Commit Graph

405 Commits

Author SHA1 Message Date
Laukik Hase
8bf7882e84 mbedtls: Moved mbedtls_mpi_mul_int to port layer 2022-01-25 10:51:27 +05:30
Laukik Hase
285790e5aa mbedtls: Added config options for v2.28.0 upgrade 2022-01-25 10:51:27 +05:30
Laukik Hase
547d5f84b8 mbedtls: Upgrade to v2.28.0 2022-01-25 10:51:27 +05:30
laokaiyao
cf049e15ed esp8684: rename target to esp32c2 2022-01-19 11:08:57 +08:00
Marius Vikhammer
6566c1f394 Merge branch 'bugfix/rsa_gen_key_test' into 'master'
mpi: reduce RSA generate key test key size

See merge request espressif/esp-idf!16837
2022-01-18 08:53:15 +00:00
Marius Vikhammer
b9415373d3 mpi: reduce RSA generate key test key size
Reduce key size to make the test run faster in CI, reduce the chance of timeouts.
2022-01-18 10:06:38 +08:00
Marius Vikhammer
ef3724411e AES: improve AES-GCM test coverage. 2022-01-14 10:55:06 +08:00
Mahavir Jain
397639da7d Merge branch 'feature/rsa_intr' into 'master'
MPI: add kconfig option for doing intr-based exp-mod operations

Closes IDF-4389

See merge request espressif/esp-idf!16558
2022-01-07 13:27:53 +00:00
Marius Vikhammer
ba3f12a9fe rsa: add generate RSA keys test case 2022-01-07 11:35:35 +08:00
Marius Vikhammer
a9a7160cb6 MPI: add kconfig option for doing intr-based exp-mod operations 2021-12-29 18:55:48 +08:00
Sudeep Mohanty
e22b4007d3 esp_hw_support: Removed deprecated CPU util functions
The following files were deleted:
- components/esp_hw_support/include/soc/cpu.h
- components/soc/esp32s3/include/soc/cpu.h

The following functions are deprecated:
- get_sp()

The following functions declared in soc/cpu.h are now moved to esp_cpu.h:
- esp_cpu_configure_region_protection()

The following functions declared in soc/cpu.h are now moved to components/xtensa/include/esp_cpu_utils.h:
- esp_cpu_process_stack_pc()

All files with soc/cpu.h inclusion are updated to include esp_cpu.h instead.

Signed-off-by: Sudeep Mohanty <sudeep.mohanty@espressif.com>
2021-12-28 16:58:37 +05:30
Mahavir Jain
1f435b4703 Merge branch 'feature/mbedtls_dynamic_memory' into 'master'
fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable...

Closes IDFGH-6437

See merge request espressif/esp-idf!16471
2021-12-22 08:19:14 +00:00
Li Jingyi
2b1402890d fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable MBEDTLS_SSL_PROTO_DTLS when open MBEDTLS_DYNAMIC_BUFFER 2021-12-21 16:11:03 +08:00
Mahavir Jain
36c712368d mbedtls: upgrade to release v2.16.12
For release notes, please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12
2021-12-20 10:28:14 +05:30
Mahavir Jain
bcadeeb7d3 mbedtls: small documentation update 2021-12-20 10:27:44 +05:30
Marius Vikhammer
97e05c6f8b crypto: also apply cache writeback/invalidate for SPIRAM_USE_MEMMAP
Closes https://github.com/espressif/esp-idf/issues/7944
2021-12-08 12:09:01 +08:00
Marius Vikhammer
7fc7c49e5d crypto: allocate all DMA descriptors to DMA capable memory.
These were previously placed on the stack, but the stack could be placed in
RTC RAM which is not DMA capable.
2021-12-08 12:09:01 +08:00
Mahavir Jain
8fadcd844e Merge branch 'feature/mbedtls_dynamic_memory' into 'master'
feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost

Closes IDF-4402

See merge request espressif/esp-idf!15323
2021-12-03 04:55:01 +00:00
Li Jingyi
981ef057c4 feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost 2021-12-01 17:15:25 +08:00
Tomas Rezucha
ebaca79557 other: Move cbor, jsmn and libsodium to idf-component-manager
Marginal components are being carved out from esp-idf and moved to
https://github.com/espressif/idf-extra-components.
They are distributed via idf-component-manager, see
https://components.espressif.com.
2021-11-30 21:44:48 +01:00
Mahavir Jain
92b1ea2199 Merge branch 'bugfix/hardware_mpi_fallback_issue' into 'master'
mbedtls: fix hardware MPI (bignum) related regression

