alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-12-07 09:02:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

mbedtls-3.0: Fixed ESP32 build issues

Browse Source 
- Added MBEDLTS_PRIVATE(...) wherever necessary
- For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function
  pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL
- For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this.
  Currently, corresponding snippet has been commented.
- Examples tested: hello-world | https_request | wifi_prov_mgr

mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues
- Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port
- DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument
- Added MBEDTLS_PRIVATE(...) wherever required

mbedtls-3.0: Fixed ESP32-S2 build issues
- Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module

mbedtls-3.0: Fixed ESP32-H2 build issues

ci: Fixing build stage
- Added MBEDTLS_PRIVATE(...) wherever required
- Added RNG function parameter
- Updated GCM Module changes
- Updated Copyright notices

- Tests:
- build_esp_idf_tests_cmake_esp32
- build_esp_idf_tests_cmake_esp32s2
- build_esp_idf_tests_cmake_esp32c3
- build_esp_idf_tests_cmake_esp32s3

ci: Fixing build stage (mbedtls-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

ci: Fixing build stage (example-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

ci: Fixing target_test stage
- Updated test SSL version to TLS_v1_2

- Tests:
- example_test_protocols 1/2

ci: Fixing build stage
- Added checks for MBEDTLS_DHM_C (disabled by default)
- Updated esp_cryptoauthlib submodule
- Updated factory partition size for legacy BLE provisioning example

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

Co-authored-by: Laukik Hase <laukik.hase@espressif.com>
This commit is contained in:
Aditya Patwardhan
2021-08-09 15:28:36 +05:30
parent 45122533e0
commit 3b71bd7326
44 changed files with 635 additions and 517 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
components/mbedtls/port/aes/esp_aes_gcm.c
View File

