 only mode 2023-02-27 08:53:34 +01:00
Aditya Patwardhan
0d20f8816f esp-tls: Fix build issue when esp-tls server session tickets have been enabled.
Closes https://github.com/espressif/esp-idf/issues/10765
2023-02-24 04:45:23 +00:00
Omar Chebib
5e5343d429 TWDT: Use the new TWDT Kconfig options in the examples and tests 2023-02-17 11:22:25 +08:00
Cao Sen Miao
94120b82c2 esp32h2: add build test 2023-01-17 10:29:04 +08:00
Harshit Malpani
49ce5ada76
ci: Fix ci failures for target esp32c6 2023-01-04 11:20:52 +05:30
Harshit Malpani
43e4383bb7
esp-tls: fix build error without -Wno-format compile flag when building for Linux target 2023-01-04 11:17:27 +05:30
Harshit Malpani
aefd3b0aec
esp-tls: update esp-tls to support linux build 2023-01-04 11:17:27 +05:30
Laukik Hase
665ad3dbdb
esp_tls: Fix issue when timeout is not explicitly given in esp_tls_cfg_t
- If internet connectivity weakened or disappeared suddenly while we were
  in the TLS handshake stage, the app got stuck at that point indefinitely.
- This was because when timeout was not explicitly specified in esp_tls_cfg_t,
  the default timeout was set at the wrong place. This causes the sockets to be
  setup with zero timeout, hence the indefinite wait.
2022-12-16 10:20:21 +05:30
Nathan Phillips
057f5cb120 Distinguish 4 identical log messages
Say which certificate couldn't be parsed in each one.
2022-12-08 10:31:28 +00:00
Harshit Malpani
295507bc1b
esp-tls: use gettimeofday() instead of xTaskGetTickCount() 2022-11-29 11:04:54 +05:30
Aditya Patwardhan
c099209d7c esp-tls: Fix esp-cryptoauthlib built dependency when secure element
support is enabled
2022-11-11 16:13:15 +05:30
Aditya Patwardhan
14e64783e7 esp-tls/Kconfig: Fix dependency for ESP-TLS Server menuconfig option 2022-11-03 07:17:05 +00:00
Aditya Patwardhan
8ad4de7991 esp-tls: Add changes to the Cert selection callback PR. 2022-11-03 07:17:05 +00:00
Akos Vandra
e9e3dc7904 esp-tls: Add support for the CERTIFICATE SELECTION HOOK. The hook has access to required information so that the application can make a more informed decision on which certificate to serve (such as alpn value, server certificate type, etc.)
Closes https://github.com/espressif/esp-idf/pull/9833

Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
2022-11-03 07:17:05 +00:00
Song Ruo Jing
be0fdfa176 soc: Add a soc cap, SOC_CLK_RC_FAST_D256_SUPPORTED, for whether the target has the RC_FAST_D256 clock 2022-11-01 11:23:26 +08:00
yuanjianmin
ddbe6aa42a esp-tls: Fix memory leak in mbedtls ds peripheral when MBEDTLS_THREADING_C enabled 2022-10-13 14:17:42 +08:00
Yuan Jian Min
9a97cfbffc esp-tls: socket will be set to -1 and will not be closed
Closes https://github.com/espressif/esp-idf/issues/9847
2022-09-26 19:15:04 +08:00
harshal.patil
aaf8b5d98e ci: Migrate esp-tls unit tests from unit-test-app to component-test-app 2022-09-14 12:03:49 +05:30
Laukik Hase
6319970ab7
esp_tls/wpa_supplicant: Updated deprecated mbedtls APIs 2022-08-24 11:59:34 +05:30
Ivan Grokhotkov
401c10ecfb build system: re-add -Wno-format as private flag for some components 2022-08-03 16:42:47 +04:00
Marius Vikhammer
7e60e07a0a Merge branch 'feature/esp8684_sha' into 'master'
mbedtls: enable hw support for SHA on C2

Closes IDF-3830 and IDF-5141

See merge request espressif/esp-idf!18531
2022-06-23 14:18:49 +08:00
Marius Vikhammer
f4c79687f8 SHA: added hardware support for SHA on C2. 2022-06-23 11:01:16 +08:00
Aditya Patwardhan
8785d1687c esp_tls.h: Add note regarding default timeout_ms value 2022-06-21 16:33:52 +05:30
Aditya Patwardhan
2ea419db22 esp_tls_mbedtls.c: Fix esp-idf integration of esp-cryptoauthlib
menuconfig option
2022-06-03 23:12:11 +05:30
Michael (XIAO Xufeng)
6a8aed12ee ci: partially enable ut tests for esp32c2
Disabled test cases are tracked in:

