Commit Graph

131 Commits

Author SHA1 Message Date
Mahavir Jain
2ad0565e3a mbedtls: update to mbedtls release v2.16.7
For detailed release notes, please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.7
2020-09-03 05:10:30 +00:00
Mahavir Jain
530b35b222 mbedtls: upgrade to release v2.16.5
For detailed release notes please refer to:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released

Closes: IDFGH-2638
Closes: https://github.com/espressif/esp-idf/issues/4716
2020-04-01 13:46:09 +00:00
David Cermak
fe5b7b549c mbedtls: fix hw accelerated big-num mul if operand and result overlap
this issue is mainly exposed when using larger (4096) client key in TLS mutual auth,
since it uses multiplications > 2048 when mbedtls_mpi_mul_mpi is used in recursion,
which works only if both operands point to different location than result since
mpi_mult_mpi_overlong() called mbedtls_mpi_grow() to reallocate buffers used in previous
pointer arithmetics and thus corrupting it. Fixed by growing the mpi buffer before
calling mpi_mult_mpi_overlong()
2020-02-20 10:05:48 +01:00
David Cermak
12d639e5b2 mbedtls: added mpi multiplication test for large numbers 2020-02-20 10:05:48 +01:00
Kedar Sovani
8f048ffddc Remove check for would_block in mbedtls
Basically, in the portability layer, it is checked if the socket is
NON-block, and if not, then even the EAGAIN and EWOULDBLOCK errors are
diverted to a RECV error. This causes a problem for sockets with
receive timeouts set. When such a timeout is set, the condition for
NON_BLOCK isn't met and hence a hard error is returned.

Searching for EAGAIN and EWOULDBLOCK in lwip returns only 3 results
(accept, recvfrom, close) and all of them look to be genuine cases for
EWOULDBLOCK. So removing this check to make receive timeout with TLS
work.
2019-10-18 14:21:35 +05:30
Prasad Alatkar
3545b58986 NimBLE: Port NimBLE stack to IDF Release v3.3 (Backport v3.3)
Includes all the latest NimBLE stack changes from idf-v4.0 with few idf-v3.3
specific modifications.
- Addition of nimble component as submodule (`nimble-1.1.0-idf-v3.3`), contains
  IDF v3.3 specific minor changes.
- Example applications are identical to idf-v4.0
- Modification in `bt/Kconfig` to accommodate NimBLE as a BT host.
2019-10-18 13:23:24 +08:00
Angus Gratton
e4418f4f92 Merge branch 'feature/upgrade_mbedtls_to_v2.16.1_v3.3' into 'release/v3.3'
mbedtls: upgrade to v2.16.2 release (v3.3)

See merge request idf/esp-idf!5377
2019-07-02 08:42:50 +08:00
Mahavir Jain
2287c28b41 mbedtls: upgrade to v2.16.2 release
For detailed release notes please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.2
2019-06-27 16:56:00 +05:30
Konstantin Kondrashov
166918e802 mbedtls: Add UTs for modexp 2019-06-26 14:19:40 +08:00
Konstantin Kondrashov
4b028cca86 mbedtls: Fix Z->s in mbedtls_mpi_exp_mod()
Z->s should never be zero, only 1 or -1.
Added additional checks for X, Y and M args to correctly set Z->s.

Closes: https://github.com/espressif/esp-idf/issues/1681
Closes: https://github.com/espressif/esp-idf/issues/3603
Closes: IDFGH-1313
2019-06-26 14:19:40 +08:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Angus Gratton
f3277cf2dc hwcrypto sha: Allow SHA contexts to be shared between tasks
Previously, hardware SHA engine "locks" were mutex semaphores. This meant that the task which
started a particular SHA session (in hardware) needed to finalise that session, or an invalid
FreeRTOS state was created.

Replace with binary semaphore which can be shared between tasks.

