Commit Graph

41 Commits

Author SHA1 Message Date
David Cermak
6b318fe583 esp_tls: Updated connection method to use non-blocking connect
For better control over connection timeouts
To be in line with former tcp_transport, as esp-tls is not used for
plain tcp transports
2021-02-16 09:00:43 +01:00
David Cermak
2c28ffffee tcp_transport/esp_tls: Use common TCP transport to reduce code duplication
For high level review of the changes.
2021-02-16 09:00:43 +01:00
David Cermak
391d7bf271 tcp_transport: Add TCP transport connection errors
Transport's error_handle is used to capture different types of errors
including esp_err_t from esp-tls and socket/system errors.
This change adds the following error codes for TCP transport:
* connection closed by a FIN flag (clean closure from server)
* DNS resolution problem
* connection timeout
These errors are already defined in esp-tls component and since this
component will be used in the future for both TCP and SSL transport, we
currently report these issues in transport::error_handle::esp_tls_last_error
of standard esp error type (esp_err_t)

Closes https://github.com/espressif/esp-mqtt/issues/182
2021-02-16 09:00:43 +01:00
yuanjm
044c3e3e74 Modify esp-tls and tcp_transport to support keep alive for tcp and ssl connection
Closes IDFGH-4543
2021-01-22 06:56:28 +00:00
David Cermak
ce519ee783 tcp_transport: Extend transport error storage for socket error
Everytime we report error and log errno, we also capture the actual
errno to an internal storage so that user application can retrieve
its value.
2020-11-12 12:46:22 +00:00
Aditya Patwardhan
47f7c6a991 esp32s2/esp_ds: Digital Signature software support
1)Added support for alt rsa sign implementation with DS peripheral (
through ESP-TLS - mbedTLS SSL/TLS stack)
2020-09-22 18:31:31 +05:30
Aditya Patwardhan
423e600d46 secure_element: atecc608_ecdsa example
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl

Closes https://github.com/espressif/esp-idf/issues/4432
2020-05-21 13:08:30 +05:30
Mahavir Jain
7a2ea9b7f7 esp-tls: add support for using hardware security module 2020-05-20 22:52:37 +05:30
David Cermak
6182e6f303 tcp_transport: close to return error only for socket error or invalid args
Closes https://github.com/espressif/esp-idf/issues/4872
2020-05-05 15:53:09 +02:00
Vikram Dattu
60dc4285f4 Fixed esp_tls_conn_write documentation.
Return value `0` in actual is case of partial write and not error as per `mbedtls_ssl_write`
Modified documentation of `esp_tls_conn_write` accordingly.

Even `esp_wolfssl_write` API considers just negative returns as errors.

Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
2020-04-01 11:04:09 +00:00
Aditya Patwardhan
874e987a3b esp_tls: change argument pointer type to (void *) for esp_crt_bundle_attach 2020-03-11 15:54:05 +05:30
Marius Vikhammer
947e3e94ed Add ESP certificate bundle feature
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.

Default bundle includes all Mozilla root certificates

Closes IDF-296
2020-03-04 10:51:43 +08:00
Aditya Patwardhan
0a25922043 esp_tls_wolfssl: 1) Fix SNI for wolfSSL
2) Fix error captures
3) Add error flags specific wolfSSL
4) make respective changes to esp_err_to_name.c
2020-02-27 15:20:22 +05:30
Aditya Patwardhan
d35862b662 esp-tls: Add support for https_server using wolfSSL 2020-02-27 15:20:22 +05:30
Angus Gratton
3f532c8895 Merge branch 'bugfix/esp_tls_blocking_timeout' into 'master'
esp-tls: add timeout for blocking connection

See merge request espressif/esp-idf!7316
2020-01-20 09:35:23 +08:00
David Cermak
aa3b1da384 esp_tls: added connection timeout to esp_tls_conn_new_sync() 2020-01-16 07:32:19 +00:00
Aditya Patwardhan
c7418042b4 esp32/esp-tls: provide API to retrieve sockfd value from esp_tls_t 2020-01-16 12:27:44 +05:30
Aditya Patwardhan
988f0c8feb ESP_TLS: Generalizing error messages for esp_tls
:Replace mbedtls specific error messages
2019-10-28 16:05:31 +05:30
Aditya Patwardhan
f7eaa5f946 ESP_TLS: Restructuring esp_tls
1)Segregating mbedtls API into seperate file and cleaned esp_tls.c
2)Added support for wolfssl for CMake and make
3)Added support for debug_wolfssl (with menuconfig option)
4)Added info on wolfssl in ESP-TLS docs
2019-10-28 16:05:22 +05:30
Aditya Patwardhan
9f86f969b2 ESP32/esp-tls: include esp_err.h in esp_tls.h
Closes https://github.com/espressif/esp-idf/issues/4100
2019-10-07 19:47:32 +08:00
David Cermak
f3d6a34e7d esp_tls: enable psk verification mode, added mqtt example using psk authentication 2019-08-07 14:27:40 +10:00
Angus Gratton
7ef5fa8a0a Merge branch 'feature/transport_support_der_certs' into 'master'
tcp transport ssl DER-support

