mbedtls-3.0: Fixed ESP32 build issues

- Added MBEDLTS_PRIVATE(...) wherever necessary - For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL - For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this. Currently, corresponding snippet has been commented. - Examples tested: hello-world | https_request | wifi_prov_mgr mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues - Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port - DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument - Added MBEDTLS_PRIVATE(...) wherever required mbedtls-3.0: Fixed ESP32-S2 build issues - Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module mbedtls-3.0: Fixed ESP32-H2 build issues ci: Fixing build stage - Added MBEDTLS_PRIVATE(...) wherever required - Added RNG function parameter - Updated GCM Module changes - Updated Copyright notices - Tests: - build_esp_idf_tests_cmake_esp32 - build_esp_idf_tests_cmake_esp32s2 - build_esp_idf_tests_cmake_esp32c3 - build_esp_idf_tests_cmake_esp32s3 ci: Fixing build stage (mbedtls-related changes) - Added MBEDTLS_PRIVATE(...) wherever required - Updated SHAXXX functions - Updated esp_config according to mbedtls changes - Tests: - build_examples_cmake_esp32 - build_examples_cmake_esp32s2 - build_examples_cmake_esp32c3 - build_examples_cmake_esp32s3 ci: Fixing build stage (example-related changes) - Added MBEDTLS_PRIVATE(...) wherever required - Updated SHAXXX functions - Updated esp_config according to mbedtls changes - Tests: - build_examples_cmake_esp32 - build_examples_cmake_esp32s2 - build_examples_cmake_esp32c3 - build_examples_cmake_esp32s3 ci: Fixing target_test stage - Updated test SSL version to TLS_v1_2 - Tests: - example_test_protocols 1/2 ci: Fixing build stage - Added checks for MBEDTLS_DHM_C (disabled by default) - Updated esp_cryptoauthlib submodule - Updated factory partition size for legacy BLE provisioning example - Tests: - build_examples_cmake_esp32 - build_examples_cmake_esp32s2 - build_examples_cmake_esp32c3 - build_examples_cmake_esp32s3 Co-authored-by: Laukik Hase <laukik.hase@espressif.com>
2025-09-24 01:20:23 +00:00 · 2021-08-09 15:28:36 +05:30
parent 45122533e0
commit 3b71bd7326
44 changed files with 635 additions and 517 deletions
--- a/components/mbedtls/esp_crt_bundle/esp_crt_bundle.c
+++ b/components/mbedtls/esp_crt_bundle/esp_crt_bundle.c
@@ -53,28 +53,28 @@ static int esp_crt_check_signature(mbedtls_x509_crt *child, const uint8_t *pub_k

    mbedtls_x509_crt_init(&parent);

-    if ( (ret = mbedtls_pk_parse_public_key(&parent.pk, pub_key_buf, pub_key_len) ) != 0) {
+    if ( (ret = mbedtls_pk_parse_public_key(&parent.MBEDTLS_PRIVATE(pk), pub_key_buf, pub_key_len) ) != 0) {
        ESP_LOGE(TAG, "PK parse failed with error %X", ret);
        goto cleanup;
    }


    // Fast check to avoid expensive computations when not necessary
-    if (!mbedtls_pk_can_do(&parent.pk, child->sig_pk)) {
+    if (!mbedtls_pk_can_do(&parent.MBEDTLS_PRIVATE(pk), child->MBEDTLS_PRIVATE(sig_pk))) {
        ESP_LOGE(TAG, "Simple compare failed");
        ret = -1;
        goto cleanup;
    }

-    md_info = mbedtls_md_info_from_type(child->sig_md);
-    if ( (ret = mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash )) != 0 ) {
+    md_info = mbedtls_md_info_from_type(child->MBEDTLS_PRIVATE(sig_md));
+    if ( (ret = mbedtls_md( md_info, child->MBEDTLS_PRIVATE(tbs).MBEDTLS_PRIVATE(p), child->MBEDTLS_PRIVATE(tbs).MBEDTLS_PRIVATE(len), hash )) != 0 ) {
        ESP_LOGE(TAG, "Internal mbedTLS error %X", ret);
        goto cleanup;
    }

-    if ( (ret = mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent.pk,
-                                       child->sig_md, hash, mbedtls_md_get_size( md_info ),
-                                       child->sig.p, child->sig.len )) != 0 ) {
+    if ( (ret = mbedtls_pk_verify_ext( child->MBEDTLS_PRIVATE(sig_pk), child->MBEDTLS_PRIVATE(sig_opts), &parent.MBEDTLS_PRIVATE(pk),
+                                       child->MBEDTLS_PRIVATE(sig_md), hash, mbedtls_md_get_size( md_info ),
+                                       child->MBEDTLS_PRIVATE(sig).MBEDTLS_PRIVATE(p), child->MBEDTLS_PRIVATE(sig).MBEDTLS_PRIVATE(len) )) != 0 ) {

        ESP_LOGE(TAG, "PK verify failed with error %X", ret);
        goto cleanup;
@@ -125,7 +125,7 @@ int esp_crt_verify_callback(void *buf, mbedtls_x509_crt *crt, int depth, uint32_
        name_len = s_crt_bundle.crts[middle][0] << 8 | s_crt_bundle.crts[middle][1];
        crt_name = s_crt_bundle.crts[middle] + CRT_HEADER_OFFSET;

-        int cmp_res = memcmp(child->issuer_raw.p, crt_name, name_len );
+        int cmp_res = memcmp(child->MBEDTLS_PRIVATE(issuer_raw).MBEDTLS_PRIVATE(p), crt_name, name_len );
        if (cmp_res == 0) {
            crt_found = true;
            break;