Aditya Patwardhan
4582af75b8
mbedtls: Update licenses of files updated in mbedtls-3.1 update
2022-03-04 05:18:58 +00:00
Ivan Grokhotkov
c19203be0e
mbedtls: disable files generation, specify Python interpreter to use
...
When GEN_FILES is enabled, Perl interpreter should be available. There
is a check in mbedTLS that disables GEN_FILES on Windows (where Perl
is not available by default) but it is broken for recent CMake
versions.
Also set Python interpreter to the one IDF uses, just to avoid calling
into some other Python version which CMake might manage to find.
2022-03-03 15:56:15 +01:00
Laukik Hase
f5feb7813e
mbedtls: Fix build errors related to TLS 1.3
...
- Kconfig: Enabled MBEDTLS_HKDF_C by default when TLS 1.3 support is enabled
- esp-tls (mbedtls): Forced client to use TLS 1.3 when TLS 1.3 support is enabled
2022-03-03 01:37:10 +05:30
Laukik Hase
0868513ddd
ci: Fix unit test failures
...
- protocomm: Fix leakage due to ECDH context not being
initialised and freed properly
- mbedtls (RSA): Added mandatory RNG parameter wherever required
Disabled `test performance RSA key operations` UT
- mbedtls (AES_GCM): Added mbedtls_gcm_update_ad() wherever required
for updating associated data
- unit_test_app: Fix build issue when heap tracing is enabled
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
8cbfb18037
mbedtls-3.x: Update Kconfig macros
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
8111286668
Add entropy_poll.h in port directory
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
a52144da04
Update mbedtls submodule to 3.1
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
66a9243d3b
mbedtls 3.X update:
...
*MBEDTLS_ECDH_LEGACY_CONTEXT is now disabled by default.
*Fixed MBEDTLS_ECDH_LEGACY_CONTEXT issue for protocomm component.
*Removed all code under MBEDTLS_DEPRECATED_REMOVED
2022-03-03 01:37:10 +05:30
Laukik Hase
3925365351
ci: Fix pre-check
stage failing tests
...
- Updated license headers
- Re-enabled public headers and static analysis checks
- Fix public header file check failure
Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
60b167f2d6
mbedtls-3.1 update: Removed the MBEDTLS_PRIVATE
from multiple files
...
after they have been again made public in mbedtls-3.1
*Added `MBEDTLS_ALLOW_PRIVATE_ACCESS` in some files.
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
3b71bd7326
mbedtls-3.0: Fixed ESP32 build issues
...
- Added MBEDLTS_PRIVATE(...) wherever necessary
- For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function
pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL
- For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this.
Currently, corresponding snippet has been commented.
- Examples tested: hello-world | https_request | wifi_prov_mgr
mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues
- Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port
- DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument
- Added MBEDTLS_PRIVATE(...) wherever required
mbedtls-3.0: Fixed ESP32-S2 build issues
- Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module
mbedtls-3.0: Fixed ESP32-H2 build issues
ci: Fixing build stage
- Added MBEDTLS_PRIVATE(...) wherever required
- Added RNG function parameter
- Updated GCM Module changes
- Updated Copyright notices
- Tests:
- build_esp_idf_tests_cmake_esp32
- build_esp_idf_tests_cmake_esp32s2
- build_esp_idf_tests_cmake_esp32c3
- build_esp_idf_tests_cmake_esp32s3
ci: Fixing build stage (mbedtls-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
ci: Fixing build stage (example-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
ci: Fixing target_test stage
- Updated test SSL version to TLS_v1_2
- Tests:
- example_test_protocols 1/2
ci: Fixing build stage
- Added checks for MBEDTLS_DHM_C (disabled by default)
- Updated esp_cryptoauthlib submodule
- Updated factory partition size for legacy BLE provisioning example
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
Co-authored-by: Laukik Hase <laukik.hase@espressif.com>
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
45122533e0
mbedtls-3 update:
...
1) Fix build issue in mbedtls
2) skip the public headers check in IDF
3)Update Kconfig Macros
4)Remove deprecated config options
5) Update the sha API according to new nomenclature
6) Update mbedtls_rsa_init usage
7) Include mbedtls/build_info.h instead of mbedtls/config.h
8) Dont include check_config.h
9) Add additional error message in esp_blufi_api.h
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
0483bfbbfe
Initial Changes for updating mbedtls to v3.0
2022-03-03 01:37:09 +05:30
Darian Leung
57fd78f5ba
freertos: Remove legacy data types
...
