Marius Vikhammer
7fc7c49e5d
crypto: allocate all DMA descriptors to DMA capable memory.
...
These were previously placed on the stack, but the stack could be placed in
RTC RAM which is not DMA capable.
2021-12-08 12:09:01 +08:00
Mahavir Jain
8fadcd844e
Merge branch 'feature/mbedtls_dynamic_memory' into 'master'
...
feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost
Closes IDF-4402
See merge request espressif/esp-idf!15323
2021-12-03 04:55:01 +00:00
Li Jingyi
981ef057c4
feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost
2021-12-01 17:15:25 +08:00
Tomas Rezucha
ebaca79557
other: Move cbor, jsmn and libsodium to idf-component-manager
...
Marginal components are being carved out from esp-idf and moved to
https://github.com/espressif/idf-extra-components .
They are distributed via idf-component-manager, see
https://components.espressif.com .
2021-11-30 21:44:48 +01:00
Mahavir Jain
92b1ea2199
Merge branch 'bugfix/hardware_mpi_fallback_issue' into 'master'
...
mbedtls: fix hardware MPI (bignum) related regression
See merge request espressif/esp-idf!15854
2021-11-29 11:19:51 +00:00
Mahavir Jain
12fee76695
esp_bignum: move check for supported MPI bits at start of API
...
This can allow hardware MPI API to return as soon as it identifies
that it can handle require bitlength operation.
2021-11-29 15:13:05 +08:00
Mahavir Jain
5d9392d999
mbedtls: update mbedtls submodule pointer for MPI API change
2021-11-29 15:13:05 +08:00
Mahavir Jain
c097e6bcab
mbedtls: fix hardware MPI (bignum) related regression
...
In commit de22f3a4e5
, combination of
hardware and software MPI (bignum) related approach was used to
work around chip (e.g. ESP32-C3) limitation of max 3072 bits support.
This was done using linker "--wrap" flag but since the relevant API is
being used in same translation (compilation unit), hardware mode was not
getting used in some cases (e.g., RSA key generation).
This commit modified internal mbedTLS API and makes software+hardware
combination deterministic.
2021-11-29 15:13:05 +08:00
Mahavir Jain
1a390f4518
mbedtls: update kconfig help to correct on supported MPI bits
2021-11-29 15:13:02 +08:00
Cao Sen Miao
eddc196081
esp_clk: refactor target/clk.h to private/esp_clk.h
2021-11-26 14:56:30 +08:00
Roland Dobai
766aa57084
Build & config: Remove leftover files from the unsupported "make" build system
2021-11-11 15:32:36 +01:00
morris
16677b0d3c
global: make periph enable/disable APIs private
...
peripheral enable/disable usually should be managed by driver itself,
so make it as espressif private APIs, not recommended for user to use it
in application code.
However, if user want to re-write the driver or ports to other platform,
this is still possible by including the header in this way:
"esp_private/peripheral_ctrl.h"
2021-11-08 10:37:47 +08:00
Cao Sen Miao
5add6593f4
ESP8684: Add esp_gdbstub, mbedtls, esp_timer
2021-11-06 17:33:45 +08:00
Marius Vikhammer
f578a67ec7
Merge branch 'bugfix/aes_gcm_unaligned_psram' into 'master'
...
aes: fix potential unaligned access in aes-gcm
Closes IDFGH-5506
See merge request espressif/esp-idf!15668
2021-11-04 02:23:57 +00:00
Marius Vikhammer
1cb07a1288
aes: fix potential unaligned access in aes-gcm
2021-11-03 14:10:11 +08:00
Mahavir Jain
f7ed95349f
mbedtls: fix dynamic buffer feature build
2021-11-02 15:52:09 +08:00
Mahavir Jain
8c9a3da695
mbedtls: disable Diffie-Hellman key exchange modes by default
...
Using these ciphers can constitute a security risk if the server
uses a weak prime for the key exchange.
Footprint impact:
Roughly 3K saved in text+rodata in default https_request example
2021-11-02 15:52:09 +08:00
Aditya Patwardhan
2d1f18efea
Updated the cacrt_all.pem file with latest Root certificate list.
2021-10-17 00:01:37 +08:00
Victor Morales
4e45f13e2d
esp_crt_bundle: remove EC-ACC certificate
...
Fixes bug #7631
2021-10-01 14:18:46 -07:00
Sachin Billore
667017d517
ESP32S3 support for ESP-MQTT SSL Mutual Authentication with Digital Signature
...