See merge request espressif/esp-idf!15854
2021-11-29 11:19:51 +00:00
Mahavir Jain
12fee76695 esp_bignum: move check for supported MPI bits at start of API
This can allow hardware MPI API to return as soon as it identifies
that it can handle require bitlength operation.
2021-11-29 15:13:05 +08:00
Mahavir Jain
5d9392d999 mbedtls: update mbedtls submodule pointer for MPI API change 2021-11-29 15:13:05 +08:00
Mahavir Jain
c097e6bcab mbedtls: fix hardware MPI (bignum) related regression
In commit de22f3a4e5, combination of
hardware and software MPI (bignum) related approach was used to
work around chip (e.g. ESP32-C3) limitation of max 3072 bits support.

This was done using linker "--wrap" flag but since the relevant API is
being used in same translation (compilation unit), hardware mode was not
getting used in some cases (e.g., RSA key generation).

This commit modified internal mbedTLS API and makes software+hardware
combination deterministic.
2021-11-29 15:13:05 +08:00
Mahavir Jain
1a390f4518 mbedtls: update kconfig help to correct on supported MPI bits 2021-11-29 15:13:02 +08:00
Cao Sen Miao
eddc196081 esp_clk: refactor target/clk.h to private/esp_clk.h 2021-11-26 14:56:30 +08:00
Roland Dobai
766aa57084 Build & config: Remove leftover files from the unsupported "make" build system 2021-11-11 15:32:36 +01:00
morris
16677b0d3c global: make periph enable/disable APIs private
peripheral enable/disable usually should be managed by driver itself,
so make it as espressif private APIs, not recommended for user to use it
in application code.
However, if user want to re-write the driver or ports to other platform,
this is still possible by including the header in this way:
"esp_private/peripheral_ctrl.h"
2021-11-08 10:37:47 +08:00
Cao Sen Miao
5add6593f4 ESP8684: Add esp_gdbstub, mbedtls, esp_timer 2021-11-06 17:33:45 +08:00
Marius Vikhammer
f578a67ec7 Merge branch 'bugfix/aes_gcm_unaligned_psram' into 'master'
aes: fix potential unaligned access in aes-gcm

Closes IDFGH-5506

See merge request espressif/esp-idf!15668
2021-11-04 02:23:57 +00:00
Marius Vikhammer
1cb07a1288 aes: fix potential unaligned access in aes-gcm 2021-11-03 14:10:11 +08:00
Mahavir Jain
f7ed95349f mbedtls: fix dynamic buffer feature build 2021-11-02 15:52:09 +08:00
Mahavir Jain
8c9a3da695 mbedtls: disable Diffie-Hellman key exchange modes by default
Using these ciphers can constitute a security risk if the server
uses a weak prime for the key exchange.

Footprint impact:
Roughly 3K saved in text+rodata in default https_request example
2021-11-02 15:52:09 +08:00
Aditya Patwardhan
2d1f18efea Updated the cacrt_all.pem file with latest Root certificate list. 2021-10-17 00:01:37 +08:00
Victor Morales
4e45f13e2d esp_crt_bundle: remove EC-ACC certificate
Fixes bug #7631
2021-10-01 14:18:46 -07:00
Sachin Billore
667017d517 ESP32S3 support for ESP-MQTT SSL Mutual Authentication with Digital Signature
Closes IDF-3859
2021-09-06 11:17:30 +05:30
Marius Vikhammer
63280dfec0 aes/sha: fixed driver reseting the wrong GDMA channel
Driver was using the channel ID from tx when reseting rx.
But since rx and tx is not necessarily from the same pair this could lead
to the driver reseting the wrong DMA channel.
2021-08-30 10:37:03 +08:00
Marius Vikhammer
bf21cf0c99 aes/sha: change gdma transfer ability for sram to be 1 byte aligned
Previously GDMA transfer ability was set to 4 bytes, but buffers might
be not fulfill these requirements
2021-08-05 11:02:17 +08:00
Li Jingyi
b8892137f5 mbedtls: Add CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1 for support GMSSL component
The configure will be enabled for GMSSL component and disabled as default because of it doesn't provide by IDF project.
2021-07-28 19:54:58 +08:00
Michael (XIAO Xufeng)
59195b6fb3 Merge branch 'bugfix/update_gdma_soc' into 'master'
gdma: alignment setting for PSRAM transfer