See merge request espressif/esp-idf!5627
2019-08-05 09:52:08 +08:00
David Cermak
25dd5e39af esp-tls: Naming variables refering to certificates and keys in a neutral way to suggest that both PEM and DER format could be used, added comments descibing important details about using these formats 2019-08-02 09:25:16 +02:00
Henning Fleddermann
73624e8560 modify comments on esp_tls_cfg, to clarify that other formats besides PEM (such as DER) might be used as well depending on mbedtls-support
Signed-off-by: David Cermak <cermak@espressif.com>
2019-08-02 09:25:16 +02:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
David Cermak
587739391c esp-tls: extending error handle to contain error descriptors with last mbedtls failure and latest certificate verification result flags, reworked tcp_transport to use this error handle 2019-07-04 20:55:10 +02:00
David Cermak
2972f96982 esp-tls: capturing specific errors to be available in tcp_transport and then in application code 2019-07-04 20:55:10 +02:00
Jitin George
8950f94ec7 esp_tls: Add support for server side SSL/TLS connection
Currently, esp-tls supports creation of SSL/TLS connection on the client side.

This commit includes support for creating SSL/TLS connection on the server side.
2019-06-25 23:43:35 +00:00
Jitin George
d1c6bbf42e esp-tls: Add support to add CN from config and validate PEM buffers 2019-05-17 20:06:44 +05:30
Jitin George
77645472ae esp_tls: fix incorrect closing of fd 0 on connection failure
Closes https://github.com/espressif/esp-idf/issues/3149
2019-04-15 10:59:50 +05:30
Paul Reimer
a1204f8b16 Add esp_tls_init_global_ca_store function to esp-tls, called from esp_tls_set_global_ca_store
Signed-off-by: Chirag Atal <chirag.atal@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/2654
2019-01-14 08:25:56 +00:00
Ivan Grokhotkov
13046e7625 Merge branch 'bugfix/esp-tls-doc' into 'master'
esp-tls: Fix documentaion issue in esp_tls_conn_new_async API

See merge request idf/esp-idf!3545
2018-11-05 12:30:22 +08:00
David Cermak
0cdb33c9dd mqtt: ssl mutual authentication example added per PR from github, corrected cmake build, updated per idf style
Merges https://github.com/espressif/esp-idf/pull/2490
2018-10-30 08:04:09 +01:00
Riccardo Binetti
dec70a7601 esp-tls: add support for mutual SSL authentication
Signed-off-by: David Cermak <cermak@espressif.com>
2018-10-30 08:04:09 +01:00
Jitin George
e37aba0d93 esp-tls: Fix documentaion issue in esp_tls_conn_new_async API
Closes https://github.com/espressif/esp-idf/issues/2576
2018-10-25 09:13:49 +00:00
Chirag Atal
b7cca3c414 Feature: Support for global CA store.
Added a new API esp_tls_set_global_ca_store(esp_tls_cfg_t *cfg) which creates a global_cacert which can be used by multiple connections by setting the use_global_ca_store variable to true in their respective structure of esp_tls_cfg_t. Also changed the cacert in the structure of esp_tls_t to a pointer.
2018-10-05 19:35:57 +05:30
Jitin George
1be97fad09 esp-tls: Add support for non blocking connect 2018-09-24 05:42:28 +00:00
Jitin George
7b56ae319d esp-tls: Add support for network timeout 2018-08-21 09:07:07 +00:00
Jitin George
d57495cb1c esp-tls: Fix HTTP2 failure
Closes https://github.com/espressif/esp-idf/issues/1874
2018-04-20 16:59:36 +05:30
Jitin George
b09c3e9878 mbedtls integration in esp-tls 2018-04-06 17:16:27 +05:30
Jitin George
30b50cbfb3 esp-tls header file name change 2018-04-06 17:16:27 +05:30