Laukik Hase
db99f311fc
mbedtls: Fix build with dynamic buffers feature
2023-02-19 03:53:02 +00:00
Laukik Hase
8b5ab6820f
mbedtls: Update config options as per v3.3.0 release
2023-02-19 03:53:02 +00:00
Mahavir Jain
dcae357500
Merge branch 'fix/hardware_ecc_port_v5.0' into 'release/v5.0'
...
mbedtls/ecp: Fix incorrect ECP parameter value
See merge request espressif/esp-idf!22112
2023-02-19 11:49:14 +08:00
Sachin Parekh
131faba944
mbedtls/ecp: Fix incorrect ECP parameter value
...
- Add sanity checks in mbedtls port
- Add ECP test cases covering shorter scalar values
2023-02-08 21:35:49 +05:30
harshal.patil
3ca447956c
mbedtls: fix null pointer dereference of variable iv_off
...
iv_off gets dereferenced before being check for NULL
2023-01-25 15:32:56 +05:30
harshal.patil
79fb21952e
mbedtls/port: refactor sanity checks and their return values
...
Refactored and returned correct error codes for sanity checks
present in port layer esp_aes.c and esp_aes_gcm.c
2023-01-25 15:30:20 +05:30
harshal.patil
7e00b1f356
mbedtls/port: added stream_block parameter sanity check
2023-01-25 15:30:20 +05:30
LiPeng
3c1ac62969
mbedtls: GCM implementation is replaced with CTR-based calculation
...
- GCM operation in mbedtls used ECB, which calculated only 16 bytes of data each time.
- Therefore, when processing a large amount of data, it is necessary to frequently set hardware acceleration calculations,
- which could not make good use of the AES DMA function to improve efficiency.
- Hence, GCM implementation is replaced with CTR-based calculation which utilizes AES DMA to improve efficiency.
2023-01-09 18:37:07 +05:30
harshal.patil
f111ed2d9a
mbedtls: fix esp_aes_gcm_update_ad()
API implementation
...
Closes IDFGH-10467
2023-01-09 18:35:25 +05:30
harshal.patil
40f2caa950
mbedtls: fix esp_aes_crypt_ctr writing to null stream block
2023-01-02 12:02:47 +05:30
harshal.patil
ea07ce9367
mbedtls: added SOC_AES_SUPPORT_AES_192 check in esp_aes_gcm_setkey()
2023-01-02 12:02:47 +05:30
harshal.patil
1c0e11efc0
mbedtls: populate mbedtls_gcm_update() output_length paramater
2023-01-02 12:02:47 +05:30
jgujarathi
2d0ef53e94
Removed some occurences of the RC4 cipher suite(deprecated now)
2022-11-25 10:07:56 +05:30
Mahavir Jain
84b0254fbf
esp32: mpi: add workaround for data corruption issue observed with IDF 5.x toolchain
...
This fix adds a workaround to disable compiler optimization flag "-ftree-loop-distribute-patterns"
for `mpi_to_mem_block` routine. It was observed that compiler with release configuration was falling
back to `memset` call from ROM library causing an issue in correctly zero initializing MPI peripheral
block.
Please see following linked issue for more discussion and context on this issue.
Closes https://github.com/espressif/esp-idf/issues/8710
Closes https://github.com/espressif/esp-idf/issues/9371
Closes https://github.com/espressif/esp-idf/issues/9256
Closes IDFGH-7102
Closes IDFGH-7842
Closes IDFGH-7714
Closes IDFCI-1452
Closes IDF-6029
2022-10-27 09:54:26 +05:30
Sachin Parekh
44d626a596
mbedtls: Override ecp_mul_restartable_internal
...
ECDSA verification uses ecp_mul_restartable_internal instead
of the public API mbedtls_ecp_mul_restartable
2022-08-26 11:46:55 +05:30
Laukik Hase
0c60328953
mbedtls/port: Fix dynamic buffers feature for v3.2.1
...
Co-authored-by: Li Jingyi <lijingyi@espressif.com>
2022-08-26 11:46:55 +05:30
Aditya Patwardhan
0dd55387ea
esp_rsa_sign_alt: Fix esp_init_ds_data_ctx API to not modify user defined data when it is given directory from flash
2022-08-23 11:50:47 +05:30
Darian Leung
781d06af73
esp_hw_support: Remove compare_set.h API
...
This function removes the following legacy atomic CAS functions:
From compare_set.h (file removed):
- compare_and_set_native()
- compare_and_set_extram()
From portmacro.h
- uxPortCompareSet()
- uxPortCompareSetExtram()
Users should call esp_cpu_compare_and_set() instead as this function hides the details
of atomic CAS on internal and external RAM addresses.