Closes IDF-3859
2021-09-06 11:17:30 +05:30
Marius Vikhammer
63280dfec0
aes/sha: fixed driver reseting the wrong GDMA channel
...
Driver was using the channel ID from tx when reseting rx.
But since rx and tx is not necessarily from the same pair this could lead
to the driver reseting the wrong DMA channel.
2021-08-30 10:37:03 +08:00
Marius Vikhammer
bf21cf0c99
aes/sha: change gdma transfer ability for sram to be 1 byte aligned
...
Previously GDMA transfer ability was set to 4 bytes, but buffers might
be not fulfill these requirements
2021-08-05 11:02:17 +08:00
Li Jingyi
b8892137f5
mbedtls: Add CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1 for support GMSSL component
...
The configure will be enabled for GMSSL component and disabled as default because of it doesn't provide by IDF project.
2021-07-28 19:54:58 +08:00
Michael (XIAO Xufeng)
59195b6fb3
Merge branch 'bugfix/update_gdma_soc' into 'master'
...
gdma: alignment setting for PSRAM transfer
Closes IDF-1524
See merge request espressif/esp-idf!13976
2021-07-17 14:04:03 +00:00
Renz Bagaporo
7c22cccb9c
esp32: cleanup build script
2021-07-16 20:14:27 +08:00
Renz Bagaporo
452bfda367
esp32: move dport_access
2021-07-16 20:14:26 +08:00
Renz Bagaporo
702e41e1c8
esp32s2: move crypto related functions
2021-07-16 20:14:26 +08:00
morris
d9819bc7ae
gdma: set transfer ability
2021-07-16 14:47:09 +08:00
morris
3176ba11d8
gdma: update DMA soc data for esp32-s3
2021-07-16 14:47:09 +08:00
Mahavir Jain
4c41a5bbd0
Merge branch 'feature/upgrade_mbedtls_to_v2.16.11' into 'master'
...
mbedtls: upgrade to release v2.16.11
Closes IDF-3429
See merge request espressif/esp-idf!14294
2021-07-13 08:12:46 +00:00
Mahavir Jain
ea3c901874
mbedtls: fix crt_bundle test to ensure proper server start event
...
This fixes occasional test failure that was observed due to
client task getting started before server was up.
2021-07-13 13:20:16 +08:00
Mahavir Jain
3be3d5fff2
mbedtls: upgrade to release v2.16.11
...
For detailed release notes please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11
2021-07-13 13:20:16 +08:00
Kapil Gupta
38d6772507
mbedtls: Add config option key element and key element ext
2021-07-08 09:23:22 +05:30
Shu Chen
6fce2930d0
esp32h2: enable more components to support esp32h2
...
Involved components:
* app_trace
* esp-tls
* esp_adc_cal
* esp_pm
* esp_serial_slave_link
* esp_timer
* freertos
* idf_test
* log
* mbedtls
* newlib
* perfmon
* spi_flash
* spiffs
* ulp
* unity
* vfs
2021-07-01 19:53:11 +08:00
Anton Maklakov
b9587c28cc
Merge branch 'ci/change_perf_key' into 'master'
...
ci: update performance test key to db compatible format
See merge request espressif/esp-idf!13993
2021-06-25 03:20:32 +00:00
Fu Hanxi
cb46558c30
ci: update performance test key to db compatible format
2021-06-21 14:17:45 +08:00
Aditya Patwardhan
e44bd93cc9
i) wpa_supplicant: Force enable the necessary options for mbedtls in the wpa_supplicant to fix illegal combinations in mbedtls
...
ii) Fix dependancy for one option in mbedtls menuconfig
2021-06-20 08:39:51 +05:30
Marius Vikhammer
79b5dedeb1
CI: minor testcases fixes and disable some cases that cant run on S3
2021-06-15 13:39:48 +08:00
Marius Vikhammer
4786f2d88a
aes/sha/rsa: update registers for ESP32-S3
...
Updates register headers for ESP32-S3 and default
crypto accelerators for S3 to enabled
2021-06-08 14:15:18 +08:00
Marius Vikhammer
19a492bc8d
soc: add base support for ESP32-S3
...
