esp-idf

mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00

Author	SHA1	Message	Date
Jiang Jiang Jian	3f72cc5410	Merge branch 'feat/bringup_esp32c2_rom_mbedtls_to_formal_feature_v5.2' into 'release/v5.2' feat(mbedtls): bringup rom mbedtls feature to formal (v5.2) See merge request espressif/esp-idf!33801	2024-09-27 12:15:51 +08:00
Aditya Patwardhan	2aad80cd92	Merge branch 'fix/ecdsa_verify_check_hash_len_v5.2' into 'release/v5.2' Wrap some mbedtls' ECDSA verification related APIs (v5.2) See merge request espressif/esp-idf!33784	2024-09-26 15:13:28 +08:00
Mahavir Jain	b20225d06a	Merge branch 'feat/support_esp32c2_eco4_rom_mbedtls_v3.6.0_lts_v5.2' into 'release/v5.2' feat(mbedtls): support esp32c2 eco4 rom mbedtls v3.6.0 lts v5.2 (backport v5.2) See merge request espressif/esp-idf!33421	2024-09-26 11:02:28 +08:00
JiangGuangMing	3bfe43fb68	feat(mbedtls): bringup rom mbedtls feature to formal	2024-09-25 11:52:35 +08:00
harshal.patil	52cf97ebd5	feat(mbedtls): Wrap mbedtls_ecdsa_read_signature to use ECDSA hardware when possible	2024-09-24 16:50:38 +05:30
harshal.patil	a14ed03c11	fix(mbedtls/port): Check signature hash length before using ECDSA hardware	2024-09-24 16:50:28 +05:30
Aditya Patwardhan	5b6d8812d1	feat(hal): Add countermeasure for ECDSA generate signature The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA sign operation in constant time. This allows an attacker to read the power signature of the ECDSA sign operation and then calculate the ECDSA key stored inside the eFuse. The commit adds a countermeasure for this attack. In this case the real ECDSA sign operation is masked under dummy ECDSA sign operations to hide its real power signature	2024-09-23 19:28:12 +05:30
Jiang Guang Ming	3340050eae	feat(mbedtls): support rom mbedtls threading layer	2024-09-10 10:20:29 +08:00
Jiang Guang Ming	d4dea72f24	feat(mbedtls): select MBEDTLS_CMAC_C when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled	2024-09-10 10:20:23 +08:00
Jiang Guang Ming	4c567bd203	feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4)	2024-09-10 10:20:14 +08:00
Richard Allen	cda82f8ee8	change(mbedtls/port): optimize gcm_mult() 1) pre-shift GCM last4 to use 32-bit shift On 32-bit architectures like Aarch32, RV32, Xtensa, shifting a 64-bit variable by 32-bits is free, since it changes the register representing half of the 64-bit var. Pre-shift the last4 array to take advantage of this. 2) unroll first GCM iteration The first loop of gcm_mult() is different from the others. By unrolling it separately from the others, the other iterations may take advantage of the zero-overhead loop construct, in addition to saving a conditional branch in the loop.	2024-08-21 18:26:08 +05:30
Mahavir Jain	adea6829b3	fix(hal): correct the power up sequence for MPI/ECC peripherals in ESP32-C5	2024-07-02 13:36:54 +05:30
nilesh.kale	5d5113c5f9	feat(mbedtls): updated mbedtls version from 3.5.2 to 3.6.0 This MR updated MbedTLS version to latest version 3.6.0.	2024-05-07 14:16:37 +05:30
harshal.patil	bd826801ba	fix(mbedtls/ecdsa): Fix dependant peripheral's enable and reset	2024-04-11 13:46:59 +05:30
harshal.patil	85186042c3	feat(hal/ecdsa): Add HAL API for operation successful check	2024-04-11 12:33:06 +05:30
Aditya Patwardhan	b359cd85f1	Merge branch 'feature/mbedtls_error_str_config_v5.2' into 'release/v5.2' feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C (v5.2) See merge request espressif/esp-idf!30104	2024-04-11 11:53:24 +08:00