This commit removes the usage of all legacy FreeRTOS data types that
are exposed via configENABLE_BACKWARD_COMPATIBILITY. Legacy types can
still be used by enabling CONFIG_FREERTOS_ENABLE_BACKWARD_COMPATIBILITY.
2022-02-09 23:05:45 +08:00
Laukik Hase
424c45df91
ci: Fix issues for build stage
...
- Fixed logs expecting different format specifier
- Updated ignore list for check_public_header test
- Updated functions ported from mbedTLS
2022-01-25 10:51:27 +05:30
Laukik Hase
befc93aa2d
mbedtls: Added option MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
...
- Removed code regarding MBEDTLS_DYNAMIC_FREE_PEER_CERT
(config was kept for backward compatibility)
- Combined mbedTLS v2.28.x related options under a separate Kconfig menu
2022-01-25 10:51:27 +05:30
Laukik Hase
8bf7882e84
mbedtls: Moved mbedtls_mpi_mul_int to port layer
2022-01-25 10:51:27 +05:30
Laukik Hase
285790e5aa
mbedtls: Added config options for v2.28.0 upgrade
2022-01-25 10:51:27 +05:30
Laukik Hase
547d5f84b8
mbedtls: Upgrade to v2.28.0
2022-01-25 10:51:27 +05:30
laokaiyao
cf049e15ed
esp8684: rename target to esp32c2
2022-01-19 11:08:57 +08:00
Marius Vikhammer
6566c1f394
Merge branch 'bugfix/rsa_gen_key_test' into 'master'
...
mpi: reduce RSA generate key test key size
See merge request espressif/esp-idf!16837
2022-01-18 08:53:15 +00:00
Marius Vikhammer
b9415373d3
mpi: reduce RSA generate key test key size
...
Reduce key size to make the test run faster in CI, reduce the chance of timeouts.
2022-01-18 10:06:38 +08:00
Marius Vikhammer
ef3724411e
AES: improve AES-GCM test coverage.
2022-01-14 10:55:06 +08:00
Mahavir Jain
397639da7d
Merge branch 'feature/rsa_intr' into 'master'
...
MPI: add kconfig option for doing intr-based exp-mod operations
Closes IDF-4389
See merge request espressif/esp-idf!16558
2022-01-07 13:27:53 +00:00
Marius Vikhammer
ba3f12a9fe
rsa: add generate RSA keys test case
2022-01-07 11:35:35 +08:00
Marius Vikhammer
a9a7160cb6
MPI: add kconfig option for doing intr-based exp-mod operations
2021-12-29 18:55:48 +08:00
Sudeep Mohanty
e22b4007d3
esp_hw_support: Removed deprecated CPU util functions
...
The following files were deleted:
- components/esp_hw_support/include/soc/cpu.h
- components/soc/esp32s3/include/soc/cpu.h
The following functions are deprecated:
- get_sp()
The following functions declared in soc/cpu.h are now moved to esp_cpu.h:
- esp_cpu_configure_region_protection()
The following functions declared in soc/cpu.h are now moved to components/xtensa/include/esp_cpu_utils.h:
- esp_cpu_process_stack_pc()
All files with soc/cpu.h inclusion are updated to include esp_cpu.h instead.
Signed-off-by: Sudeep Mohanty <sudeep.mohanty@espressif.com>
2021-12-28 16:58:37 +05:30
Mahavir Jain
1f435b4703
Merge branch 'feature/mbedtls_dynamic_memory' into 'master'
...
fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable...
Closes IDFGH-6437
See merge request espressif/esp-idf!16471
2021-12-22 08:19:14 +00:00
Li Jingyi
2b1402890d
fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable MBEDTLS_SSL_PROTO_DTLS when open MBEDTLS_DYNAMIC_BUFFER
2021-12-21 16:11:03 +08:00
Mahavir Jain
36c712368d
mbedtls: upgrade to release v2.16.12
...
For release notes, please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12
2021-12-20 10:28:14 +05:30
Mahavir Jain
bcadeeb7d3
mbedtls: small documentation update
2021-12-20 10:27:44 +05:30
Marius Vikhammer
97e05c6f8b
crypto: also apply cache writeback/invalidate for SPIRAM_USE_MEMMAP
...