Closes IDF-1524

See merge request espressif/esp-idf!13976
2021-07-17 14:04:03 +00:00
Renz Bagaporo
7c22cccb9c esp32: cleanup build script 2021-07-16 20:14:27 +08:00
Renz Bagaporo
452bfda367 esp32: move dport_access 2021-07-16 20:14:26 +08:00
Renz Bagaporo
702e41e1c8 esp32s2: move crypto related functions 2021-07-16 20:14:26 +08:00
morris
d9819bc7ae gdma: set transfer ability 2021-07-16 14:47:09 +08:00
morris
3176ba11d8 gdma: update DMA soc data for esp32-s3 2021-07-16 14:47:09 +08:00
Mahavir Jain
4c41a5bbd0 Merge branch 'feature/upgrade_mbedtls_to_v2.16.11' into 'master'
mbedtls: upgrade to release v2.16.11

Closes IDF-3429

See merge request espressif/esp-idf!14294
2021-07-13 08:12:46 +00:00
Mahavir Jain
ea3c901874 mbedtls: fix crt_bundle test to ensure proper server start event
This fixes occasional test failure that was observed due to
client task getting started before server was up.
2021-07-13 13:20:16 +08:00
Mahavir Jain
3be3d5fff2 mbedtls: upgrade to release v2.16.11
For detailed release notes please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11
2021-07-13 13:20:16 +08:00
Kapil Gupta
38d6772507 mbedtls: Add config option key element and key element ext 2021-07-08 09:23:22 +05:30
Shu Chen
6fce2930d0 esp32h2: enable more components to support esp32h2
Involved components:
 * app_trace
 * esp-tls
 * esp_adc_cal
 * esp_pm
 * esp_serial_slave_link
 * esp_timer
 * freertos
 * idf_test
 * log
 * mbedtls
 * newlib
 * perfmon
 * spi_flash
 * spiffs
 * ulp
 * unity
 * vfs
2021-07-01 19:53:11 +08:00
Anton Maklakov
b9587c28cc Merge branch 'ci/change_perf_key' into 'master'
ci: update performance test key to db compatible format

See merge request espressif/esp-idf!13993
2021-06-25 03:20:32 +00:00
Fu Hanxi
cb46558c30 ci: update performance test key to db compatible format 2021-06-21 14:17:45 +08:00
Aditya Patwardhan
e44bd93cc9 i) wpa_supplicant: Force enable the necessary options for mbedtls in the wpa_supplicant to fix illegal combinations in mbedtls
ii) Fix dependancy for one option in mbedtls menuconfig
2021-06-20 08:39:51 +05:30
Marius Vikhammer
79b5dedeb1 CI: minor testcases fixes and disable some cases that cant run on S3 2021-06-15 13:39:48 +08:00
Marius Vikhammer
4786f2d88a aes/sha/rsa: update registers for ESP32-S3
Updates register headers for ESP32-S3 and default
crypto accelerators for S3 to enabled
2021-06-08 14:15:18 +08:00
Marius Vikhammer
19a492bc8d soc: add base support for ESP32-S3
Updates the following with changes from verification branches:

 * esp_rom linker files
 * rtc_cntl and system reg and struct headers

Also updates:
 * GDMA driver with new register layout
 * esptool submodule commit
2021-06-07 10:40:14 +08:00
Michael (XIAO Xufeng)
d6680b689b Merge branch 'feature/s3beta3_crypto_bringup' into 'master'
crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc

Closes IDF-3004

See merge request espressif/esp-idf!12960
2021-05-19 11:22:05 +00:00
Angus Gratton
9f149a647d Merge branch 'bugfix/fix_mbedtls_cmake_warning' into 'master'
mbedtls: fixed CMake build warning

Closes IDFGH-4975

See merge request espressif/esp-idf!13568
2021-05-19 00:43:50 +00:00
Marius Vikhammer
9b4ba3d707 crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc 2021-05-18 11:25:41 +08:00
Marcel Kottmann
cf4b9ef854 mbedtls: Allow external mem alloc for ESP32-S2
Closes https://github.com/espressif/esp-idf/pull/6998
Closes IDFGH-5226
2021-05-17 10:43:42 +00:00
Marius Vikhammer
01664923f6 mbedtls: fixed CMake build warning
Building mbedtls with CMake would warn that:

"A private source from a directory other than that of target "mbedcrypto
 has a relative path"

This happened due to some of the CMake variables listing sources could be empty.

Changed to only use target_sources in the code-path where we set the sources,
so we only call target_sources will non-empty variables.