Includes a unit test, but unit test doesn't crash even without this fix
(some other unknown condition is required).
2019-01-23 04:59:44 +00:00
Renz Christian Bagaporo
d3799c8682 mbedtls: fix unix makefile build on windows command line 2018-12-20 18:23:55 +08:00
Renz Christian Bagaporo
72cd1ac43f mbedtls: fix issue with non idf.py build on windows 2018-12-13 20:44:29 +08:00
Renz Christian Bagaporo
d411175e47 mbedtls, cmake: set host as unix when building in msys 2018-12-05 07:54:59 +08:00
Mahavir Jain
907b1a9032 mbedtls: align CMake build with corresponding component.mk 2018-11-29 16:23:06 +05:30
Renz Christian Bagaporo
0908fba1a3 mbedtls: import mbedtls project w/o modification 2018-11-27 13:59:26 +08:00
Renz Christian Bagaporo
37d30c7a6e cmake: separate app from idf lib project
mbedtls: import mbedtls using unmodified cmake file
2018-11-27 13:59:24 +08:00
Ivan Grokhotkov
8027adaf81 esp32, mbedtls: check component name when enabling test flags
Otherwise flags get enabled even when building tests for other components.
2018-11-20 01:27:24 +08:00
Ivan Grokhotkov
6091021e83 unity: separate common and IDF specific functionality
New unity component can be used for testing other applications.
Upstream version of Unity is included as a submodule.
Utilities specific to ESP-IDF unit tests (partitions, leak checking
setup/teardown functions, etc) are kept only in unit-test-app.
Kconfig options are added to allow disabling certain Unity features.
2018-11-19 12:36:31 +08:00
Konstantin Kondrashov
8bba348528 aes/sha/mpi: Bugfix a use of shared registers.
This commit resolves a blocking in esp_aes_block function.

Introduce:
The problem was in the fact that AES is switched off at the moment when he should give out the processed data. But because of the disabled, the operation can not be completed successfully, there is an infinite hang. The reason for this behavior is that the registers for controlling the inclusion of AES, SHA, MPI have shared registers and they were not protected from sharing.

Fix some related issue with shared using of AES SHA RSA accelerators.

Closes: https://github.com/espressif/esp-idf/issues/2295#issuecomment-432898137
2018-11-05 04:22:47 +00:00
Peter Meerwald-Stadler
6a197d305f Fix some typos related to ethernet documentation and Kconfig. Closes https://github.com/espressif/esp-idf/pull/2642 2018-10-28 21:12:09 +01:00
Renz Bagaporo
cc774111bf cmake: Add support for test build 2018-10-20 12:07:24 +08:00
Ivan Grokhotkov
71b5ce55d3 Merge branch 'feature/mbedtls_2_13_1' into 'master'
mbedtls: update to 2.13.1

See merge request idf/esp-idf!3301
2018-09-27 14:15:25 +08:00
Angus Gratton
96cd3b75cd Merge branch 'feature/mbedtls_mem_alloc_options' into 'master'
mbedtls: configurable options for controlling dynamic memory allocations

See merge request idf/esp-idf!3343
2018-09-25 08:24:29 +08:00
Sagar Bijwe
48fccbf5dd nvs_flash: Add support for nvs encryption 2018-09-24 11:25:21 +05:30
Mahavir Jain
54382277b6 mbedtls: configurable options for controlling dynamic memory allocations
Modifies https://github.com/espressif/esp-idf/pull/2237
2018-09-24 11:17:48 +05:30
Ivan Grokhotkov
9188cb066a mbedtls: update to 2.13.1
See release notes:
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.13.0
2018-09-20 04:35:45 +00:00
Sagar Bijwe
112244bac4 wpa_supplicant: Implement BIGNUM and ECC crypto wrapper apis for ESP using mbedtls 2018-09-19 11:10:28 +05:30
Renz Christian Bagaporo
d9939cedd9 cmake: make main a component again 2018-09-11 09:44:12 +08:00
Angus Gratton
b355854d4d Merge branch 'master' into feature/cmake 2018-09-05 10:35:04 +08:00
Angus Gratton
83a179abb0 esp32: Add esp_fill_random() function
Convenience function to fill a buffer with random bytes.

