Ivan Grokhotkov
7dada45d60
mbedtls: enable deprecation warnings when building unit tests
2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
dbc919eff5
mbedtls: update usage of mbedtls_aes_encrypt/decrypt
2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
aad51ea8a0
mbedtls/port: don’t re-declare mbedtls_shaX functions
...
ALT header files for sha1, sha256, sha512 are only supposed to declare
mbedtls_sha1_context data structure. Function prototypes should come
from original header files.
2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
254e29aca4
mbedtls: update usage of deprecated mbedtls_shaX APIs
...
The following mbedTLS APIs have been deprecated and replaced with the
new ones which return error codes:
mbedtls_shaX_starts -> mbedtls_shaX_starts_ret
mbedtls_shaX_update -> mbedtls_shaX_update_ret
mbedtls_shaX_finish -> mbedtls_shaX_finish_ret
mbedtls_shaX_process -> mbedtls_shaX_internal_process
Update hardware implementations of SHA functions, and other IDF
components which used above functions, to use new versions.
2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
e9cbf96bd1
mbedtls: re-add version 2.9.0 as a submodule
2018-05-09 23:15:28 +08:00
Angus Gratton
1cb5712463
cmake: Add component dependency support
...
Components should set the COMPONENT_REQUIRES & COMPONENT_PRIVATE_REQUIRES variables to define their
requirements.
2018-04-30 09:59:20 +10:00
Angus Gratton
88df8fd293
cmake: Use cmake_lint project, tidy up all CMake source files
2018-04-30 09:59:20 +10:00
Angus Gratton
ce6748873d
cmake: Add embedding files in components support
...
Add subscribe_publish AWS example and fixes to allow it to build.
2018-04-30 09:59:20 +10:00
Angus Gratton
c671a0c3eb
build system: Initial cmake support, work in progress
2018-04-30 09:59:20 +10:00
Paul Reimer
8a47679d04
Add #include guards and __cplusplus guards to esp_debug.h
...
Merges https://github.com/espressif/esp-idf/pull/1358
2017-12-07 10:25:57 +11:00
Ivan Grokhotkov
744896bde2
Merge branch 'bugfix/hardware_mpi_sign' into 'master'
...
hwcrypto mpi: Fix losing sign when multiplying by -1 (github PR)
Contribution from github: https://github.com/espressif/esp-idf/pull/1181/
See merge request !1471
2017-11-07 19:30:31 +08:00
Alexey Skalozub
5405255928
Fix losing sign when multiplying by -1
2017-10-28 03:47:00 +03:00
Andreas Pokorny
2a1906cf50
Ensure that C++ and C compilers get the same preprocessor setup
...
CPPFLAGS is applied for both languages while CFLAGS only for C
Signed-off-by: Andreas Pokorny <andreas.pokorny@siemens.com>
2017-10-26 13:04:41 +02:00
Angus Gratton
c503a01388
mbedtls: Rename net to net_sockets (in line with 2.4.0 API change)
2017-09-07 18:02:39 +10:00
Angus Gratton
3a08ec7b3d
mbedtls: Re-apply: MBEDTLS_SHA512_ALT also replaces mbedtls_sha512_process()
...
IDF-specific patch.
2017-09-07 18:02:26 +10:00
Angus Gratton
3142997830
mbedtls: Re-apply ECP memory leak fix
...
Fix not yet submitted upstream.
(Previously applied in ffefeef5ea271735884d656afac7a4155a57c87f)
2017-09-07 18:02:26 +10:00
Angus Gratton
736db688a8
mbedtls: Re-apply MBEDTLS_BIGNUM_ALT & related macros for custom bignum functions
...
(IDF-specific patch.)
2017-09-07 18:02:26 +10:00
Angus Gratton
ae382b3bfa
mbedtls: Update to 2.6.0 release (without IDF-specific patches)
2017-09-07 18:02:26 +10:00
Angus Gratton
8ce09c2c1c
mbedtls: Don't assign ctx->fd until connect() or bind() has succeeded
...