Due to the removal of compare_set.h, some missing header includes are also fixed in this commit.
2022-07-22 00:06:06 +08:00
Mahavir Jain
a94c74c26b
mbedtls: remove dependency on driver component
...
- keep `esp_pm` dependency conditional in mbedtls
- refactor `bt` cmakelist to keep dependencies as private
Related: IDF-1265
2022-07-18 21:10:51 +05:30
Mahavir Jain
dd24639215
Merge branch 'esp32h2/enable_ecc_accelerator' into 'master'
...
esp32h2: Enable ECC accelerator
Closes IDF-3397
See merge request espressif/esp-idf!18647
2022-06-23 20:06:26 +08:00
Sachin Parekh
6cfc9c365f
esp32h2: Enable ECC accelerator
2022-06-23 12:59:13 +05:30
Marius Vikhammer
7e60e07a0a
Merge branch 'feature/esp8684_sha' into 'master'
...
mbedtls: enable hw support for SHA on C2
Closes IDF-3830 and IDF-5141
See merge request espressif/esp-idf!18531
2022-06-23 14:18:49 +08:00
Marius Vikhammer
f4c79687f8
SHA: added hardware support for SHA on C2.
2022-06-23 11:01:16 +08:00
Laukik Hase
ff44ff8050
mbedtls: Acquire lock before enabling MPI (RSA) hardware
...
- For ESP32-S3
2022-06-21 10:48:17 +05:30
Laukik Hase
28ac0b12fb
mbedtls: Remove deprecated options from mbedtls/esp_config.h
...
- Removed options related to RC4 ciphersuite, SSL3 and TLS1
(as per mbedtls v3.1.0)
2022-05-28 10:21:06 +05:30
Li Jingyi
c88af419a3
mbedtls: fix ssl server crash when enable mbedtls dynamic buffer
...
Not free keycert until MBEDTLS_SSL_CLIENT_KEY_EXCHANGE for rsa key exchange methods, because keycert will be used to parse client key exchange.
2022-05-20 11:21:48 +00:00
Li Jingyi
fa3cbf9162
fix(mbedtls): fix ssl server memory leak when enable mbedtls dynamic buffer function
2022-05-09 13:56:20 +00:00
Anton Maklakov
4a7f36a52a
mbedtls: fix argument types to match mbedtls/shaXXX.h
2022-04-21 12:30:49 +07:00
Armando
c4bcf1117c
esp_hw_support: move soc_memory_types.h helper functions into esp_hw_support
2022-04-08 11:46:10 +08:00
Mahavir Jain
f7fc3e2d88
esp_hw_support: cleanup crypto lock APIs for ESP32-C2
2022-03-22 02:06:30 +00:00
Mahavir Jain
93987e6b79
Merge branch 'fix/remove_test_cert_files_from_mbedtls_port_directory' into 'master'
...
mbedtls: Remove certs.c and certs.h from port directory
Closes IDF-4709
See merge request espressif/esp-idf!17485
2022-03-18 16:47:53 +08:00
Aditya Patwardhan
f31d8dd295
mbedtls: Remove certs.c and certs.h from port directory
2022-03-15 17:16:07 +05:30
Laukik Hase
1c65ab5307
mbedtls: Add config for MBEDTLS_PLATFORM_TIME_ALT
2022-03-14 09:42:33 +05:30
Aditya Patwardhan
bfc2fd9d5d
Merge branch 'bugfix/mbedtls_tls1_3' into 'master'
...
mbedtls: Disable `MBEDTLS_DYNAMIC_BUFFER` when TLS 1.3 is enabled
See merge request espressif/esp-idf!17415
2022-03-12 16:24:14 +08:00
Armando (Dou Yiwen)
6ed3ffbbf1
Merge branch 'refactor/remove_redundant_rom_cache_dependency' into 'master'
...
cache: remove redundant rom cache dependency in bootloader
Closes IDF-4523
See merge request espressif/esp-idf!17077
2022-03-12 10:11:39 +08:00
Armando
c1cbd7bbf6
cache/mmu: implememnt cache and mmu hal APIs in bootloader
2022-03-11 22:43:11 +08:00
Laukik Hase
87d3296c37
mbedtls: Disable MBEDTLS_DYNAMIC_BUFFER
when TLS 1.3 is enabled
...