Updates the following with changes from verification branches:
* esp_rom linker files
* rtc_cntl and system reg and struct headers
Also updates:
* GDMA driver with new register layout
* esptool submodule commit
2021-06-07 10:40:14 +08:00
Michael (XIAO Xufeng)
d6680b689b
Merge branch 'feature/s3beta3_crypto_bringup' into 'master'
...
crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc
Closes IDF-3004
See merge request espressif/esp-idf!12960
2021-05-19 11:22:05 +00:00
Angus Gratton
9f149a647d
Merge branch 'bugfix/fix_mbedtls_cmake_warning' into 'master'
...
mbedtls: fixed CMake build warning
Closes IDFGH-4975
See merge request espressif/esp-idf!13568
2021-05-19 00:43:50 +00:00
Marius Vikhammer
9b4ba3d707
crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc
2021-05-18 11:25:41 +08:00
Marcel Kottmann
cf4b9ef854
mbedtls: Allow external mem alloc for ESP32-S2
...
Closes https://github.com/espressif/esp-idf/pull/6998
Closes IDFGH-5226
2021-05-17 10:43:42 +00:00
Marius Vikhammer
01664923f6
mbedtls: fixed CMake build warning
...
Building mbedtls with CMake would warn that:
"A private source from a directory other than that of target "mbedcrypto
has a relative path"
This happened due to some of the CMake variables listing sources could be empty.
Changed to only use target_sources in the code-path where we set the sources,
so we only call target_sources will non-empty variables.
Closes https://github.com/espressif/esp-idf/issues/6767
2021-05-17 17:15:38 +08:00
kapil.gupta
ad7cb5f5c1
wpa_supplicant: Write Crypto API based on mbedtls
...
This commit add following crypto changes
1. Update current crypto code with upstream supplicant code
2. Add a proper porting layer to use mbedtls APIs for all the crypto
operations used by supplicant.
Internal crypto will be used when USE_MBEDLTS flag is disabled
in supplicant's menuconfig.
This commit also removes the clutter in crypto files due to partial
porting of some APIs to mbedtls, all the code from those files have
been removed and rewritten in a generic way, this is inspired from
current upstream code.
This also reduces the lib size significantly, supplicant's lib
size reduces around ~567kb after this change(NB: lib size doesn't
indicate reduction in final bin size).
2021-05-04 10:54:57 +00:00
yuanjm
93604b1a11
mbedtls: Fix mbedtls_ssl_send_alert_message crash due to ssl->out_iv is NULL
2021-04-22 09:33:59 +00:00
liuhan
e87c64dc44
mbedtls: Add CONFIG_MBEDTLS_ROM_MD5 to use ROM MD5 in mbedTLS
2021-04-14 06:42:13 +00:00
Marius Vikhammer
fe71a8e340
aes/sha: use a shared lazy allocated GDMA channel for AES and SHA
...
Removed the old dynamically allocated GDMA channel approach.
It proved too unreliable as we couldn't not ensure consumers of the mbedtls
would properly free the channels after use.
Replaced by a single shared GDMA channel for AES and SHA, which won't be
released unless user specifically calls API for releasing it.
2021-03-09 09:23:05 +08:00
Angus Gratton
3ddfe1e8ac
Merge branch 'bugfix/asserts_disabled' into 'master'
...
core: Fix assert path embedding, warnings when asserts are disabled
Closes IDFGH-4477
See merge request espressif/esp-idf!12371
2021-03-03 08:20:54 +00:00
Angus Gratton
d6f4d99d93
core system: Fix warnings in compilation when assertions are disabled
...
Adds a CI config for hello world that sets this, to catch future regressions
2021-03-03 10:26:57 +11:00
KonstantinKondrashov
f3dd0a37c7
mbedtls: Fix rsa test
2021-03-02 03:18:58 +08:00
Aditya Patwardhan
bf513b6f31
Fix esp_tls: Prevent freeing of global ca store after each connection
...
when dynamic ssl buffers are enabled
2021-02-25 00:26:13 +00:00
Angus Gratton
89b6baf2b8
mbedtls tests: Add optional debug log output to AES stream tests
2021-02-12 04:08:12 +00:00
Angus Gratton
e7563fe704
mbedtls aes dma: Fix bug where DMA would complete when the first output descriptor was done, not the last
2021-02-12 04:08:12 +00:00
Marius Vikhammer
04df1f3a42
CI: enable example builds for C3
...
Enables building C3 examples in CI.
Fixes related warnings/errors and disables examples that cannot run.