Closes https://github.com/espressif/esp-idf/issues/7944
2021-12-08 12:09:01 +08:00
Marius Vikhammer
7fc7c49e5d
crypto: allocate all DMA descriptors to DMA capable memory.
...
These were previously placed on the stack, but the stack could be placed in
RTC RAM which is not DMA capable.
2021-12-08 12:09:01 +08:00
Mahavir Jain
8fadcd844e
Merge branch 'feature/mbedtls_dynamic_memory' into 'master'
...
feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost
Closes IDF-4402
See merge request espressif/esp-idf!15323
2021-12-03 04:55:01 +00:00
Li Jingyi
981ef057c4
feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost
2021-12-01 17:15:25 +08:00
Tomas Rezucha
ebaca79557
other: Move cbor, jsmn and libsodium to idf-component-manager
...
Marginal components are being carved out from esp-idf and moved to
https://github.com/espressif/idf-extra-components .
They are distributed via idf-component-manager, see
https://components.espressif.com .
2021-11-30 21:44:48 +01:00
Mahavir Jain
92b1ea2199
Merge branch 'bugfix/hardware_mpi_fallback_issue' into 'master'
...
mbedtls: fix hardware MPI (bignum) related regression
See merge request espressif/esp-idf!15854
2021-11-29 11:19:51 +00:00
Mahavir Jain
12fee76695
esp_bignum: move check for supported MPI bits at start of API
...
This can allow hardware MPI API to return as soon as it identifies
that it can handle require bitlength operation.
2021-11-29 15:13:05 +08:00
Mahavir Jain
5d9392d999
mbedtls: update mbedtls submodule pointer for MPI API change
2021-11-29 15:13:05 +08:00
Mahavir Jain
c097e6bcab
mbedtls: fix hardware MPI (bignum) related regression
...
In commit de22f3a4e5
, combination of
hardware and software MPI (bignum) related approach was used to
work around chip (e.g. ESP32-C3) limitation of max 3072 bits support.
This was done using linker "--wrap" flag but since the relevant API is
being used in same translation (compilation unit), hardware mode was not
getting used in some cases (e.g., RSA key generation).
This commit modified internal mbedTLS API and makes software+hardware
combination deterministic.
2021-11-29 15:13:05 +08:00
Mahavir Jain
1a390f4518
mbedtls: update kconfig help to correct on supported MPI bits
2021-11-29 15:13:02 +08:00
Cao Sen Miao
eddc196081
esp_clk: refactor target/clk.h to private/esp_clk.h
2021-11-26 14:56:30 +08:00
Roland Dobai
766aa57084
Build & config: Remove leftover files from the unsupported "make" build system
2021-11-11 15:32:36 +01:00
morris
16677b0d3c
global: make periph enable/disable APIs private
...
peripheral enable/disable usually should be managed by driver itself,
so make it as espressif private APIs, not recommended for user to use it
in application code.
However, if user want to re-write the driver or ports to other platform,
this is still possible by including the header in this way:
"esp_private/peripheral_ctrl.h"
2021-11-08 10:37:47 +08:00
Cao Sen Miao
5add6593f4
ESP8684: Add esp_gdbstub, mbedtls, esp_timer
2021-11-06 17:33:45 +08:00
Marius Vikhammer
f578a67ec7
Merge branch 'bugfix/aes_gcm_unaligned_psram' into 'master'
...
aes: fix potential unaligned access in aes-gcm
Closes IDFGH-5506
See merge request espressif/esp-idf!15668
2021-11-04 02:23:57 +00:00
Marius Vikhammer
1cb07a1288
aes: fix potential unaligned access in aes-gcm
2021-11-03 14:10:11 +08:00
Mahavir Jain
f7ed95349f
mbedtls: fix dynamic buffer feature build
2021-11-02 15:52:09 +08:00
Mahavir Jain
8c9a3da695
mbedtls: disable Diffie-Hellman key exchange modes by default
...
Using these ciphers can constitute a security risk if the server
uses a weak prime for the key exchange.
Footprint impact:
Roughly 3K saved in text+rodata in default https_request example
2021-11-02 15:52:09 +08:00
Aditya Patwardhan
2d1f18efea
Updated the cacrt_all.pem file with latest Root certificate list.
2021-10-17 00:01:37 +08:00