@@ -336,15 +336,12 @@ void esp_aes_gcm_free( esp_gcm_context *ctx)
int esp_aes_gcm_starts( esp_gcm_context *ctx,
int mode,
const unsigned char *iv,
size_t iv_len,
const unsigned char *aad,
size_t aad_len )
size_t iv_len )
{
/* IV and AD are limited to 2^32 bits, so 2^29 bytes */
/* IV is limited to 2^32 bits, so 2^29 bytes */
/* IV is not allowed to be zero length */
if ( iv_len == 0 ||
( (uint32_t) iv_len ) >> 29 != 0 ||
( (uint32_t) aad_len ) >> 29 != 0 ) {
( (uint32_t) iv_len ) >> 29 != 0 ) {
return ( MBEDTLS_ERR_GCM_BAD_INPUT );
}
@@ -358,19 +355,12 @@ int esp_aes_gcm_starts( esp_gcm_context *ctx,
return -1;
}
if ( (aad_len > 0) && !aad) {
ESP_LOGE(TAG, "No aad supplied");
return -1;
}
/* Initialize AES-GCM context */
memset(ctx->ghash, 0, sizeof(ctx->ghash));
ctx->data_len = 0;
ctx->iv = iv;
ctx->iv_len = iv_len;
ctx->aad = aad;
ctx->aad_len = aad_len;
ctx->mode = mode;
/* H and the lookup table are only generated once per ctx */
@@ -389,6 +379,40 @@ int esp_aes_gcm_starts( esp_gcm_context *ctx,
ctx->gcm_state = ESP_AES_GCM_STATE_START;
return ( 0 );
}
int esp_aes_gcm_update_ad( esp_gcm_context *ctx,
const unsigned char *aad,
size_t aad_len )
{
/* AD are limited to 2^32 bits, so 2^29 bytes */
if ( ( (uint32_t) aad_len ) >> 29 != 0 ) {
return ( MBEDTLS_ERR_GCM_BAD_INPUT );
}
if (!ctx) {
ESP_LOGE(TAG, "No AES context supplied");
return -1;
}
if ( (aad_len > 0) && !aad) {
ESP_LOGE(TAG, "No aad supplied");
return -1;
}
/* Initialize AES-GCM context */
memset(ctx->ghash, 0, sizeof(ctx->ghash));
ctx->data_len = 0;
ctx->aad = aad;
ctx->aad_len = aad_len;
if (ctx->gcm_state != ESP_AES_GCM_STATE_START) {
ESP_LOGE(TAG, "AES context in invalid state!");
return -1;
}
/* Once H is obtained we need to derive J0 (Initial Counter Block) */
esp_gcm_derive_J0(ctx);
@@ -405,9 +429,9 @@ int esp_aes_gcm_starts( esp_gcm_context *ctx,
/* Perform AES-GCM operation */
int esp_aes_gcm_update( esp_gcm_context *ctx,
size_t length,
const unsigned char *input,
unsigned char *output )
const unsigned char *input, size_t input_length,
unsigned char *output, size_t output_size,
size_t *output_length )
{
size_t nc_off = 0;
uint8_t nonce_counter[AES_BLOCK_BYTES] = {0};
@@ -426,7 +450,7 @@ int esp_aes_gcm_update( esp_gcm_context *ctx,
return -1;
}
if ( output > input && (size_t) ( output - input ) < length ) {
if ( output > input && (size_t) ( output - input ) < input_length ) {
return ( MBEDTLS_ERR_GCM_BAD_INPUT );
}
/* If this is the first time esp_gcm_update is getting called
@@ -444,21 +468,21 @@ int esp_aes_gcm_update( esp_gcm_context *ctx,
/* Perform intermediate GHASH on "encrypted" data during decryption */
if (ctx->mode == ESP_AES_DECRYPT) {
esp_gcm_ghash(ctx, input, length, ctx->ghash);
esp_gcm_ghash(ctx, input, input_length, ctx->ghash);
}
/* Output = GCTR(J0, Input): Encrypt/Decrypt the input */
esp_aes_crypt_ctr(&ctx->aes_ctx, length, &nc_off, nonce_counter, stream, input, output);
esp_aes_crypt_ctr(&ctx->aes_ctx, input_length, &nc_off, nonce_counter, stream, input, output);
/* ICB gets auto incremented after GCTR operation here so update the context */
memcpy(ctx->J0, nonce_counter, AES_BLOCK_BYTES);
/* Keep updating the length counter for final tag calculation */
ctx->data_len += length;
ctx->data_len += input_length;
/* Perform intermediate GHASH on "encrypted" data during encryption*/
if (ctx->mode == ESP_AES_ENCRYPT) {
esp_gcm_ghash(ctx, output, length, ctx->ghash);
esp_gcm_ghash(ctx, output, input_length, ctx->ghash);
}
return 0;
@@ -466,8 +490,9 @@ int esp_aes_gcm_update( esp_gcm_context *ctx,
/* Function to read the tag value */
int esp_aes_gcm_finish( esp_gcm_context *ctx,
unsigned char *tag,
size_t tag_len )
unsigned char *output, size_t output_size,
size_t *output_length,
unsigned char *tag, size_t tag_len )
{
size_t nc_off = 0;
uint8_t len_block[AES_BLOCK_BYTES] = {0};
@@ -531,15 +556,19 @@ static int esp_aes_gcm_crypt_and_tag_partial_hw( esp_gcm_context *ctx,
{
int ret = 0;
if ( ( ret = esp_aes_gcm_starts( ctx, mode, iv, iv_len, aad, aad_len ) ) != 0 ) {
if ( ( ret = esp_aes_gcm_starts( ctx, mode, iv, iv_len ) ) != 0 ) {
return ( ret );
}
if ( ( ret = esp_aes_gcm_update( ctx, length, input, output ) ) != 0 ) {
if ( ( ret = esp_aes_gcm_update_ad( ctx, aad, aad_len ) ) != 0 ) {
return ( ret );
}
if ( ( ret = esp_aes_gcm_finish( ctx, tag, tag_len ) ) != 0 ) {
if ( ( ret = esp_aes_gcm_update( ctx, input, length, output, 0, NULL ) ) != 0 ) {
return ( ret );
}
if ( ( ret = esp_aes_gcm_finish( ctx, output, 0, NULL, tag, tag_len ) ) != 0 ) {
return ( ret );
}