2021-02-09 12:04:02 +08:00
ChenJianxing
243417c48c
temporarily disable hardware encryption for esp32s3
2021-01-28 21:05:51 +08:00
Fu Hanxi
0146f258d7
style: format python files with isort and double-quote-string-fixer
2021-01-26 10:49:01 +08:00
Aditya Patwardhan
79c23a1886
esp32c3/Digital Signature: mbedtls integration through ESP-TLS
2021-01-22 11:54:16 +05:30
Jiang Jiang Jian
ea79091725
Merge branch 'bugfix/esp32c3_wpa4096_cert_support' into 'master'
...
MbedTLS: Add software fallback for Modular Exponentiation for larger bignum operations
Closes WIFI-3257 and IDFGH-132
See merge request espressif/esp-idf!11928
2021-01-21 12:45:19 +08:00
Marius Vikhammer
51169b0e0c
AES/SHA: use GDMA driver instead of LL
2021-01-19 11:02:51 +08:00
kapil.gupta
de22f3a4e5
MbedTLS: Add software fallback implementation for exp mod
...
Add configuration option to fallback to software implementation
for exponential mod incase of hardware is not supporting it
for larger MPI value.
Usecase:
ESP32C3 only supports till RSA3072 in hardware. This config option
will help to support 4k certificates for WPA enterprise connection.
2021-01-18 18:47:51 +05:30
morris
753a929525
global: fix sign-compare warnings
2021-01-12 14:05:08 +08:00
Marius Vikhammer
9c8e4fd4c5
C3: build and run unit tests
...
Enable building and running of unit tests in CI for C3 as well as fix
related compile errors
Also enables building of C3 test apps
2021-01-11 11:34:37 +08:00
Angus Gratton
795e69b570
mbedtls: Expand KConfig documentation for MBEDTLS_HAVE_TIME_DATE
...
Original comments were copied from mbedtls config.h, so not
directly applicable to ESP-IDF.
As reported https://esp32.com/viewtopic.php?f=13&t=18817&p=69772#p69772
2021-01-04 10:45:01 +11:00
Marius Vikhammer
1b6891c5d8
mbedtls: merge changes from C3
2020-12-29 10:56:13 +08:00
Marius Vikhammer
0a95151a75
unit_test: Refactor all performance tests that rely on cache compensated timer
...
There is no ccomp timer on C3, which means our performance tests will start
failing again due to variance caused by cache misses.
This MR adds TEST_PERFORMANCE_CCOMP_ macro that will only fail
performance test if CCOMP timer is supported on the target
2020-12-22 18:56:24 +11:00
Mahavir Jain
b85c534130
mbedtls: upgrade to v2.16.9 release
...
For details release notes please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9
2020-12-17 14:15:41 +05:30
Marius Vikhammer
457ce080ae
AES: refactor and add HAL layer
...
Refactor the AES driver and add HAL, LL and caps.
Add better support for running AES-GCM fully in hardware.
2020-12-10 09:04:47 +00:00
Marius Vikhammer
7e0f362149
esp_crt_bundle: add additional unit tests
...
Add unit test for:
* Trusted certificate with weak hash algorithm signature
* Certificate with wrong signature
Merges https://github.com/espressif/esp-idf/pull/6117
2020-12-08 10:11:31 +08:00
Jeff Epler
a79cb9f8cd
esp_crt_bundle: Allow verify_callback to correct BADCERT_BAD_MD
2020-12-03 14:53:53 +08:00
Angus Gratton
5228d9f9ce
esp32c3: Apply one-liner/small changes for ESP32-C3
2020-12-01 10:58:50 +11:00
Angus Gratton
d6bdd1cb32
Merge branch 'bugfix/small_cleanups' into 'master'
...
Small cleanups
See merge request espressif/esp-idf!11141
2020-11-23 17:23:53 +08:00
Dong Heng
1c9592efc4
fix(mbedtls): fix mbedtls dynamic resource memory leaks and RSA cert drop earlier
...
RX process caches the session information in "ssl->in_ctr" not in "ssl->in_buf".
So when freeing the SSL, can't free the "ssl->in_ctr", because the "ssl->in_buf"
is empty.
Make the RX process like TX process, and cache the session information in
"ssl->in_buf", so that the cache buffer can be freed when freeing the SSL.
Closes https://github.com/espressif/esp-idf/issues/6104
2020-11-19 07:31:50 +00:00
Marius Vikhammer
09e1d104ba
SHA: fix dma lldesc going out of scope issue
...
DMA process didnt wait for idle before returning.
This meant that there was a potential for the dma
descriptors which were on the stack to be reclaimed
before the DMA operation finished.
