RX process caches the session information in "ssl->in_ctr" not in "ssl->in_buf".
So when freeing the SSL, can't free the "ssl->in_ctr", because the "ssl->in_buf"
is empty.
Make the RX process like TX process, and cache the session information in
"ssl->in_buf", so that the cache buffer can be freed when freeing the SSL.
Closes https://github.com/espressif/esp-idf/issues/6104
DMA process didnt wait for idle before returning.
This meant that there was a potential for the dma
descriptors which were on the stack to be reclaimed
before the DMA operation finished.
Note: besides the esp-netif component, this commit also disables
net_sockets.c from mbedtls, which is one of the base components and uses BSD API (not specifically lwIP). This might be refactored to use CONFIG_SUPPORT_BSD_API instead of CONFIG_ESP_NETIF_TCPIP_LWIP
in the future.
It also disables smartconfig_ack.c and wifi_init.c from esp_wifi
component for referencing some lwIP config options (smartconfig_ack.c changes might be also
updated to check CONFIG_SUPPORT_BSD_API)
Merges https://github.com/espressif/esp-idf/pull/5856
Fixed MBEDTLS_SSL_PROTO_TLS1_1 still being defined even ifCONFIG_MBEDTLS_SSL_PROTO_TLS1_1 is not
Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
Merges https://github.com/espressif/esp-idf/pull/5675
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
* Add options to mbedtls for hardware acceleration
* Disable mbedtls EC curves if hardware acceleration is selected
since the hardware will have to define the curves supported
* Add a hardware ecdsa example
Earlier check was for only input buffer but it is quite likely to have
output buffer also from non-DMA memory range and hence requirement to
reallocate and then copy data from AES engine.
The GCM hardware accelerated algorithm for S2 would sometimes output
the wrong tag.
Added additional tests for AES and GCM
Re-enable HW GCM as default option
Configurable option to use IRAM as byte accessible memory (in single core mode) using
load-store (non-word aligned and non-word size IRAM access specific) exception handlers.
This allows to use IRAM for use-cases where certain performance penalty
(upto 170 cpu cycles per load or store operation) is acceptable. Additional configuration
option has been provided to redirect mbedTLS specific in-out content length buffers to
IRAM (in single core mode), allows to save 20KB per TLS connection.
this issue is mainly exposed when using larger (4096) client key in TLS mutual auth,
since it uses multiplications > 2048 when mbedtls_mpi_mul_mpi is used in recursion,
which works only if both operands point to different location than result since
mpi_mult_mpi_overlong() called mbedtls_mpi_grow() to reallocate buffers used in previous
pointer arithmetics and thus corrupting it. Fixed by growing the mpi buffer before
calling mpi_mult_mpi_overlong()