Closes https://github.com/espressif/esp-idf/issues/6767
2021-05-17 17:15:38 +08:00
kapil.gupta
ad7cb5f5c1 wpa_supplicant: Write Crypto API based on mbedtls
This commit add following crypto changes

1. Update current crypto code with upstream supplicant code
2. Add a proper porting layer to use mbedtls APIs for all the crypto
   operations used by supplicant.

Internal crypto will be used when USE_MBEDLTS flag is disabled
in supplicant's menuconfig.

This commit also removes the clutter in crypto files due to partial
porting of some APIs to mbedtls, all the code from those files have
been removed and rewritten in a generic way, this is inspired from
current upstream code.

This also reduces the lib size significantly, supplicant's lib
size reduces around ~567kb after this change(NB: lib size doesn't
indicate reduction in final bin size).
2021-05-04 10:54:57 +00:00
yuanjm
93604b1a11 mbedtls: Fix mbedtls_ssl_send_alert_message crash due to ssl->out_iv is NULL 2021-04-22 09:33:59 +00:00
liuhan
e87c64dc44 mbedtls: Add CONFIG_MBEDTLS_ROM_MD5 to use ROM MD5 in mbedTLS 2021-04-14 06:42:13 +00:00
Marius Vikhammer
fe71a8e340 aes/sha: use a shared lazy allocated GDMA channel for AES and SHA
Removed the old dynamically allocated GDMA channel approach.
It proved too unreliable as we couldn't not ensure consumers of the mbedtls
would properly free the channels after use.

Replaced by a single shared GDMA channel for AES and SHA, which won't be
released unless user specifically calls API for releasing it.
2021-03-09 09:23:05 +08:00
Angus Gratton
3ddfe1e8ac Merge branch 'bugfix/asserts_disabled' into 'master'
core: Fix assert path embedding, warnings when asserts are disabled

Closes IDFGH-4477

See merge request espressif/esp-idf!12371
2021-03-03 08:20:54 +00:00
Angus Gratton
d6f4d99d93 core system: Fix warnings in compilation when assertions are disabled
Adds a CI config for hello world that sets this, to catch future regressions
2021-03-03 10:26:57 +11:00
KonstantinKondrashov
f3dd0a37c7 mbedtls: Fix rsa test 2021-03-02 03:18:58 +08:00
Aditya Patwardhan
bf513b6f31 Fix esp_tls: Prevent freeing of global ca store after each connection
when dynamic ssl buffers are enabled
2021-02-25 00:26:13 +00:00
Angus Gratton
89b6baf2b8 mbedtls tests: Add optional debug log output to AES stream tests 2021-02-12 04:08:12 +00:00
Angus Gratton
e7563fe704 mbedtls aes dma: Fix bug where DMA would complete when the first output descriptor was done, not the last 2021-02-12 04:08:12 +00:00
Marius Vikhammer
04df1f3a42 CI: enable example builds for C3
Enables building C3 examples in CI.

Fixes related warnings/errors and disables examples that cannot run.
2021-02-09 12:04:02 +08:00
ChenJianxing
243417c48c temporarily disable hardware encryption for esp32s3 2021-01-28 21:05:51 +08:00
Fu Hanxi
0146f258d7 style: format python files with isort and double-quote-string-fixer 2021-01-26 10:49:01 +08:00
Aditya Patwardhan
79c23a1886 esp32c3/Digital Signature: mbedtls integration through ESP-TLS 2021-01-22 11:54:16 +05:30
Jiang Jiang Jian
ea79091725 Merge branch 'bugfix/esp32c3_wpa4096_cert_support' into 'master'
MbedTLS: Add software fallback for Modular Exponentiation for larger bignum operations

Closes WIFI-3257 and IDFGH-132

See merge request espressif/esp-idf!11928
2021-01-21 12:45:19 +08:00
Marius Vikhammer
51169b0e0c AES/SHA: use GDMA driver instead of LL 2021-01-19 11:02:51 +08:00
kapil.gupta
de22f3a4e5 MbedTLS: Add software fallback implementation for exp mod
Add configuration option to fallback to software implementation
for exponential mod incase of hardware is not supporting it
for larger MPI value.

Usecase:
ESP32C3 only supports till RSA3072 in hardware. This config option
will help to support 4k certificates for WPA enterprise connection.
2021-01-18 18:47:51 +05:30
morris
753a929525 global: fix sign-compare warnings 2021-01-12 14:05:08 +08:00
Marius Vikhammer
9c8e4fd4c5 C3: build and run unit tests
Enable building and running of unit tests in CI for C3 as well as fix
related compile errors

Also enables building of C3 test apps
2021-01-11 11:34:37 +08:00
Angus Gratton
795e69b570 mbedtls: Expand KConfig documentation for MBEDTLS_HAVE_TIME_DATE
Original comments were copied from mbedtls config.h, so not
directly applicable to ESP-IDF.