2020-11-18 06:04:31 +00:00
Angus Gratton
b798158b4c
mbedtls: Avoid malloc in esp_sha() function
2020-11-17 22:51:32 +00:00
Angus Gratton
a4fb6c0173
mbedtls: Add missing sha_caps includes
2020-11-17 22:51:07 +00:00
Marius Vikhammer
488f46acf5
SHA/RSA: moved all caps to soc_caps.h
2020-11-12 02:15:46 +00:00
Angus Gratton
66fb5a29bb
Whitespace: Automated whitespace fixes (large commit)
...
Apply the pre-commit hook whitespace fixes to all files in the repo.
(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
Konstantin Kondrashov
9386cafbc3
time: Fix gettimeofday for ESP32-S3
2020-10-20 14:09:32 +08:00
Marius Vikhammer
949fb8e63a
SHA: add HAL layer and refactor driver
...
Add a LL and HAL layer for SHA.
2020-10-09 08:24:08 +00:00
David Čermák
28d2b7a9b3
Merge branch 'bugfix/esp_netif_non_lwip' into 'master'
...
esp-netif: Enable use of the ESP-IDF with a non-LWIP (and non-BSD-style) IP stack.
Closes IDFGH-3971
See merge request espressif/esp-idf!10472
2020-10-05 16:16:11 +08:00
Angus Gratton
1eefe6494c
Merge branch 'feature/rsa_caps' into 'master'
...
RSA: add max RSA bit len as a soc caps
See merge request espressif/esp-idf!10594
2020-10-05 12:56:28 +08:00
Aditya Patwardhan
db3cbf91f9
mbedtls: Fixed target library linking when using the DS peripheral
2020-09-28 12:58:54 +05:30
Renz Bagaporo
6462f9bfe1
esp32, esp32s2: create esp_pm component
2020-09-25 05:24:10 +00:00
Marius Vikhammer
3c14900a95
RSA: add max RSA bit len as a soc caps
2020-09-24 16:52:50 +08:00
Mahavir Jain
4a3b5b73a8
Merge branch 'feature/esp_ds_sw_support' into 'master'
...
Added support for RSA sign using DS peripheral (only for ESP32-S2)
Closes IDF-1626
See merge request espressif/esp-idf!9477
2020-09-23 20:39:04 +08:00
Aditya Patwardhan
47f7c6a991
esp32s2/esp_ds: Digital Signature software support
...
1)Added support for alt rsa sign implementation with DS peripheral (
through ESP-TLS - mbedTLS SSL/TLS stack)
2020-09-22 18:31:31 +05:30
Marius Vikhammer
bff0016eb8
crypto accelerator support on esp32s3
...
SHA: passing unit tests
RSA: pass tests
AES: tests passing
2020-09-22 15:15:03 +08:00
morris
61f89b97c6
bringup esp32-s3 on FPGA
2020-09-22 15:15:03 +08:00
cnlohr
507c08251e
esp_netif: Enable use of the ESP-IDF with a non-LWIP (and non-BSD-style) IP stack.
...
Note: besides the esp-netif component, this commit also disables
net_sockets.c from mbedtls, which is one of the base components and uses BSD API (not specifically lwIP). This might be refactored to use CONFIG_SUPPORT_BSD_API instead of CONFIG_ESP_NETIF_TCPIP_LWIP
in the future.
It also disables smartconfig_ack.c and wifi_init.c from esp_wifi
component for referencing some lwIP config options (smartconfig_ack.c changes might be also
updated to check CONFIG_SUPPORT_BSD_API)
Merges https://github.com/espressif/esp-idf/pull/5856
2020-09-18 15:10:55 +02:00
Jakob Hasse
20c068ef3b
cmock: added cmock as component
...
* changing dependencies from unity->cmock
* added component.mk and Makefile.projbuild
* ignore test dir in gen_esp_err_to_name.py
* added some brief introduction of CMock in IDF
2020-09-02 16:38:37 +08:00
Michal Vácha
e4820fc447
Fixed TLS 1.1 still being enables even if disabled via config.
...
