Commit Graph

103 Commits

Author SHA1 Message Date
Jakob Hasse
ea47bbb118 HMAC: adding upstream message support 2020-03-26 19:00:27 +08:00
Marius Vikhammer
ffb9010cbe aes: Fixed tag sometime being wrong for HW GCM
The GCM hardware accelerated algorithm for S2 would sometimes output
the wrong tag.

Added additional tests for AES and GCM

Re-enable HW GCM as default option
2020-03-18 08:44:38 +08:00
Marius Vikhammer
7e824508a9 mpi: refactor bignum into common and hw specific components
Closes IDF-1174
2020-03-16 19:44:30 +08:00
Marius Vikhammer
e21bef3f28 mpi: active hw accel for S2
Actives MPI/RSA hardware acceleratio for ESP32 S2.

Closes IDF-803
2020-03-13 18:33:18 +08:00
Marius Vikhammer
3351376a11 AES: optimize AES-GCM
HW acceleration for GCM is now enabled by default

Closes IDF-1443
2020-03-12 10:20:24 +08:00
Marius Vikhammer
37369a8a57 crypto: SHA and AES accelerator bring up for S2
Brings up, fixes and enables AES and SHA hardware acceleration.

Closes IDF-714
Closes IDF-716
2020-03-11 15:09:45 +08:00
morris
e30cd361a8 global: rename esp32s2beta to esp32s2 2020-01-22 12:14:38 +08:00
morris
1c2cc5430e global: bring up esp32s2(not beta) 2020-01-16 17:41:31 +08:00
Marius Vikhammer
c63684cf6c hw crypto: activated hardware acceleration for esp32s2beta
Activated AES, RSA and SHA hardware acceleration for esp32s2 and enabled related unit tests.

Updated with changes made for ESP32 from 0a04034, 961f59f and caea288.

Added performance targets for esp32s2beta

Closes IDF-757
2019-12-12 12:37:29 +08:00
Ryan Kurte
4ee78f8496 added KConfig option to allow loading CA certs with unsupported extensions
Close https://github.com/espressif/esp-idf/pull/4445
2019-12-10 08:47:26 +05:30
Ivan Grokhotkov
5830f529d8 Merge branch 'master' into feature/esp32s2beta_merge 2019-10-02 19:01:39 +02:00
Prasad Alatkar
fe08f435dc NimBLE: Add optional mbedTLS support to NimBLE
- Additional menuconfig option to select either mbedTLS or Tinycrypt from NimBLE.
- Addition of `CMAC` and `ECP_RESTARTABLE` to mbedTLS menuconfig option and
  `esp_config.h`.
- Changes NimBLE `component.mk` and `CMakeLists.txt` to support mbedTLS option.
- Minor changes to `app_mesh.c` application.
2019-09-30 14:15:43 +08:00
Angus Gratton
adfc06a530 Merge branch 'master' into feature/esp32s2beta_merge 2019-09-20 10:28:37 +10:00
Angus Gratton
c41b2b0415 mbedtls: Remove esp_aes_encrypt/decrypt
Deprecated in ESP-IDF V3.1

Anyone reading this should please include mbedtls/aes.h and use mbedTLS APIs,
not the ESP-specific APIs.
2019-09-13 09:44:07 +10:00
Angus Gratton
6990a7cd54 Merge branch 'master' into feature/esp32s2beta_update 2019-08-19 15:03:43 +10:00
Angus Gratton
caea2889c8 aes: Add fault injection checks when writing key to hardware
Vulnerability reported by LimitedResults under Espressif Bug Bounty Program.
2019-08-11 11:16:33 +10:00
Angus Gratton
24d26fccde Merge branch 'master' into feature/esp32s2beta_update 2019-08-08 13:44:24 +10:00
hemal.gujarathi
1dec976fba Update esp_config and add new feature
Closes https://github.com/espressif/esp-idf/issues/3372
2019-07-12 11:42:48 +05:30
suda-morris
84b2f9f14d build and link hello-world for esp32s2beta 2019-06-11 13:07:37 +08:00
suda-morris
b146104885 add esp32s2beta component 2019-06-11 13:06:32 +08:00
Stephen Bird
058c6afd3c Add option to disable server side SSL session tickets as well as client
Closes https://github.com/espressif/esp-idf/pull/2570
2019-05-29 18:02:18 +05:30
morris
709a320f33 move hwcrypto from esp32 to mbedtls 2019-03-26 16:24:22 +08:00
Angus Gratton
b7ee11231d mbedtls: Fix esp_debug not including its dependencies
As reported on forum: https://esp32.com/viewtopic.php?f=13&t=9782&p=40464#p40464
2019-03-21 10:48:55 +11:00
Angus Gratton
96cd3b75cd Merge branch 'feature/mbedtls_mem_alloc_options' into 'master'
mbedtls: configurable options for controlling dynamic memory allocations