Mahavir Jain	b6f5573e0f	feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C Disabling this config can reduce footprint for the cases where mbedtls_strerror() is used and hence the debug strings are getting pulled into the application image.	2024-04-08 16:02:21 +05:30
harshal.patil	c97d3aed45	fix(mbedtls/aes-gcm): Fix null pointer derefernce coverity reports - Also fixed a tcp_transport report	2024-03-13 11:42:03 +05:30
harshal.patil	0f7c9a29a2	ci(mbedtls/gcm): Added test to verify software fallback for non-AES cipher GCM operations	2024-02-26 14:29:20 +05:30
harshal.patil	ca4f560f2b	fix(mbedtls/gcm): Add support for software fallback for non-AES ciphers in a GCM operation - Even if the config MBEDTLS_HARDWARE_AES is enabled, we now support fallback to software implementation of GCM operations when non-AES ciphers are used.	2024-02-26 14:29:18 +05:30
harshal.patil	5862b981ed	fix(mbedtls/gcm): Avoid using GCM hardware when config MBEDTLS_HARDWARE_GCM is disabled	2024-02-16 11:54:39 +05:30
harshal.patil	38f13b15d3	fix(mbedtls/gcm): Fix build failure when config MBEDTLS_HARDWARE_GCM is disabled	2024-02-16 11:54:37 +05:30
nilesh.kale	7d358754a2	feat(mbedtls): updated mbedtls version from 3.5.0 to 3.5.2 This updates the submodule mbedtls to its latest version 3.5.2.	2024-02-05 12:50:27 +05:30
jim	5a234cf642	mbedtls: Fix enable dynamic mbedtls will occur heap corruption when server support TLS renegotiation	2024-01-08 14:23:32 +08:00
Darian Leung	b85e6d3dd8	change(xtensa): Deprecate ".../xtensa_timer.h" include path This commit deprecates the "freertos/xtensa_timer.h" and "xtensa/xtensa_timer.h" include paths. Users should use "xtensa_timer.h" instead. - Replace legacy include paths - Removed some unnecessary includes of "xtensa_timer.h" - Add warning to compatibility header	2023-12-05 18:04:52 +08:00
harshal.patil	b94656115e	fix(mbedtls/aes): fix AES interrupt allocation for AES-GCM operations	2023-12-01 16:34:49 +05:30
Aditya Patwardhan	c1779ff8b7	fix(mbedtls): Removed redundant menuconfig entry	2023-11-29 09:50:12 +05:30
Jiang Jiang Jian	df7ba090f3	Merge branch 'bugfix/esp32h2_ecdsa_hardware_k_v5.2' into 'release/v5.2' fix(esp32h2): program use_hardware_k efuse bit for ECDSA key purpose (v5.2) See merge request espressif/esp-idf!27234	2023-11-21 11:13:37 +08:00
Mahavir Jain	f207ce15df	fix(api-docs): include in the ECDSA APIs for doxygen build	2023-11-17 07:13:53 +00:00
Mahavir Jain	2882b6f68b	docs: add ECDSA peripheral chapter for H2/P4 - Add ECDSA peripheral chapter and instructions to program efuse key block - Update security guide for ECDSA peripheral mention for device identity - Link with ESP-TLS guide about using ECDSA peripheral in TLS connection	2023-11-17 07:13:53 +00:00
Mahavir Jain	f434d21f4a	fix(ecdsa): remove unused k_mode from the ECDSA HAL/LL API For ESP32-H2 case, the hardware k mode is always enforced through efuse settings (done in startup code). For ESP32-P4 case, the software k mode is not supported in the peripheral itself and code was redundant.	2023-11-17 07:13:53 +00:00
harshal.patil	9bf48e77f0	fix(mbedtls): move interrupt allocation during initialization phase	2023-11-16 16:16:57 +05:30
Jiang Guang Ming	e882782f0d	feat(mbedtls): add new option CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL for mbedtls pytest	2023-10-23 13:10:44 +08:00