Fixed MBEDTLS_SSL_PROTO_TLS1_1 still being defined even ifCONFIG_MBEDTLS_SSL_PROTO_TLS1_1 is not
Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
Merges https://github.com/espressif/esp-idf/pull/5675
2020-08-05 03:38:51 +00:00
Angus Gratton
75402afcae
Merge branch 'feature/esp32s3_clk_memory_layout' into 'master'
...
esp32s3: memory layout
See merge request espressif/esp-idf!9753
2020-07-29 13:48:25 +08:00
morris
2917651478
esp_rom: extract common ets apis into esp_rom_sys.h
2020-07-27 15:27:01 +08:00
morris
19761e3113
esp32s3: clk, memory layout
2020-07-27 13:05:22 +08:00
Angus Gratton
a62689a351
Merge branch 'bugfix/mbedtls_mpi_exp_mod' into 'master'
...
mbedtls: Fix a case for mpi_montgomery_exp_calc() when Z is not init
Closes IDF-1870
See merge request espressif/esp-idf!9496
2020-07-24 00:02:13 +08:00
Mahavir Jain
603e0883a1
mbedtls: update to mbedtls release v2.16.7
...
For detailed release notes, please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.7
2020-07-20 15:50:20 +05:30
KonstantinKondrashov
11844a54f4
mbedtls: Fix a case for mpi_montgomery_exp_calc() when Z is not init
...
Closes: IDF-1870
2020-07-13 22:46:05 +08:00
Angus Gratton
22d9ff5b05
Merge branch 'feature/block_sha_fallback' into 'master'
...
esp32s2 SHA: fallback to hashing block by block for non DMA memory
Closes IDF-1529
See merge request espressif/esp-idf!8293
2020-06-25 09:30:39 +08:00
Marius Vikhammer
b75edc84e3
esp32s2 SHA: fallback to hashing block by block for non DMA memory
...
Also adds unit test for SHA with input buffer in flash
Closes IDF-1529
2020-06-10 15:09:20 +08:00
Marius Vikhammer
c343323863
Fixes issues with gen_crt_bundle.py for unicode chars
...
gen_crt_bundle.py could fail to parse the certificates if it contained a non-ascii character.
2020-06-08 18:27:03 +08:00
Angus Gratton
33bfe2393a
Merge branch 'bugfix/wpa_supplicant_no_hw_mpi' into 'master'
...
wpa_supplicant: Allow building with mbedTLS integration but no hardware MPI
Closes IDFGH-3344
See merge request espressif/esp-idf!8822
2020-06-01 14:48:06 +08:00
Angus Gratton
59f29cbca8
Merge branch 'feature/allow_rtc_memory_for_task_stacks' into 'master'
...
Add RTC Fast Memory to Dynamic Memory Pool
See merge request espressif/esp-idf!8390
2020-05-29 14:07:01 +08:00
Angus Gratton
94f5129bf8
mbedtls: Don't compile hardware MPI & SHA files if disabled in config
...
Fixes bug where hardware accelerated mbedtls_mpi API was always used, even when
disabled in config.
2020-05-26 03:37:46 +00:00
Ivan Grokhotkov
a2d7e8cbba
Merge branch 'bugfix/crt_bundle_no_config_file' into 'master'
...
esp_crt_bundle: fixes the "No CA Chain is set" error
See merge request espressif/esp-idf!8851
2020-05-22 09:34:32 +08:00
Aditya Patwardhan
423e600d46
secure_element: atecc608_ecdsa example
...
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl
Closes https://github.com/espressif/esp-idf/issues/4432
2020-05-21 13:08:30 +05:30
Marius Vikhammer
f72d259622
esp_crt_bundle: fixes the "No CA Chain is set" error
...
When compiling esp_crt_bundle.c, it would end up with a different struct layout due
to configuration options from "mbedtls/esp_config.h" not being considered.
This lead to ca_chain potentially not being set correctly.
2020-05-21 15:19:49 +08:00
Bryan Hunt
4553f6c95d
Add cryptoauthlib as a component with mbedtls integration
...
* Add options to mbedtls for hardware acceleration
* Disable mbedtls EC curves if hardware acceleration is selected
since the hardware will have to define the curves supported
* Add a hardware ecdsa example
2020-05-20 22:52:37 +05:30
Angus Gratton
0927ec029e
wpa_supplicant: Allow building with mbedTLS integration but no hardware MPI
...
Also disable the relevant function in bignum.h based on config, so fails at
compile not link time.
