kapil.gupta ad7cb5f5c1 wpa_supplicant: Write Crypto API based on mbedtls
This commit add following crypto changes

1. Update current crypto code with upstream supplicant code
2. Add a proper porting layer to use mbedtls APIs for all the crypto
   operations used by supplicant.

Internal crypto will be used when USE_MBEDLTS flag is disabled
in supplicant's menuconfig.

This commit also removes the clutter in crypto files due to partial
porting of some APIs to mbedtls, all the code from those files have
been removed and rewritten in a generic way, this is inspired from
current upstream code.

This also reduces the lib size significantly, supplicant's lib
size reduces around ~567kb after this change(NB: lib size doesn't
indicate reduction in final bin size).
2021-05-04 10:54:57 +00:00

188 lines
5.5 KiB
CMake

set(srcs "port/os_xtensa.c"
"src/ap/ap_config.c"
"src/ap/ieee802_1x.c"
"src/ap/wpa_auth.c"
"src/ap/wpa_auth_ie.c"
"src/common/sae.c"
"src/common/wpa_common.c"
"src/common/dpp.c"
"src/utils/bitfield.c"
"src/crypto/aes-siv.c"
"src/crypto/sha256-kdf.c"
"src/crypto/ccmp.c"
"src/crypto/crypto_ops.c"
"src/crypto/dh_group5.c"
"src/crypto/dh_groups.c"
"src/crypto/ms_funcs.c"
"src/crypto/sha1-tlsprf.c"
"src/crypto/sha256-tlsprf.c"
"src/crypto/sha384-tlsprf.c"
"src/crypto/sha256-prf.c"
"src/crypto/sha1-prf.c"
"src/crypto/md4-internal.c"
"src/eap_peer/chap.c"
"src/eap_peer/eap.c"
"src/eap_peer/eap_common.c"
"src/eap_peer/eap_mschapv2.c"
"src/eap_peer/eap_peap.c"
"src/eap_peer/eap_peap_common.c"
"src/eap_peer/eap_tls.c"
"src/eap_peer/eap_tls_common.c"
"src/eap_peer/eap_ttls.c"
"src/eap_peer/mschapv2.c"
"src/esp_supplicant/esp_hostap.c"
"src/esp_supplicant/esp_wpa2.c"
"src/esp_supplicant/esp_wpa_main.c"
"src/esp_supplicant/esp_wpas_glue.c"
"src/esp_supplicant/esp_wps.c"
"src/esp_supplicant/esp_wpa3.c"
"src/esp_supplicant/esp_dpp.c"
"src/rsn_supp/pmksa_cache.c"
"src/rsn_supp/wpa.c"
"src/rsn_supp/wpa_ie.c"
"src/utils/base64.c"
"src/utils/common.c"
"src/utils/ext_password.c"
"src/utils/uuid.c"
"src/utils/wpabuf.c"
"src/utils/wpa_debug.c"
"src/utils/json.c"
"src/wps/wps.c"
"src/wps/wps_attr_build.c"
"src/wps/wps_attr_parse.c"
"src/wps/wps_attr_process.c"
"src/wps/wps_common.c"
"src/wps/wps_dev_attr.c"
"src/wps/wps_enrollee.c"
"src/wps/wps_registrar.c"
"src/wps/wps_validate.c")
if(CONFIG_WPA_MBEDTLS_CRYPTO)
set(tls_src "src/crypto/tls_mbedtls.c")
else()
set(tls_src
"src/tls/asn1.c"
"src/tls/bignum.c"
"src/tls/pkcs1.c"
"src/tls/pkcs5.c"
"src/tls/pkcs8.c"
"src/tls/bignum.c"
"src/tls/rsa.c"
"src/tls/tls_internal.c"
"src/tls/tlsv1_client.c"
"src/tls/tlsv1_client_read.c"
"src/tls/tlsv1_client_write.c"
"src/tls/tlsv1_common.c"
"src/tls/tlsv1_cred.c"
"src/tls/tlsv1_record.c"
"src/tls/tlsv1_server.c"
"src/tls/tlsv1_server_read.c"
"src/tls/tlsv1_server_write.c"
"src/tls/x509v3.c")
endif()
if(CONFIG_WPA_MBEDTLS_CRYPTO)