- Resulted in a crash in the handshake stage when
used alongside TLS 1.3 (MBEDTLS_SSL_PROTO_TLS1_3)
- Fix build error when MBEDTLS_HARDWARE_SHA=n &&
MBEDTLS_DYNAMIC_BUFFER=y
- Fix build error when TLS 1.3 is enabled with
MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n
2022-03-11 10:03:48 +05:30
Sachin Parekh
32a6550e87
mbedtls: Added ECC hardware accelerator support on ESP32C2
...
ESP32C2 has a ECC hardware accelerator capable of performing point
multiplication and point verification with a significant performance
boost
2022-03-08 14:05:23 +00:00
Sudeep Mohanty
a9fda54d39
esp_hw_support/esp_system: Re-evaluate header inclusions and include directories
...
This commit updates the visibility of various header files and cleans up
some unnecessary inclusions. Also, this commit removes certain header
include paths which were maintained for backward compatibility.
2022-03-07 11:18:08 +05:30
Aditya Patwardhan
4582af75b8
mbedtls: Update licenses of files updated in mbedtls-3.1 update
2022-03-04 05:18:58 +00:00
Aditya Patwardhan
8cbfb18037
mbedtls-3.x: Update Kconfig macros
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
8111286668
Add entropy_poll.h in port directory
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
66a9243d3b
mbedtls 3.X update:
...
*MBEDTLS_ECDH_LEGACY_CONTEXT is now disabled by default.
*Fixed MBEDTLS_ECDH_LEGACY_CONTEXT issue for protocomm component.
*Removed all code under MBEDTLS_DEPRECATED_REMOVED
2022-03-03 01:37:10 +05:30
Laukik Hase
3925365351
ci: Fix pre-check
stage failing tests
...
- Updated license headers
- Re-enabled public headers and static analysis checks
- Fix public header file check failure
Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
60b167f2d6
mbedtls-3.1 update: Removed the MBEDTLS_PRIVATE
from multiple files
...
after they have been again made public in mbedtls-3.1
*Added `MBEDTLS_ALLOW_PRIVATE_ACCESS` in some files.
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
3b71bd7326
mbedtls-3.0: Fixed ESP32 build issues
...
- Added MBEDLTS_PRIVATE(...) wherever necessary
- For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function
pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL
- For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this.
Currently, corresponding snippet has been commented.
- Examples tested: hello-world | https_request | wifi_prov_mgr
mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues
- Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port
- DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument
- Added MBEDTLS_PRIVATE(...) wherever required
mbedtls-3.0: Fixed ESP32-S2 build issues
- Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module
mbedtls-3.0: Fixed ESP32-H2 build issues
ci: Fixing build stage
- Added MBEDTLS_PRIVATE(...) wherever required
- Added RNG function parameter
- Updated GCM Module changes
- Updated Copyright notices
- Tests:
- build_esp_idf_tests_cmake_esp32
- build_esp_idf_tests_cmake_esp32s2
- build_esp_idf_tests_cmake_esp32c3
- build_esp_idf_tests_cmake_esp32s3
ci: Fixing build stage (mbedtls-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
ci: Fixing build stage (example-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
ci: Fixing target_test stage
- Updated test SSL version to TLS_v1_2
- Tests:
- example_test_protocols 1/2
ci: Fixing build stage
- Added checks for MBEDTLS_DHM_C (disabled by default)
- Updated esp_cryptoauthlib submodule
- Updated factory partition size for legacy BLE provisioning example
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
Co-authored-by: Laukik Hase <laukik.hase@espressif.com>
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
45122533e0
mbedtls-3 update:
...
1) Fix build issue in mbedtls
2) skip the public headers check in IDF
3)Update Kconfig Macros
4)Remove deprecated config options
5) Update the sha API according to new nomenclature
6) Update mbedtls_rsa_init usage
7) Include mbedtls/build_info.h instead of mbedtls/config.h
8) Dont include check_config.h
9) Add additional error message in esp_blufi_api.h
2022-03-03 01:37:10 +05:30
Aditya Patwardhan
0483bfbbfe
Initial Changes for updating mbedtls to v3.0
2022-03-03 01:37:09 +05:30
Laukik Hase
424c45df91
ci: Fix issues for build stage
...
- Fixed logs expecting different format specifier
- Updated ignore list for check_public_header test
- Updated functions ported from mbedTLS
2022-01-25 10:51:27 +05:30
Laukik Hase
befc93aa2d
mbedtls: Added option MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
...
- Removed code regarding MBEDTLS_DYNAMIC_FREE_PEER_CERT
(config was kept for backward compatibility)
- Combined mbedTLS v2.28.x related options under a separate Kconfig menu
2022-01-25 10:51:27 +05:30