202
components/mbedtls/port/dynamic/esp_mbedtls_dynamic_impl.c
View File

@@ -44,8 +44,8 @@ static void esp_mbedtls_init_ssl_buf(struct esp_mbedtls_ssl_buf *buf, unsigned i
static void esp_mbedtls_parse_record_header(mbedtls_ssl_context *ssl)
{
ssl->in_msgtype = ssl->in_hdr[0];
ssl->in_msglen = (ssl->in_len[0] << 8) | ssl->in_len[1];
ssl->MBEDTLS_PRIVATE(in_msgtype) = ssl->MBEDTLS_PRIVATE(in_hdr)[0];
ssl->MBEDTLS_PRIVATE(in_msglen) = (ssl->MBEDTLS_PRIVATE(in_len)[0] << 8) | ssl->MBEDTLS_PRIVATE(in_len)[1];
}
static int tx_buffer_len(mbedtls_ssl_context *ssl, int len)
@@ -66,82 +66,82 @@ static int tx_buffer_len(mbedtls_ssl_context *ssl, int len)
static void init_tx_buffer(mbedtls_ssl_context *ssl, unsigned char *buf)
{
/**
* In mbedtls, ssl->out_msg = ssl->out_buf + offset;
* In mbedtls, ssl->MBEDTLS_PRIVATE(out_msg) = ssl->MBEDTLS_PRIVATE(out_buf) + offset;
*/
if (!buf) {
int out_msg_off = (int)ssl->out_msg - (int)ssl->out_buf;
int out_msg_off = (int)ssl->MBEDTLS_PRIVATE(out_msg) - (int)ssl->MBEDTLS_PRIVATE(out_buf);
if (!out_msg_off) {
out_msg_off = MBEDTLS_SSL_HEADER_LEN;
}
ssl->out_buf = NULL;
ssl->out_ctr = NULL;
ssl->out_hdr = NULL;
ssl->out_len = NULL;
ssl->out_iv = NULL;
ssl->out_msg = (unsigned char *)out_msg_off;
ssl->MBEDTLS_PRIVATE(out_buf) = NULL;
ssl->MBEDTLS_PRIVATE(out_ctr) = NULL;
ssl->MBEDTLS_PRIVATE(out_hdr) = NULL;
ssl->MBEDTLS_PRIVATE(out_len) = NULL;
ssl->MBEDTLS_PRIVATE(out_iv) = NULL;
ssl->MBEDTLS_PRIVATE(out_msg) = (unsigned char *)out_msg_off;
} else {
int out_msg_off = (int)ssl->out_msg;
int out_msg_off = (int)ssl->MBEDTLS_PRIVATE(out_msg);
ssl->out_buf = buf;
ssl->out_ctr = ssl->out_buf;
ssl->out_hdr = ssl->out_buf + 8;
ssl->out_len = ssl->out_buf + 11;
ssl->out_iv = ssl->out_buf + MBEDTLS_SSL_HEADER_LEN;
ssl->out_msg = ssl->out_buf + out_msg_off;
ssl->MBEDTLS_PRIVATE(out_buf) = buf;
ssl->MBEDTLS_PRIVATE(out_ctr) = ssl->MBEDTLS_PRIVATE(out_buf);
ssl->MBEDTLS_PRIVATE(out_hdr) = ssl->MBEDTLS_PRIVATE(out_buf) + 8;
ssl->MBEDTLS_PRIVATE(out_len) = ssl->MBEDTLS_PRIVATE(out_buf) + 11;
ssl->MBEDTLS_PRIVATE(out_iv) = ssl->MBEDTLS_PRIVATE(out_buf) + MBEDTLS_SSL_HEADER_LEN;
ssl->MBEDTLS_PRIVATE(out_msg) = ssl->MBEDTLS_PRIVATE(out_buf) + out_msg_off;
ESP_LOGV(TAG, "out msg offset is %d", out_msg_off);
}
ssl->out_msgtype = 0;
ssl->out_msglen = 0;
ssl->out_left = 0;
ssl->MBEDTLS_PRIVATE(out_msgtype) = 0;
ssl->MBEDTLS_PRIVATE(out_msglen) = 0;
ssl->MBEDTLS_PRIVATE(out_left) = 0;
}
static void init_rx_buffer(mbedtls_ssl_context *ssl, unsigned char *buf)
{
/**
* In mbedtls, ssl->in_msg = ssl->in_buf + offset;
* In mbedtls, ssl->MBEDTLS_PRIVATE(in_msg) = ssl->MBEDTLS_PRIVATE(in_buf) + offset;
*/
if (!buf) {
int in_msg_off = (int)ssl->in_msg - (int)ssl->in_buf;
int in_msg_off = (int)ssl->MBEDTLS_PRIVATE(in_msg) - (int)ssl->MBEDTLS_PRIVATE(in_buf);