Jiang Guang Ming	37ec1cc592	feat(mbedtls): support C2 mbedtls can use crypto algorithm in ROM	2023-10-23 13:10:44 +08:00
Mahavir Jain	dbc33ca7aa	Merge branch 'feature/add_intr_priority_config_option' into 'master' feat(mbedtls): Add config for interrupt priority in AES and RSA Closes IDF-7963 and IDF-7964 See merge request espressif/esp-idf!26190	2023-10-16 11:33:03 +08:00
Mahavir Jain	6b62065b92	Merge branch 'fix/crypto_periphs_use_rcc_atomic_blocks' into 'master' Use rcc atomic blocks to enable/reset crypto peripherals See merge request espressif/esp-idf!25811	2023-10-13 22:37:58 +08:00
nilesh.kale	cf4a7bb09d	feat(mbedtls): Add config for interrupt priority in AES and RSA(MPI)	2023-10-12 11:06:13 +05:30
Mahavir Jain	0c3ed4f540	fix(mbedtls): remove deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION This config has been removed in the upstream mbedTLS starting 3.0 release. Please see mbedTLS changelog for more details.	2023-10-11 09:32:32 +00:00
Mahavir Jain	e9094cef66	fix(mbedtls): dynamic buffer feature issue with mbedtls 3.5.0 Set max TLS version in the SSL context during setup phase. Dynamic buffer feature overrides the `mbedtls_ssl_setup` API and hence this change is required per upstream 3.5.0 codebase change.	2023-10-11 09:32:32 +00:00
Mahavir Jain	9ca8f3d45b	feat(mbedtls): update to 3.5.0 release Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0	2023-10-11 09:32:32 +00:00
harshal.patil	57d10477da	feat(ecdsa): use RCC atomic block to enable/reset the ECDSA peripheral	2023-10-11 14:59:04 +05:30
harshal.patil	1c6ff8ce9f	feat(ecc): use RCC atomic block to enable/reset the ECC peripheral	2023-10-11 14:59:04 +05:30
harshal.patil	c5cc4f488a	feat(mpi): use RCC atomic block to enable/reset the MPI peripheral	2023-10-11 14:59:03 +05:30
Alexey Lapshin	71713bcdb5	fix(mbedtls): fix gcc 13.1.0 warnings	2023-10-09 12:13:02 +04:00
Mahavir Jain	ab74fb4d92	Merge branch 'feature/locking_layer_for_ecdsa' into 'master' feat(esp_hw_support): Added locking mechanism for the ECDSA and ECC peripherals Closes IDF-7990 See merge request espressif/esp-idf!26029	2023-09-25 18:04:21 +08:00
Jakob Hasse	ac2515e199	refactor(lwip): Added on/off switch for LwIP stack * This switch allows applications to replace lwip with a different IP stack or just make it build if it is a dependency but not actually needed.	2023-09-22 10:03:13 +08:00
harshal.patil	6a7caa7b8e	feat(esp_hw_support): Added locking mechanism for the ECDSA and ECC peripheral	2023-09-20 16:05:50 +05:30
Jiang Jiang Jian	62720ffa8c	Merge branch 'feature/pbkdf2_fast_implementation' into 'master' esp_wifi: Port fast_pbkdf2 implementation to calculate PMK See merge request espressif/esp-idf!24287	2023-09-12 14:06:02 +08:00
Kapil Gupta	c82a792bc3	change(esp_wifi): Port fast_pbkdf2 implementation for mbedlts Add changes to use fast_pbkdf2 as default for PMK calculations. fast_pbkdf2 is significantly faster than current implementations for esp chips. Also removes unnecessary code for pbkdf-sha256 and pbkdf-sha512.	2023-09-11 19:33:17 +05:30
Mahavir Jain	2b3418b4a0	Merge branch 'feature/use_ecdsa_perph_while_mutual_auth' into 'master' feat: ECDSA peripheral while performing http connection with mutual auth Closes IDF-7390 See merge request espressif/esp-idf!25052	2023-09-11 19:41:21 +08:00

1 2 3 4 5 ...

601 Commits