Avoid leaking closed file descriptors via ctx->fd
Reported: https://esp32.com/viewtopic.php?f=13&t=2910&sid=8568b1fd93a4c8d5760628a638efc48b#p13620
2017-09-05 11:08:35 +10:00
Angus Gratton
0ea4cd67dd
mbedtls: Remove "unsafe" warning, enable AES by default & make SHA/MPI optional
2017-08-25 16:08:03 +10:00
Angus Gratton
2624e10055
esp32 hwcrypto: Use AES registers directly
2017-08-25 16:08:03 +10:00
Angus Gratton
99c663a6e9
mbedtls tests: utility tests for APB corruption
...
Used when running mbedTLS self-tests to verify DPORT protection is working correctly.
2017-08-25 16:08:03 +10:00
Angus Gratton
7be002ec0f
hwcrypto bignum/MPI: Batch safe DPORT reads to improve performance
2017-08-25 16:08:02 +10:00
Ivan Grokhotkov
08287852ab
esp32: add protection for DPORT registers of RSA
2017-08-25 16:08:02 +10:00
Ivan Grokhotkov
87a0ec77b5
Merge branch 'bugfix/mbedtls_config_mismatch' into 'master'
...
mbedtls: Add a shim header to account for including "mbedtls/config.h" directly in program
See merge request !1125
2017-08-24 14:40:39 +08:00
Ivan Grokhotkov
08e787dc4d
mbedtls: remove duplicate Kconfig options
2017-08-22 15:12:35 +08:00
Angus Gratton
2c0ff0c1e1
mbedtls: Add a shim header to account for including "mbedtls/config.h" directly in program
...
Previously this resulted in a config mismatch between default config and esp_config.h
Closes https://github.com/espressif/esp-idf/issues/711
2017-08-21 12:37:53 +10:00
Angus Gratton
66ad84d318
mbedtls: Add more config options to disable Elliptic Curve features
...
Can save up to an additional 20KB when not using EC in TLS, or disable
unwanted features as needed.
2017-08-18 17:44:33 +10:00
Angus Gratton
c0f65f6680
mbedtls: Expose compile-time config, disable some things by default
...
* Disables 3DES, Camellia, Blowfish, RC4, RIPEMD160, SSLv3, TLS-PSK modes, DTLS by default
* Saves about 40KB from the default TLS client code size
* Defaults no longer get "Bad" howsmyssl.com rating (no more vulnerable 3DES)
(ping https://github.com/espressif/arduino-esp32/issues/575 )
* Allows up to another 20-30KB code size to be trimmed without security
implications if using DER formatted certificates, RSA ciphersuites only,
etc.
* Can save up to another 8KB by setting the TLS Role to Server or Client only.
2017-08-18 17:15:08 +10:00
Angus Gratton
ffefeef5ea
mbedtls: Fix memory leak in initial ECDH exchange if OOM/failure occurs
...
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and ecp_precompute_comb() fails (which can happen due to OOM), then the new array of points T was leaked.
2017-07-12 16:34:26 +08:00
Angus Gratton
fd9d889e62
mbedtls unit tests: Allow for longer timeout using software SHA
...
Hardware SHA runs SHA operations faster than software...
2017-07-06 15:54:01 +08:00
Angus Gratton
c35aa1d9a2
mbedtls: Temporarily disable hardware acceleration in dual-core mode
...
Temporary fix, until DPORT bugs in crypto accelerators are completely fixed.
2017-07-05 12:03:00 +08:00
Tian Hao
26a3cb93c7
component/soc : move dport access header files to soc
...
1. move dport access header files to soc
2. reduce dport register write protection. Only protect read operation
2017-05-09 18:06:00 +08:00
Tian Hao
f7e8856520
component/esp32 : fix dualcore bug
...
1. When dual core cpu run access DPORT register, must do protection.
2. If access DPORT register, must use DPORT_REG_READ/DPORT_REG_WRITE and DPORT_XXX register operation macro.
2017-05-08 21:53:43 +08:00
Michael Kellner
a523aa3ef5
mbedtls port: Fix detection of EWOULDBLOCK/EAGAIN with non-blocking sockets
...
Since mbedtls_net_errno is reset by fcntl, it is reset after calling
net_would_block, so the call to mbedtls_net_errno in mbedtls_net_recv
and mbedtls_net_send will always get back 0. This change propagates
the value returned by mbedtls_net_errno up through net_would_block,
to allow the correct error value to be used and avoid a redundant
call to mbedtls_net_errno.