set(crypto_src
"src/crypto/crypto_mbedtls.c"
"src/crypto/crypto_mbedtls-bignum.c"
"src/crypto/crypto_mbedtls-ec.c")
# Add internal RC4 if RC4 is disabled in mbedtls
if(CONFIG_MBEDTLS_RC4_DISABLED)
set(crypto_src ${crypto_src} "src/crypto/rc4.c")
endif()
if(NOT CONFIG_MBEDTLS_DES_C)
set(crypto_src ${crypto_src} "src/crypto/des-internal.c")
endif()
# Enabling this only for WiFi is probably not a good idea since MbedTLS
# uses generic crypto init/update functions for this. That causes
# binary size increment since all the other enabled module
# functions will also linked in. Even after not using direct MbedTLS APIs
# for these, these API are still faster since these all will be using
# AES APIs which is using hardware AES blocks.
if(NOT CONFIG_MBEDTLS_CMAC_C)
set(crypto_src ${crypto_src} "src/crypto/aes-omac1.c")
endif()
if(NOT CONFIG_MBEDTLS_NIST_KW_C)
set(crypto_src ${crypto_src}
"src/crypto/aes-wrap.c"
"src/crypto/aes-unwrap.c")
endif()
if(NOT CONFIG_MBEDTLS_NIST_KW_C OR NOT CONFIG_MBEDTLS_CMAC_C OR NOT CONFIG_MBEDTLS_CCM_C)
set(crypto_src ${crypto_src} "src/crypto/aes-ccm.c")
endif()
else()
set(crypto_src
"src/crypto/rc4.c"
"src/crypto/aes-ctr.c"
"src/crypto/aes-cbc.c"
"src/crypto/aes-ccm.c"
"src/crypto/aes-internal-dec.c"
"src/crypto/aes-internal-enc.c"
"src/crypto/aes-internal.c"
"src/crypto/aes-omac1.c"
"src/crypto/aes-unwrap.c"
"src/crypto/aes-wrap.c"
"src/crypto/crypto_internal-cipher.c"
"src/crypto/crypto_internal-modexp.c"
"src/crypto/crypto_internal-rsa.c"
"src/crypto/crypto_mbedtls-rsa.c"
"src/crypto/crypto_internal.c"
"src/crypto/des-internal.c"
"src/crypto/md4-internal.c"
"src/crypto/md5-internal.c"
"src/crypto/md5.c"
"src/crypto/sha1-internal.c"
"src/crypto/sha1-pbkdf2.c"
"src/crypto/sha1.c"
"src/crypto/sha256-internal.c"
"src/crypto/sha256.c")
endif()
if(CONFIG_WPA_11KV_SUPPORT)
set(roaming_src
"src/common/rrm.c"
"src/common/wnm_sta.c"
"src/common/bss.c"
"src/common/scan.c"
"src/common/ieee802_11_common.c"
"src/esp_supplicant/esp_common.c"
"src/esp_supplicant/esp_scan.c"
)
else()
set(roaming_src "")
endif()
idf_component_register(SRCS "${srcs}" "${tls_src}" "${roaming_src}" "${crypto_src}"
INCLUDE_DIRS include port/include include/esp_supplicant
PRIV_INCLUDE_DIRS src src/utils
PRIV_REQUIRES mbedtls esp_timer)
target_compile_options(${COMPONENT_LIB} PRIVATE -Wno-strict-aliasing)
target_compile_definitions(${COMPONENT_LIB} PRIVATE
__ets__
ESP_SUPPLICANT
IEEE8021X_EAPOL
EAP_PEER_METHOD
EAP_MSCHAPv2
EAP_TTLS
EAP_TLS
EAP_PEAP
USE_WPA2_TASK
CONFIG_WPS2
CONFIG_WPS_PIN
USE_WPS_TASK
ESPRESSIF_USE
ESP32_WORKAROUND
CONFIG_ECC
CONFIG_IEEE80211W
CONFIG_SHA256
CONFIG_DPP
CONFIG_WNM
)
if(CONFIG_ESP32_WIFI_ENABLE_WPA3_SAE)
target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_WPA3_SAE)
endif()
set_property(TARGET ${COMPONENT_LIB} APPEND PROPERTY LINK_INTERFACE_MULTIPLICITY 3)