See merge request idf/esp-idf!3343
2018-09-25 08:24:29 +08:00
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30
Mahavir Jain
54382277b6 mbedtls: configurable options for controlling dynamic memory allocations
Modifies https://github.com/espressif/esp-idf/pull/2237
2018-09-24 11:17:48 +05:30
Jason von Nieda
d7a17ac941 Adds a Kconfig option for mbedtls' MBEDTLS_PLATFORM_MEMORY define. This makes it possible to override the mbedtls allocator with your own.
Merges https://github.com/espressif/esp-idf/pull/2237
2018-08-01 11:28:28 +10:00
Ivan Grokhotkov
dbc919eff5 mbedtls: update usage of mbedtls_aes_encrypt/decrypt 2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
aad51ea8a0 mbedtls/port: don’t re-declare mbedtls_shaX functions
ALT header files for sha1, sha256, sha512 are only supposed to declare
mbedtls_sha1_context data structure. Function prototypes should come
from original header files.
2018-05-09 23:15:28 +08:00
Paul Reimer
8a47679d04 Add #include guards and __cplusplus guards to esp_debug.h
Merges https://github.com/espressif/esp-idf/pull/1358
2017-12-07 10:25:57 +11:00
Angus Gratton
ae382b3bfa mbedtls: Update to 2.6.0 release (without IDF-specific patches) 2017-09-07 18:02:26 +10:00
Angus Gratton
2624e10055 esp32 hwcrypto: Use AES registers directly 2017-08-25 16:08:03 +10:00
Angus Gratton
2c0ff0c1e1 mbedtls: Add a shim header to account for including "mbedtls/config.h" directly in program
Previously this resulted in a config mismatch between default config and esp_config.h

Closes https://github.com/espressif/esp-idf/issues/711
2017-08-21 12:37:53 +10:00
Angus Gratton
66ad84d318 mbedtls: Add more config options to disable Elliptic Curve features
Can save up to an additional 20KB when not using EC in TLS, or disable
unwanted features as needed.
2017-08-18 17:44:33 +10:00
Angus Gratton
c0f65f6680 mbedtls: Expose compile-time config, disable some things by default
* Disables 3DES, Camellia, Blowfish, RC4, RIPEMD160, SSLv3, TLS-PSK modes, DTLS by default
* Saves about 40KB from the default TLS client code size
* Defaults no longer get "Bad" howsmyssl.com rating (no more vulnerable 3DES)
  (ping https://github.com/espressif/arduino-esp32/issues/575 )
* Allows up to another 20-30KB code size to be trimmed without security
  implications if using DER formatted certificates, RSA ciphersuites only,
  etc.
* Can save up to another 8KB by setting the TLS Role to Server or Client only.
2017-08-18 17:15:08 +10:00
Angus Gratton
74817c35f3 mbedtls: Enable filesystem support 2017-03-08 09:55:31 +11:00
Angus Gratton
0b7058d8ef mbedTLS: Add generic support for mbedTLS debug output via the esp_log functionality 2017-03-07 10:18:47 +11:00
Liu Han
c1802eaa98 components/mbedtls: add time and time data configuration at menuconfig 2016-12-08 13:33:47 +08:00
Angus Gratton
c48612e516 mbedTLS SHA acceleration: Allow concurrent digest calculation, works with TLS
SHA hardware allows each of SHA1, SHA256, SHA384&SHA512 to calculate digests
concurrently.

Currently incompatible with AES acceleration due to a hardware reset problem.

Ref TW7111.
2016-11-22 20:42:38 +11:00
Angus Gratton
1cc0b3000b mbedtls hardware bignum: Expose ESP-only bignum API in wrapper mbedtls/bignum.h 2016-11-18 17:08:14 +11:00
Angus Gratton
68d370542a mbedtls hardware RSA: Put into menuconfig, squash warnings
All combinations of enabling/disabling hardware acceleration no longer
show unused warnings.
2016-11-18 15:50:45 +11:00
Angus Gratton
9632c8e56c RSA Accelerator: Add mod_exp, refactor to avoid memory allocation & copying
Not fully working at the moment, mod_exp has a bug.
2016-10-12 16:19:09 +11:00
Angus Gratton
6b3bc4d8c5 hwcrypto bignum: Implement multiplication modulo
Fixes case where hardware bignum multiplication fails due to either
operand >2048 bits.
2016-10-12 15:45:08 +11:00
Angus Gratton
1a6dd44d03 hwcrypto bignum: Use mbedtls_mpi data structures for all bignum data
Still doesn't solve the problem of multiplying two numbers where one is
>2048 bits, needed for RSA support.
2016-10-12 15:45:08 +11:00
Angus Gratton
aa75a71917 mbedtls: Add some initial menuconfig options 2016-09-27 10:38:00 +10:00
Angus Gratton
67a26d52ac mbedtls: Temporarily disable default hardware crypto SHA & bignum
Due to limitations referenced in the comments of the changes.
2016-09-14 17:52:39 +10:00
Angus Gratton
f01cabf71d mbedtls hwcrypto sha512: Fix redirection of function names 2016-09-14 17:52:24 +10:00
Angus Gratton
264b115eb0 mbedtls: Move esp_config.h file to port directory 2016-09-09 14:06:14 +10:00
Wu Jian Gang
95defc7d32 mbedtls: Use hardware accelerated AES, SHA, bignum 2016-09-08 17:41:43 +08:00
Wu Jian Gang
fc2bfc1f49 mbedtls: just format related files
method from !46
2016-09-08 16:46:25 +08:00
liuhan
1900c50d3b components/mbedtls: modify hardware encryption feature
rename "flag" and "keybites" in aes file,
rename "xxx_starts" and add license in sha file.
2016-09-08 16:45:51 +08:00
liuhan
2d80fada70 components/mbedtls: MBEDTLS Handshake result check
modify esp_config.h add some feature for support http2.0 protocol, TLS Handshake OK.
2016-09-08 16:45:44 +08:00
liuhan
98021903a2 recompile crypto and bignum function 2016-09-08 16:45:16 +08:00