Aditya Patwardhan
a2e6db19e6
esp_tls: Fix misplaced paranthesis in esp_tls_mbedtls.c
...
Fixes one part of - https://github.com/espressif/esp-idf/issues/6440
2021-03-05 10:06:10 +05:30
Aditya Patwardhan
d66ad18853
Fix esp_tls: Prevent freeing of global ca store after each connection
...
when dynamic ssl buffers are enabled
2021-03-05 09:55:10 +05:30
yuanjm
cbca521e28
Modify esp-tls and tcp_transport to support keep alive for tcp and ssl connection
2021-01-26 14:08:45 +08:00
Aditya Patwardhan
84219fe844
esp_tls_wolfssl: Move order of crt_bundle check to match that in
...
esp_tls_mbedtls
2021-01-21 10:45:42 +05:30
Aditya Patwardhan
a5cf243ea0
esp-tls: Fix mem leak when global_ca_store is freed
2021-01-21 10:45:18 +05:30
Aditya Patwardhan
e33cfbaef9
esp_tls: Add warning if the CA chain provided contains one/more invalid
...
cert
2021-01-11 12:02:30 +05:30
Aditya Patwardhan
076ad543fb
esp_tls_wolfssl : Add domain name check
2020-12-29 21:11:08 +05:30
Aditya Patwardhan
4c66d146eb
esp-tls : (Fix) update tls->sockfd value after socket is freed internally
...
Closes https://github.com/espressif/esp-idf/issues/6163
2020-12-21 11:23:22 +05:30
Mahavir Jain
40a29866f6
esp-tls: enable TLS renegotiation using explicit API call
...
mbedTLS stack does not keep TLS renegotiation enabled even if
relevant config option is turned on, it needs explicit API call
`mbedtls_ssl_conf_renegotiation` to do so.
This issue was observed in case of Azure IoT, where keys needs to
be refreshed periodically to keep TLS connection intact.
2020-07-13 15:32:41 +05:30
Aditya Patwardhan
f6b0307e1a
esp_tls_wolfssl: fix incorrect error message after handshake fails
2020-06-18 12:58:40 +05:30
Aditya Patwardhan
423e600d46
secure_element: atecc608_ecdsa example
...
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
2020-05-21 13:08:30 +05:30
Mahavir Jain
7a2ea9b7f7
esp-tls: add support for using hardware security module
2020-05-20 22:52:37 +05:30
David Cermak
6182e6f303
tcp_transport: close to return error only for socket error or invalid args
...
Closes https://github.com/espressif/esp-idf/issues/4872
2020-05-05 15:53:09 +02:00
Vikram Dattu
60dc4285f4
Fixed esp_tls_conn_write
documentation.
...
Return value `0` in actual is case of partial write and not error as per `mbedtls_ssl_write`
Modified documentation of `esp_tls_conn_write` accordingly.
Even `esp_wolfssl_write` API considers just negative returns as errors.
Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
2020-04-01 11:04:09 +00:00
Aditya Patwardhan
d712453114
esp_tls_wolfssl: Added mutex to allow only one TLS conn using PSK at a time
2020-03-26 17:30:05 +05:30
Aditya Patwardhan
46643ab40f
esp_tls_wolfssl: Add support for PSK using wolfSSL,
...
enable SNI and ALPN
2020-03-26 16:02:57 +05:30
Aditya Patwardhan
874e987a3b
esp_tls: change argument pointer type to (void *) for esp_crt_bundle_attach
2020-03-11 15:54:05 +05:30
Marius Vikhammer
947e3e94ed
Add ESP certificate bundle feature
...
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.
Default bundle includes all Mozilla root certificates
Closes IDF-296
2020-03-04 10:51:43 +08:00
Aditya Patwardhan
c6ad650796
esp_tls_wolfssl: Add support for DER formatted certificates
2020-02-27 15:20:22 +05:30
Aditya Patwardhan
0a25922043
esp_tls_wolfssl: 1) Fix SNI for wolfSSL
...
2) Fix error captures
3) Add error flags specific wolfSSL
4) make respective changes to esp_err_to_name.c
2020-02-27 15:20:22 +05:30
Aditya Patwardhan
d35862b662
esp-tls: Add support for https_server using wolfSSL
2020-02-27 15:20:22 +05:30
Angus Gratton
3f532c8895
Merge branch 'bugfix/esp_tls_blocking_timeout' into 'master'
...
esp-tls: add timeout for blocking connection
See merge request espressif/esp-idf!7316
2020-01-20 09:35:23 +08:00
David Cermak
98cf3142fa
esp_tls: fail connection if esp_tls_conn_new() timeouts
2020-01-16 07:32:19 +00:00
David Cermak
aa3b1da384
esp_tls: added connection timeout to esp_tls_conn_new_sync()
2020-01-16 07:32:19 +00:00
Aditya Patwardhan
c7418042b4
esp32/esp-tls: provide API to retrieve sockfd value from esp_tls_t
2020-01-16 12:27:44 +05:30
David Cermak
b69ac4448e
tcp_transport: added API for client-key password
2020-01-06 21:16:24 +00:00
Ivan Grokhotkov
87a41fabfa
esp-tls: check return value of fcntl
2019-12-11 14:53:27 +01:00
Marius Vikhammer
ed85046138
tcp_transport: added functionality for using ALPN with SSL
...