Add some unit tests (only sanity checks, really.)
2018-09-03 04:39:45 +00:00
Angus Gratton
a9c4ed7139 Merge branch 'master' into feature/cmake 2018-08-30 18:51:01 +08:00
Angus Gratton
961f59ff57 mbedtls: Don't unnecessarily grow the result of a hardware bignum operation
Avoids growing the result of hardware bignum operations
(particularly for multiplication)

Fixes bugs where some Elliptic Curve operations fail or corrupt memory,
as they assume length of the number is never greater than the number of
non-zero limbs.

Includes some general refactoring to standardize terminology.

Closes https://github.com/espressif/esp-idf/issues/1556

Fixes TW12984

Adds test cases for both these issues.
2018-08-28 09:08:43 +00:00
Angus Gratton
ff2404a272 Merge branch 'master' into feature/cmake 2018-08-16 17:14:17 +10:00
Ivan Grokhotkov
98255f4225 Merge branch 'feature/mbedtls_2_12_0' into 'master'
mbedtls: update to 2.12.0

See merge request idf/esp-idf!2879
2018-08-01 14:56:50 +08:00
Jason von Nieda
d7a17ac941 Adds a Kconfig option for mbedtls' MBEDTLS_PLATFORM_MEMORY define. This makes it possible to override the mbedtls allocator with your own.
Merges https://github.com/espressif/esp-idf/pull/2237
2018-08-01 11:28:28 +10:00
Ivan Grokhotkov
5b9feaa1fd mbedtls: update to 2.12.0 2018-07-30 09:11:16 +03:00
Alexey Gerenkov
c2dc09304c gcc8_newlib3: Compilation warnings and errors not specific to newlib v3 2018-07-09 13:22:24 +03:00
Angus Gratton
6b9784cc45 Merge branch 'master' into feature/cmake_update 2018-05-31 14:46:23 +10:00
Angus Gratton
f4f305bdbd Merge branch 'bugfix/mbedtls_submodule' into 'master'
mbedtls: Add submodule check at build time

See merge request idf/esp-idf!2395
2018-05-16 19:52:45 +08:00
Konstantin Kondrashov
8f80cc733d soc: Change DPORT access
When two CPUs read the area of the DPORT and the area of the APB, the result is corrupted for the CPU that read the APB area.
And another CPU has valid data.

The method of eliminating this error.
Before reading the registers of the DPORT, make a preliminary reading of the APB register.
In this case, the joint access of the two CPUs to the registers of the APB and the DPORT is successful.
2018-05-14 17:54:57 +05:00
Angus Gratton
c94a5ecfdd mbedtls: Add mbedtls submodule check to build system 2018-05-14 16:07:18 +08:00
Ivan Grokhotkov
7dada45d60 mbedtls: enable deprecation warnings when building unit tests 2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
dbc919eff5 mbedtls: update usage of mbedtls_aes_encrypt/decrypt 2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
aad51ea8a0 mbedtls/port: don’t re-declare mbedtls_shaX functions
ALT header files for sha1, sha256, sha512 are only supposed to declare
mbedtls_sha1_context data structure. Function prototypes should come
from original header files.
2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
254e29aca4 mbedtls: update usage of deprecated mbedtls_shaX APIs
The following mbedTLS APIs have been deprecated and replaced with the
new ones which return error codes:

mbedtls_shaX_starts -> mbedtls_shaX_starts_ret
mbedtls_shaX_update -> mbedtls_shaX_update_ret
mbedtls_shaX_finish -> mbedtls_shaX_finish_ret
mbedtls_shaX_process -> mbedtls_shaX_internal_process

Update hardware implementations of SHA functions, and other IDF
components which used above functions, to use new versions.
2018-05-09 23:15:28 +08:00
Ivan Grokhotkov
e9cbf96bd1 mbedtls: re-add version 2.9.0 as a submodule 2018-05-09 23:15:28 +08:00
Angus Gratton
1cb5712463 cmake: Add component dependency support
Components should set the COMPONENT_REQUIRES & COMPONENT_PRIVATE_REQUIRES variables to define their
requirements.
2018-04-30 09:59:20 +10:00
Angus Gratton
88df8fd293 cmake: Use cmake_lint project, tidy up all CMake source files 2018-04-30 09:59:20 +10:00