Closes https://github.com/espressif/esp-idf/issues/5321
2020-05-20 12:06:07 +10:00
Mahavir Jain
be3b6b7cb8
Merge branch 'feature/mbedtls_dynamic_memory' into 'master'
...
feat(mbedtls): add dynamic buffer and local resource managment to decrease SSL heap cost
See merge request espressif/esp-idf!8313
2020-05-18 13:55:05 +08:00
Shubham Kulkarni
ca3daa50de
mbedtls: Add configuration options
2020-05-15 11:27:44 +05:30
Mahavir Jain
0d208aabab
mbedtls: esp32s2: check and reallocate output buffer if its from non-DMA range
...
Earlier check was for only input buffer but it is quite likely to have
output buffer also from non-DMA memory range and hence requirement to
reallocate and then copy data from AES engine.
2020-05-14 13:12:26 +00:00
Dong Heng
3d57bf30a2
feat(mbedtls): add dynamic buffer and local resource managment to decrease SSL heap cost
2020-05-14 11:45:09 +00:00
Piyush Shah
43b3def711
mbedtls_hkdf: Add a config option to enable HKDF
2020-05-11 11:49:14 +05:30
Piyush Shah
62e1d6712b
mbedtls: Add config options for chacha20, poly1305 and chachapoly
2020-05-05 16:41:31 +00:00
Angus Gratton
433c1c9ee1
Merge branch 'bugfix/ds_mpi_lock' into 'master'
...
crypto: DS uses RSA peripheral, added shared lock
See merge request espressif/esp-idf!8274
2020-04-15 15:15:25 +08:00
kangping
4883010f40
mbedtls: add configuration options for EC-JPAKE
...
Closes https://github.com/espressif/esp-idf/pull/5106
2020-04-14 12:22:16 +00:00
Marius Vikhammer
71ab83cdfb
aes: increase timeout for "mbedtls AES performance" test
...
Timeout increased to 60 sec from default 30 sec.
Test would occasionally timeout on S2 due to cache misses.
2020-04-10 15:49:40 +08:00
Marius Vikhammer
a2a204c2b9
crypto: DS uses RSA peripheral, added shared lock
2020-04-09 11:11:04 +00:00
Ivan Grokhotkov
8bf18d868a
Merge branch 'bugfix/crt_bundle_mem_leak' into 'master'
...
cert bundle: Fix memory leak during cert verification
Closes IDFGH-2950
See merge request espressif/esp-idf!8117
2020-04-09 05:41:41 +08:00
Angus Gratton
2bdf22b25d
Merge branch 'bugfix/sha_alloc_fallback' into 'master'
...
sha: add fallback for when memory alloc fails
See merge request espressif/esp-idf!8177
2020-04-08 14:15:52 +08:00
Marius Vikhammer
832599718d
cert bundle: add server_root.pem incase bundle needs to be regenerated
2020-04-07 18:51:26 +08:00
Marius Vikhammer
9ccc5e6d84
cert bundle: Fix memory leak during cert verification
...
Also refactors the unit tests and fixes the test case, as it was giving false positives.
Closes IDFGH-2950
Closes https://github.com/espressif/esp-idf/issues/4983
2020-04-07 18:50:30 +08:00
Marius Vikhammer
1863a8ce82
sha: add fallback for when memory alloc fails
2020-04-01 02:07:44 +00:00
Marius Vikhammer
d1d91ec3dd
crypto tests: fix mallocs that were missing MALLOC_CAP_8BIT
...
Tests had the potential to fail they got non byte-accessible memory allocated.
2020-03-30 10:40:59 +07:00
Marius Vikhammer
32f16e8c30
crypto tests: fix mallocs that were missing MALLOC_CAP_8BIT
...
Tests had the potential to fail they got non byte-accessible memory allocated.
2020-03-30 11:12:20 +08:00
Jeroen Domburg
419848549e
Add fixes for gcc8 psram fix improvement
2020-03-27 20:04:47 +07:00
Jakob Hasse
ea47bbb118
HMAC: adding upstream message support
2020-03-26 19:00:27 +08:00
Angus Gratton
62426a6c90
Merge branch 'refactor/use_new_component_registration_functions' into 'master'
...
CMake: Use new component registration function
See merge request espressif/esp-idf!8068
2020-03-25 08:02:42 +08:00
Marius Vikhammer
32fd9d6c63
s2 crypto: update perf test to use cache comp timer
...
Updated S2 hardware accelerated crypto to use the cache compensated timer.