if (!in_msg_off) {
in_msg_off = MBEDTLS_SSL_HEADER_LEN;
}
ssl->in_buf = NULL;
ssl->in_ctr = NULL;
ssl->in_hdr = NULL;
ssl->in_len = NULL;
ssl->in_iv = NULL;
ssl->in_msg = (unsigned char *)in_msg_off;
ssl->MBEDTLS_PRIVATE(in_buf) = NULL;
ssl->MBEDTLS_PRIVATE(in_ctr) = NULL;
ssl->MBEDTLS_PRIVATE(in_hdr) = NULL;
ssl->MBEDTLS_PRIVATE(in_len) = NULL;
ssl->MBEDTLS_PRIVATE(in_iv) = NULL;
ssl->MBEDTLS_PRIVATE(in_msg) = (unsigned char *)in_msg_off;
} else {
int in_msg_off = (int)ssl->in_msg;
int in_msg_off = (int)ssl->MBEDTLS_PRIVATE(in_msg);
ssl->in_buf = buf;
ssl->in_ctr = ssl->in_buf;
ssl->in_hdr = ssl->in_buf + 8;
ssl->in_len = ssl->in_buf + 11;
ssl->in_iv = ssl->in_buf + MBEDTLS_SSL_HEADER_LEN;
ssl->in_msg = ssl->in_buf + in_msg_off;
ssl->MBEDTLS_PRIVATE(in_buf) = buf;
ssl->MBEDTLS_PRIVATE(in_ctr) = ssl->MBEDTLS_PRIVATE(in_buf);
ssl->MBEDTLS_PRIVATE(in_hdr) = ssl->MBEDTLS_PRIVATE(in_buf) + 8;
ssl->MBEDTLS_PRIVATE(in_len) = ssl->MBEDTLS_PRIVATE(in_buf) + 11;
ssl->MBEDTLS_PRIVATE(in_iv) = ssl->MBEDTLS_PRIVATE(in_buf) + MBEDTLS_SSL_HEADER_LEN;
ssl->MBEDTLS_PRIVATE(in_msg) = ssl->MBEDTLS_PRIVATE(in_buf) + in_msg_off;
ESP_LOGV(TAG, "in msg offset is %d", in_msg_off);
}
ssl->in_msgtype = 0;
ssl->in_msglen = 0;
ssl->in_left = 0;
ssl->MBEDTLS_PRIVATE(in_msgtype) = 0;
ssl->MBEDTLS_PRIVATE(in_msglen) = 0;
ssl->MBEDTLS_PRIVATE(in_left) = 0;
}
static int esp_mbedtls_alloc_tx_buf(mbedtls_ssl_context *ssl, int len)
{
struct esp_mbedtls_ssl_buf *esp_buf;
if (ssl->out_buf) {
esp_mbedtls_free_buf(ssl->out_buf);
ssl->out_buf = NULL;
if (ssl->MBEDTLS_PRIVATE(out_buf)) {
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(out_buf));
ssl->MBEDTLS_PRIVATE(out_buf) = NULL;
}
esp_buf = mbedtls_calloc(1, SSL_BUF_HEAD_OFFSET_SIZE + len);
@@ -154,11 +154,11 @@ static int esp_mbedtls_alloc_tx_buf(mbedtls_ssl_context *ssl, int len)
esp_mbedtls_init_ssl_buf(esp_buf, len);
/**
* Mark the out_msg offset from ssl->out_buf.
* Mark the out_msg offset from ssl->MBEDTLS_PRIVATE(out_buf).
*
* In mbedtls, ssl->out_msg = ssl->out_buf + offset;
* In mbedtls, ssl->MBEDTLS_PRIVATE(out_msg) = ssl->MBEDTLS_PRIVATE(out_buf) + offset;
*/
ssl->out_msg = (unsigned char *)MBEDTLS_SSL_HEADER_LEN;
ssl->MBEDTLS_PRIVATE(out_msg) = (unsigned char *)MBEDTLS_SSL_HEADER_LEN;
init_tx_buffer(ssl, esp_buf->buf);
@@ -170,14 +170,14 @@ int esp_mbedtls_setup_tx_buffer(mbedtls_ssl_context *ssl)
CHECK_OK(esp_mbedtls_alloc_tx_buf(ssl, TX_IDLE_BUFFER_SIZE));
/* mark the out buffer has no data cached */
esp_mbedtls_set_buf_state(ssl->out_buf, ESP_MBEDTLS_SSL_BUF_NO_CACHED);
esp_mbedtls_set_buf_state(ssl->MBEDTLS_PRIVATE(out_buf), ESP_MBEDTLS_SSL_BUF_NO_CACHED);
return 0;
}
void esp_mbedtls_setup_rx_buffer(mbedtls_ssl_context *ssl)
{
ssl->in_msg = ssl->in_buf = NULL;