As reported https://esp32.com/viewtopic.php?f=13&t=18817&p=69772#p69772
2021-01-04 10:45:01 +11:00
Marius Vikhammer
1b6891c5d8 mbedtls: merge changes from C3 2020-12-29 10:56:13 +08:00
Marius Vikhammer
0a95151a75 unit_test: Refactor all performance tests that rely on cache compensated timer
There is no ccomp timer on C3, which means our performance tests will start
failing again due to variance caused by cache misses.

This MR adds TEST_PERFORMANCE_CCOMP_ macro that will only fail
performance test if CCOMP timer is supported on the target
2020-12-22 18:56:24 +11:00
Mahavir Jain
b85c534130 mbedtls: upgrade to v2.16.9 release
For details release notes please refer to:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9
2020-12-17 14:15:41 +05:30
Marius Vikhammer
457ce080ae AES: refactor and add HAL layer
Refactor the AES driver and add HAL, LL and caps.

Add better support for running AES-GCM fully in hardware.
2020-12-10 09:04:47 +00:00
Marius Vikhammer
7e0f362149 esp_crt_bundle: add additional unit tests
Add unit test for:
 * Trusted certificate with weak hash algorithm signature
 * Certificate with wrong signature

Merges https://github.com/espressif/esp-idf/pull/6117
2020-12-08 10:11:31 +08:00
Jeff Epler
a79cb9f8cd esp_crt_bundle: Allow verify_callback to correct BADCERT_BAD_MD 2020-12-03 14:53:53 +08:00
Angus Gratton
5228d9f9ce esp32c3: Apply one-liner/small changes for ESP32-C3 2020-12-01 10:58:50 +11:00
Angus Gratton
d6bdd1cb32 Merge branch 'bugfix/small_cleanups' into 'master'
Small cleanups

See merge request espressif/esp-idf!11141
2020-11-23 17:23:53 +08:00
Dong Heng
1c9592efc4 fix(mbedtls): fix mbedtls dynamic resource memory leaks and RSA cert drop earlier
RX process caches the session information in "ssl->in_ctr" not in "ssl->in_buf".
So when freeing the SSL, can't free the "ssl->in_ctr", because the "ssl->in_buf"
is empty.

Make the RX process like TX process, and cache the session information in
"ssl->in_buf", so that the cache buffer can be freed when freeing the SSL.

Closes https://github.com/espressif/esp-idf/issues/6104
2020-11-19 07:31:50 +00:00
Marius Vikhammer
09e1d104ba SHA: fix dma lldesc going out of scope issue
DMA process didnt wait for idle before returning.
This meant that there was a potential for the dma
descriptors which were on the stack to be reclaimed
before the DMA operation finished.
2020-11-18 06:04:31 +00:00
Angus Gratton
b798158b4c mbedtls: Avoid malloc in esp_sha() function 2020-11-17 22:51:32 +00:00
Angus Gratton
a4fb6c0173 mbedtls: Add missing sha_caps includes 2020-11-17 22:51:07 +00:00
Marius Vikhammer
488f46acf5 SHA/RSA: moved all caps to soc_caps.h 2020-11-12 02:15:46 +00:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
Konstantin Kondrashov
9386cafbc3 time: Fix gettimeofday for ESP32-S3 2020-10-20 14:09:32 +08:00
Marius Vikhammer
949fb8e63a SHA: add HAL layer and refactor driver
Add a LL and HAL layer for SHA.
2020-10-09 08:24:08 +00:00
David Čermák
28d2b7a9b3 Merge branch 'bugfix/esp_netif_non_lwip' into 'master'
esp-netif: Enable use of the ESP-IDF with a non-LWIP (and non-BSD-style) IP stack.

Closes IDFGH-3971

See merge request espressif/esp-idf!10472
2020-10-05 16:16:11 +08:00
Angus Gratton
1eefe6494c Merge branch 'feature/rsa_caps' into 'master'
RSA: add max RSA bit len as a soc caps

See merge request espressif/esp-idf!10594
2020-10-05 12:56:28 +08:00
Aditya Patwardhan
db3cbf91f9 mbedtls: Fixed target library linking when using the DS peripheral 2020-09-28 12:58:54 +05:30