Re-enabled RSA performance test and set lower targets now that results are more stable
Closes: IDF-1174
2020-03-23 11:30:55 +08:00
Renz Bagaporo
3d0967a58a
test: declare requirements and include dirs private
2020-03-23 10:58:50 +08:00
Ivan Grokhotkov
6330b3345e
Merge branch 'bugfix/disable_rsa_perf_test' into 'master'
...
rsa: ignore performance test in CI
See merge request espressif/esp-idf!8026
2020-03-20 15:09:15 +08:00
Marius Vikhammer
2f5e4601ef
rsa: ignore performance test in CI
...
Even with a static key the performance vary a lot between different builds.
2020-03-19 14:16:39 +08:00
Marius Vikhammer
ffb9010cbe
aes: Fixed tag sometime being wrong for HW GCM
...
The GCM hardware accelerated algorithm for S2 would sometimes output
the wrong tag.
Added additional tests for AES and GCM
Re-enable HW GCM as default option
2020-03-18 08:44:38 +08:00
Angus Gratton
9c430a17aa
Merge branch 'feature/mpi_accel_s2' into 'master'
...
MPI/RSA accelerator bringup for S2 and bignum refactor
Closes IDF-803 and IDF-1174
See merge request espressif/esp-idf!7915
2020-03-17 13:16:05 +08:00
Marius Vikhammer
7e824508a9
mpi: refactor bignum into common and hw specific components
...
Closes IDF-1174
2020-03-16 19:44:30 +08:00
Marius Vikhammer
16b6a7a903
s2 sha hw: Fix bug where alloc would fail if input were of len 0
2020-03-16 19:29:59 +08:00
Marius Vikhammer
e21bef3f28
mpi: active hw accel for S2
...
Actives MPI/RSA hardware acceleratio for ESP32 S2.
Closes IDF-803
2020-03-13 18:33:18 +08:00
Ivan Grokhotkov
64ceab0069
Merge branch 'feature/aes_sha_accel_s2' into 'master'
...
crypto: SHA and AES accelerator bring up for S2
Closes IDF-1443, IDF-714, and IDF-716
See merge request espressif/esp-idf!7825
2020-03-13 18:21:09 +08:00
Mahavir Jain
453b65a608
Merge branch 'feature/upgrade_mbedtls_to_v2.16.4' into 'master'
...
mbedtls: upgrade to release v2.16.5
Closes IDFGH-2638
See merge request espressif/esp-idf!7607
2020-03-12 18:08:33 +08:00
Marius Vikhammer
3351376a11
AES: optimize AES-GCM
...
HW acceleration for GCM is now enabled by default
Closes IDF-1443
2020-03-12 10:20:24 +08:00
Aditya Patwardhan
874e987a3b
esp_tls: change argument pointer type to (void *) for esp_crt_bundle_attach
2020-03-11 15:54:05 +05:30
Marius Vikhammer
37369a8a57
crypto: SHA and AES accelerator bring up for S2
...
Brings up, fixes and enables AES and SHA hardware acceleration.
Closes IDF-714
Closes IDF-716
2020-03-11 15:09:45 +08:00
Mahavir Jain
02d2903e39
mbedtls: upgrade to release v2.16.5
...
For detailed release notes please refer to:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released
Closes: IDFGH-2638
Closes: https://github.com/espressif/esp-idf/issues/4716
2020-03-11 05:17:33 +00:00
Angus Gratton
f393938c22
Merge branch 'bugfix/remove_esp32s2_esp_intr_header' into 'master'
...
esp32s2: remove esp_intr.h header
See merge request espressif/esp-idf!7883
2020-03-06 14:30:28 +08:00
Renz Bagaporo
71c02394e5
esp32s2: remove esp_intr.h header
2020-03-05 16:15:59 +08:00
Marius Vikhammer
947e3e94ed
Add ESP certificate bundle feature
...
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.
Default bundle includes all Mozilla root certificates
Closes IDF-296
2020-03-04 10:51:43 +08:00
Sachin Parekh
301dacfb33
Exception handlers for LoadStoreError and LoadStoreAlignmentError
...
Configurable option to use IRAM as byte accessible memory (in single core mode) using
load-store (non-word aligned and non-word size IRAM access specific) exception handlers.
This allows to use IRAM for use-cases where certain performance penalty
(upto 170 cpu cycles per load or store operation) is acceptable. Additional configuration
option has been provided to redirect mbedTLS specific in-out content length buffers to
IRAM (in single core mode), allows to save 20KB per TLS connection.
2020-02-26 20:21:59 +08:00
michael
2529eda907
ci: disable failed cases for s2 temporarily
2020-02-15 18:28:25 +08:00