Commit Graph

17 Commits

Author SHA1 Message Date
Aditya Patwardhan
bf513b6f31 Fix esp_tls: Prevent freeing of global ca store after each connection
when dynamic ssl buffers are enabled
2021-02-25 00:26:13 +00:00
Aditya Patwardhan
0175c68400 esp_tls: Fix misplaced paranthesis in esp_tls_mbedtls.c
Fixes one part of -  https://github.com/espressif/esp-idf/issues/6440
2021-02-10 02:07:58 +00:00
Aditya Patwardhan
1a09e16af2 esp_tls: Fix memory leak when esp-tls server session is deleted 2021-01-21 01:17:23 +00:00
Aditya Patwardhan
cddb8c29e6 esp-tls: Fix mem leak when global_ca_store is freed 2021-01-21 01:17:23 +00:00
Aditya Patwardhan
0841d2bc75 esp_tls: Add warning if the CA chain provided contains one/more invalid
cert
2021-01-11 03:20:35 +00:00
Aditya Patwardhan
ca964dfbcc esp-tls: Changed default behaviour for esp-tls client ( for security
purpose)
        By default esp-tls client will now return error if no server verify option
        is provided, earlier it used to skip the verification by
        default.
        Added config option to skip server verification by default (for testing
        purpose)
        Updated required docs
2021-01-05 07:33:32 +00:00
Aditya Patwardhan
95d9533294 esp-tls : (Fix) update tls->sockfd value after socket is freed internally
Closes https://github.com/espressif/esp-idf/issues/6163
2020-12-02 03:47:15 +00:00
David Cermak
ce519ee783 tcp_transport: Extend transport error storage for socket error
Everytime we report error and log errno, we also capture the actual
errno to an internal storage so that user application can retrieve
its value.
2020-11-12 12:46:22 +00:00
Aditya Patwardhan
47f7c6a991 esp32s2/esp_ds: Digital Signature software support
1)Added support for alt rsa sign implementation with DS peripheral (
through ESP-TLS - mbedTLS SSL/TLS stack)
2020-09-22 18:31:31 +05:30
Mahavir Jain
52469c8505 esp-tls: enable TLS renegotiation using explicit API call
mbedTLS stack does not keep TLS renegotiation enabled even if
relevant config option is turned on, it needs explicit API call
`mbedtls_ssl_conf_renegotiation` to do so.

This issue was observed in case of Azure IoT, where keys needs to
be refreshed periodically to keep TLS connection intact.
2020-07-03 05:52:22 +00:00
Aditya Patwardhan
423e600d46 secure_element: atecc608_ecdsa example
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl

Closes https://github.com/espressif/esp-idf/issues/4432
2020-05-21 13:08:30 +05:30
Mahavir Jain
7a2ea9b7f7 esp-tls: add support for using hardware security module 2020-05-20 22:52:37 +05:30
Marius Vikhammer
947e3e94ed Add ESP certificate bundle feature
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.

Default bundle includes all Mozilla root certificates

Closes IDF-296
2020-03-04 10:51:43 +08:00
David Cermak
b69ac4448e tcp_transport: added API for client-key password 2020-01-06 21:16:24 +00:00
Marius Vikhammer
ed85046138 tcp_transport: added functionality for using ALPN with SSL
Closes IDF-1160
2019-11-13 11:33:13 +08:00
Aditya Patwardhan
988f0c8feb ESP_TLS: Generalizing error messages for esp_tls
:Replace mbedtls specific error messages
2019-10-28 16:05:31 +05:30
Aditya Patwardhan
f7eaa5f946 ESP_TLS: Restructuring esp_tls
1)Segregating mbedtls API into seperate file and cleaned esp_tls.c
2)Added support for wolfssl for CMake and make
3)Added support for debug_wolfssl (with menuconfig option)
4)Added info on wolfssl in ESP-TLS docs
2019-10-28 16:05:22 +05:30