Closes IDF-1160
2019-11-13 11:33:13 +08:00
Aditya Patwardhan
988f0c8feb
ESP_TLS: Generalizing error messages for esp_tls
...
:Replace mbedtls specific error messages
2019-10-28 16:05:31 +05:30
Aditya Patwardhan
f7eaa5f946
ESP_TLS: Restructuring esp_tls
...
1)Segregating mbedtls API into seperate file and cleaned esp_tls.c
2)Added support for wolfssl for CMake and make
3)Added support for debug_wolfssl (with menuconfig option)
4)Added info on wolfssl in ESP-TLS docs
2019-10-28 16:05:22 +05:30
David Cermak
a9e63d947b
esp-tls: Added support for fragmenting outgoing data in tls_write(), for cases of out data being larger than the maximum out buffer of underlying tls-stack.
2019-10-22 08:49:42 +00:00
Aditya Patwardhan
9f86f969b2
ESP32/esp-tls: include esp_err.h in esp_tls.h
...
Closes https://github.com/espressif/esp-idf/issues/4100
2019-10-07 19:47:32 +08:00
Liu Han
3ca07b3e70
fix(transport): Fix a bug of the connection whether be active or not by timeout option when the select function return a correct value.
2019-09-12 13:55:47 +08:00
Angus Gratton
e8bdfe07ae
Merge branch 'feature/tls_psk_authentication' into 'master'
...
esp_tls: add psk verification mode
Closes IDFGH-992
See merge request espressif/esp-idf!5095
2019-08-12 12:45:34 +08:00
Renz Christian Bagaporo
4dd2b9edb1
components: fix incorrect include dir args
2019-08-09 08:40:17 +08:00
David Cermak
f3d6a34e7d
esp_tls: enable psk verification mode, added mqtt example using psk authentication
2019-08-07 14:27:40 +10:00
Angus Gratton
7ef5fa8a0a
Merge branch 'feature/transport_support_der_certs' into 'master'
...
tcp transport ssl DER-support
See merge request espressif/esp-idf!5627
2019-08-05 09:52:08 +08:00
David Cermak
25dd5e39af
esp-tls: Naming variables refering to certificates and keys in a neutral way to suggest that both PEM and DER format could be used, added comments descibing important details about using these formats
2019-08-02 09:25:16 +02:00
Henning Fleddermann
73624e8560
modify comments on esp_tls_cfg, to clarify that other formats besides PEM (such as DER) might be used as well depending on mbedtls-support
...
Signed-off-by: David Cermak <cermak@espressif.com>
2019-08-02 09:25:16 +02:00
Anton Maklakov
afbaf74007
tools: Mass fixing of empty prototypes (for -Wstrict-prototypes)
2019-08-01 16:28:56 +07:00
David Cermak
587739391c
esp-tls: extending error handle to contain error descriptors with last mbedtls failure and latest certificate verification result flags, reworked tcp_transport to use this error handle
2019-07-04 20:55:10 +02:00
David Cermak
2972f96982
esp-tls: capturing specific errors to be available in tcp_transport and then in application code
2019-07-04 20:55:10 +02:00
Jitin George
8950f94ec7
esp_tls: Add support for server side SSL/TLS connection
...
Currently, esp-tls supports creation of SSL/TLS connection on the client side.
This commit includes support for creating SSL/TLS connection on the server side.
2019-06-25 23:43:35 +00:00
Renz Christian Bagaporo
9eccd7c082
components: use new component registration api
2019-06-21 19:53:29 +08:00
Mahavir Jain
0a5dfd3717
mbedtls: add config option for setting debug level
...
Closes https://github.com/espressif/esp-idf/issues/3521
2019-06-06 18:28:19 +05:30
Jitin George
d1c6bbf42e
esp-tls: Add support to add CN from config and validate PEM buffers
2019-05-17 20:06:44 +05:30
Jitin George
77645472ae
esp_tls: fix incorrect closing of fd 0 on connection failure
...
Closes https://github.com/espressif/esp-idf/issues/3149
2019-04-15 10:59:50 +05:30
Paul Reimer
a1204f8b16
Add esp_tls_init_global_ca_store function to esp-tls, called from esp_tls_set_global_ca_store
...
Signed-off-by: Chirag Atal <chirag.atal@espressif.com>
Merges https://github.com/espressif/esp-idf/pull/2654
2019-01-14 08:25:56 +00:00
Jiang Jiang Jian
ef4a87d62e
Merge branch 'bugfix/http_literal_caseinsensitive' into 'master'
...
Compare case-insensitive URI schemes
See merge request idf/esp-idf!3558
2018-11-12 17:03:06 +08:00
Stephen Bird
0c9f7271a9
Add checks to for CONFIG_MBEDTLS_SSL_ALPN
...
Merges https://github.com/espressif/esp-idf/pull/2569
2018-11-08 15:57:13 +05:30