ssl->MBEDTLS_PRIVATE(in_msg) = ssl->MBEDTLS_PRIVATE(in_buf) = NULL;
init_rx_buffer(ssl, NULL);
}
@@ -188,7 +188,7 @@ int esp_mbedtls_reset_add_tx_buffer(mbedtls_ssl_context *ssl)
int esp_mbedtls_reset_free_tx_buffer(mbedtls_ssl_context *ssl)
{
esp_mbedtls_free_buf(ssl->out_buf);
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(out_buf));
init_tx_buffer(ssl, NULL);
CHECK_OK(esp_mbedtls_setup_tx_buffer(ssl));
@@ -200,9 +200,9 @@ int esp_mbedtls_reset_add_rx_buffer(mbedtls_ssl_context *ssl)
{
struct esp_mbedtls_ssl_buf *esp_buf;
if (ssl->in_buf) {
esp_mbedtls_free_buf(ssl->in_buf);
ssl->in_buf = NULL;
if (ssl->MBEDTLS_PRIVATE(in_buf)) {
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(in_buf));
ssl->MBEDTLS_PRIVATE(in_buf) = NULL;
}
esp_buf = mbedtls_calloc(1, SSL_BUF_HEAD_OFFSET_SIZE + MBEDTLS_SSL_IN_BUFFER_LEN);
@@ -215,11 +215,11 @@ int esp_mbedtls_reset_add_rx_buffer(mbedtls_ssl_context *ssl)
esp_mbedtls_init_ssl_buf(esp_buf, MBEDTLS_SSL_IN_BUFFER_LEN);
/**
* Mark the in_msg offset from ssl->in_buf.
* Mark the in_msg offset from ssl->MBEDTLS_PRIVATE(in_buf).
*
* In mbedtls, ssl->in_msg = ssl->in_buf + offset;
* In mbedtls, ssl->MBEDTLS_PRIVATE(in_msg) = ssl->MBEDTLS_PRIVATE(in_buf) + offset;
*/
ssl->in_msg = (unsigned char *)MBEDTLS_SSL_HEADER_LEN;
ssl->MBEDTLS_PRIVATE(in_msg) = (unsigned char *)MBEDTLS_SSL_HEADER_LEN;
init_rx_buffer(ssl, esp_buf->buf);
@@ -228,7 +228,7 @@ int esp_mbedtls_reset_add_rx_buffer(mbedtls_ssl_context *ssl)
void esp_mbedtls_reset_free_rx_buffer(mbedtls_ssl_context *ssl)
{
esp_mbedtls_free_buf(ssl->in_buf);
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(in_buf));
init_rx_buffer(ssl, NULL);
}
@@ -241,14 +241,14 @@ int esp_mbedtls_add_tx_buffer(mbedtls_ssl_context *ssl, size_t buffer_len)
ESP_LOGV(TAG, "--> add out");
if (ssl->out_buf) {
if (esp_mbedtls_get_buf_state(ssl->out_buf) == ESP_MBEDTLS_SSL_BUF_CACHED) {
if (ssl->MBEDTLS_PRIVATE(out_buf)) {
if (esp_mbedtls_get_buf_state(ssl->MBEDTLS_PRIVATE(out_buf)) == ESP_MBEDTLS_SSL_BUF_CACHED) {
ESP_LOGV(TAG, "out buffer is not empty");
ret = 0;
goto exit;
} else {
memcpy(cache_buf, ssl->out_buf, CACHE_BUFFER_SIZE);
esp_mbedtls_free_buf(ssl->out_buf);
memcpy(cache_buf, ssl->MBEDTLS_PRIVATE(out_buf), CACHE_BUFFER_SIZE);
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(out_buf));
init_tx_buffer(ssl, NULL);
cached = 1;
}
@@ -269,11 +269,11 @@ int esp_mbedtls_add_tx_buffer(mbedtls_ssl_context *ssl, size_t buffer_len)
init_tx_buffer(ssl, esp_buf->buf);
if (cached) {
memcpy(ssl->out_ctr, cache_buf, COUNTER_SIZE);
memcpy(ssl->out_iv, cache_buf + COUNTER_SIZE, CACHE_IV_SIZE);
memcpy(ssl->MBEDTLS_PRIVATE(out_ctr), cache_buf, COUNTER_SIZE);
memcpy(ssl->MBEDTLS_PRIVATE(out_iv), cache_buf + COUNTER_SIZE, CACHE_IV_SIZE);
}