Merges PR #511 https://github.com/espressif/esp-idf/pull/511
2017-04-21 10:46:34 +10:00
Ivan Grokhotkov
829800f272
Merge branch 'bugfix/mbedtls_non_blocking_sockets' into 'master'
...
mbedtls port: Fix detection of EWOULDBLOCK/EAGAIN with non-blocking sockets
Previous code read non-blocking status via fcntl first, which resets errno.
* Closes #424 https://github.com/espressif/esp-idf/pull/424
* Merges #425 https://github.com/espressif/esp-idf/pull/425
See merge request !575
2017-03-15 10:39:53 +08:00
Neil Kolban
16e1a2716e
mbedtls port: Fix detection of EWOULDBLOCK/EAGAIN with non-blocking sockets
...
Previous code read non-blocking status via fcntl first, which resets errno.
Closes #424 https://github.com/espressif/esp-idf/pull/424
Merges #425 https://github.com/espressif/esp-idf/pull/425
2017-03-13 15:45:11 +08:00
Angus Gratton
74817c35f3
mbedtls: Enable filesystem support
2017-03-08 09:55:31 +11:00
Angus Gratton
0b7058d8ef
mbedTLS: Add generic support for mbedTLS debug output via the esp_log functionality
2017-03-07 10:18:47 +11:00
Anne Jan Brouwer
ec31b39989
Added missing platform.h to mbedtls ssl.h
...
There was a missing definition of mbedtls_time_t
See for example:
https://travis-ci.org/SHA2017-badge/Firmware/jobs/202459377
Merges #348 https://github.com/espressif/esp-idf/pull/348
2017-03-03 14:59:15 +11:00
Angus Gratton
64e6e7a0ae
mbedtls: Use two MPI multiplications when multiply operands too large
...
Allows RSA4096 via hardware crypto operations.
See github #139 https://github.com/espressif/esp-idf/issues/139
2017-01-31 14:36:26 +11:00
antti
f8b5c29346
esp32: add [ignore] tag to some unit test cases for CI
...
Add ignore tag on unit test cases that are not supported in CI yet
2017-01-18 17:08:20 +08:00
Ivan Grokhotkov
d6842e537c
mbedtls: give SHA test slightly more time to run
2017-01-11 21:30:23 +08:00
Jeroen Domburg
bf57594ebe
Merge branch 'feature/intr_alloc' into 'master'
...
Add dynamic interrupt allocation mechanism
This adds:
- Dynamic allocation of interrupts. Pass it the features of the interrupt you want, it'll set you up with an int.
- Shared interrupts. Enables multiple peripheral drivers to use the same interrupt.
- Marking what interrupts are fully executable from IRAM; if an int isn't marked like that it will get disabled once flash cache gets disabled.
Also:
- Modifies driver to be in line with these changes
See merge request !254
2016-12-09 14:00:39 +08:00
Liu Han
c1802eaa98
components/mbedtls: add time and time data configuration at menuconfig
2016-12-08 13:33:47 +08:00
Jeroen Domburg
32fa94935d
Changes according to merge request
2016-12-08 12:39:33 +08:00
Jeroen Domburg
655fd2986a
Add interrupt allocation scheme / interrupt sharing. Also modifies drivers and examples. Also allows interrupts
...
to be marked specifically as having a handler that's all in IRAM.
2016-12-08 12:39:33 +08:00
Angus Gratton
88b264cfce
mbedTLS SHA: Fix cloning of SHA-384 digests
...
Hardware unit only reads 384 bits of state for SHA-384 LOAD,
which is enough for final digest but not enough if you plan to
resume digest in software.
2016-11-25 19:26:30 +11:00
Angus Gratton
a902e2a9de
mbedtls tests: Add additional MPI (bignum), SHA tests
2016-11-25 19:21:49 +11:00
Angus Gratton
d0801fdbab
Merge branch 'feature/sha_tls_integration' into 'master'
...
SHA acceleration integrated to mbedTLS incl. TLS sessions
Uses hardware SHA acceleration where available, fails over to software where not available.
Ref TW7112
See merge request !232
2016-11-25 10:12:29 +08:00