 IDF-4465, IDF-5045, IDF-5057, IDF-5058, IDF-5059, IDF-5060, IDF-5061, IDF-5131

- test_fatfs: IDF-5136

- test_pm: IDF-5053

- test_cache_mmu: IDF-5138

- test_partitions: IDF-5137

- test_vfs: IDF-5139

- test_freertos: IDF-5140

- test_wpa_supplicant: IDF-5046

- test_mbedtls: IDF-5141

- test_pthread: IDF-5142

- test_protocomm: IDF-5143

- test_lightsleep: IDF-5053

- test_taskwdt: IDF-5055

- test_tcp_transport: IDF-5144

- test_app_update: IDF-5145

- test_timer: IDF-5052

- test_spi: IDF-5146

- test_rtc_clk: IDF-5060

- test_heap: IDF-5167

ci: fixed issues for tests of libgcc, ets_timer, newlib

test_pm: support on C2
2022-06-02 14:23:35 +08:00
Li Jingyi
6d58008119 esp-tls: add api to free client session
Free session with mbedtls api to avoid mem-leak
2022-05-23 16:28:40 +08:00
Aditya Patwardhan
aa9de02259 esp_tls.h: Clean up included header files. 2022-05-11 07:09:34 +00:00
Aditya Patwardhan
788c9ddf8d esp_tls: Added getter function for esp_tls ssl ctx. 2022-05-11 07:09:34 +00:00
Aditya Patwardhan
434e74ff73 esp_tls: Make esp_tls_t as private structure. 2022-05-11 07:09:34 +00:00
Ivan Grokhotkov
47659be5b8
build system: remove lwip from common requirements
lwip was added to common requirements list to provide "sys/socket.h"
header to all components without additional requirements specified.

However, lwip pulls in a lot of dependencies on other components.
This commit removes lwip from common requirements to reduce the number
of components in G1-only apps.

To compensate for this removal, the following changes are made:
- newlib (which is a common requirement) has a public dependency on
  lwip if lwip is present in the build. This ensures that sys/socket.h
  is available as long as lwip component is included into the build.
- lwip is now a public requirement of esp-tls since esp_tls.h includes
  sys/socket.h header.
- lwip is now a public requirement o esp_http_client because
  sys/socket.h is included from esp_http_client.h
- lwip is now a private requirement of esp_wifi for "smartconfig_ack"
- lwip is now a private requirement of mqtt for socket functions
- lwip is now a public requirement of tcp_transport because
  esp_transport_tcp.h includes sys/socket.h header.
- mbedtls checks if lwip component is present in the build. If yes,
  net_sockets.c is added to the build, along with the dependency on
  lwip. Previously lwip was a public requirement of mbedtls
  unconditionally.

system/g1_components test app is updated to reflect the changes

Default public dependencies of a component before and after this
change, except common requirements:

- esp_timer (public dependency of freertos)
- bootloader_support (public dependency of esp_hw_support)
- vfs (public dependency of lwip)
- esp_wifi (public dependency of lwip)
- esp_event (public dependency of esp_wifi)
- esp_netif (public dependency of esp_event)
- esp_eth (public dependency of esp_netif)
- esp_phy (public dependency of esp_wifi)

After:

- esp_timer (public dependency of freertos)
- bootloader_support (public dependency of esp_hw_support)

Altogether, the following components have been always added as
public requirements to all other components, and are not added now
([breaking-change]):

- lwip
- vfs
- esp_wifi
- esp_event
- esp_netif
- esp_eth
- esp_phy

Application components now need to explicitly declare dependencies on
these components.
2022-05-02 20:47:17 +02:00
Laukik Hase
864c59c091
esp_tls: Remove deprecated API
- Removed deprecated esp_tls_conn_new() viz. duplicated by
  esp_tls_conn_new_sync()
- Removed deprecated esp_tls_conn_delete()
- Marked esp_tls_conn_http_new() as deprecated, added alternative
  esp_tls_conn_http_new_sync() (similar to esp_tls_conn_http_new_async())
2022-04-20 12:18:25 +05:30
Laukik Hase
d7090b4d52 https_server: Add config option to min. cert. auth mode
- Added a config option to set the minimum Certificate Verification
  mode to Optional
- When this option is enabled, the peer (the client) certificate
  is checked by the server, however the handshake continues even if
  verification failed.
- By default, the peer certificate is not checked and ignored by the server.

Closes https://github.com/espressif/esp-idf/issues/8664
2022-03-29 08:57:36 +00:00
Aditya Patwardhan
4c58685c00 esp_https_server: Enable secure element support.
Closes https://github.com/espressif/esp-idf/issues/8286
2022-03-27 14:35:25 +05:30