ESP_LOGV(TAG, "ssl->out_buf=%p ssl->out_msg=%p", ssl->out_buf, ssl->out_msg);
ESP_LOGV(TAG, "ssl->MBEDTLS_PRIVATE(out_buf)=%p ssl->MBEDTLS_PRIVATE(out_msg)=%p", ssl->MBEDTLS_PRIVATE(out_buf), ssl->MBEDTLS_PRIVATE(out_msg));
exit:
ESP_LOGV(TAG, "<-- add out");
@@ -290,15 +290,15 @@ int esp_mbedtls_free_tx_buffer(mbedtls_ssl_context *ssl)
ESP_LOGV(TAG, "--> free out");
if (!ssl->out_buf || (ssl->out_buf && (esp_mbedtls_get_buf_state(ssl->out_buf) == ESP_MBEDTLS_SSL_BUF_NO_CACHED))) {
if (!ssl->MBEDTLS_PRIVATE(out_buf) || (ssl->MBEDTLS_PRIVATE(out_buf) && (esp_mbedtls_get_buf_state(ssl->MBEDTLS_PRIVATE(out_buf)) == ESP_MBEDTLS_SSL_BUF_NO_CACHED))) {
ret = 0;
goto exit;
}
memcpy(buf, ssl->out_ctr, COUNTER_SIZE);
memcpy(buf + COUNTER_SIZE, ssl->out_iv, CACHE_IV_SIZE);
memcpy(buf, ssl->MBEDTLS_PRIVATE(out_ctr), COUNTER_SIZE);
memcpy(buf + COUNTER_SIZE, ssl->MBEDTLS_PRIVATE(out_iv), CACHE_IV_SIZE);
esp_mbedtls_free_buf(ssl->out_buf);
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(out_buf));
init_tx_buffer(ssl, NULL);
esp_buf = mbedtls_calloc(1, SSL_BUF_HEAD_OFFSET_SIZE + TX_IDLE_BUFFER_SIZE);
@@ -310,7 +310,7 @@ int esp_mbedtls_free_tx_buffer(mbedtls_ssl_context *ssl)
esp_mbedtls_init_ssl_buf(esp_buf, TX_IDLE_BUFFER_SIZE);
memcpy(esp_buf->buf, buf, CACHE_BUFFER_SIZE);
init_tx_buffer(ssl, esp_buf->buf);
esp_mbedtls_set_buf_state(ssl->out_buf, ESP_MBEDTLS_SSL_BUF_NO_CACHED);
esp_mbedtls_set_buf_state(ssl->MBEDTLS_PRIVATE(out_buf), ESP_MBEDTLS_SSL_BUF_NO_CACHED);
exit:
ESP_LOGV(TAG, "<-- free out");
@@ -329,8 +329,8 @@ int esp_mbedtls_add_rx_buffer(mbedtls_ssl_context *ssl)
ESP_LOGV(TAG, "--> add rx");
if (ssl->in_buf) {
if (esp_mbedtls_get_buf_state(ssl->in_buf) == ESP_MBEDTLS_SSL_BUF_CACHED) {
if (ssl->MBEDTLS_PRIVATE(in_buf)) {
if (esp_mbedtls_get_buf_state(ssl->MBEDTLS_PRIVATE(in_buf)) == ESP_MBEDTLS_SSL_BUF_CACHED) {
ESP_LOGV(TAG, "in buffer is not empty");
ret = 0;
goto exit;
@@ -339,8 +339,8 @@ int esp_mbedtls_add_rx_buffer(mbedtls_ssl_context *ssl)
}
}
ssl->in_hdr = msg_head;
ssl->in_len = msg_head + 3;
ssl->MBEDTLS_PRIVATE(in_hdr) = msg_head;
ssl->MBEDTLS_PRIVATE(in_len) = msg_head + 3;
if ((ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_in_hdr_len(ssl))) != 0) {
if (ret == MBEDTLS_ERR_SSL_TIMEOUT) {
@@ -356,16 +356,16 @@ int esp_mbedtls_add_rx_buffer(mbedtls_ssl_context *ssl)
esp_mbedtls_parse_record_header(ssl);
in_left = ssl->in_left;
in_msglen = ssl->in_msglen;
in_left = ssl->MBEDTLS_PRIVATE(in_left);
in_msglen = ssl->MBEDTLS_PRIVATE(in_msglen);
buffer_len = tx_buffer_len(ssl, in_msglen);
ESP_LOGV(TAG, "message length is %d RX buffer length should be %d left is %d",
(int)in_msglen, (int)buffer_len, (int)ssl->in_left);
(int)in_msglen, (int)buffer_len, (int)ssl->MBEDTLS_PRIVATE(in_left));
if (cached) {
memcpy(cache_buf, ssl->in_buf, 16);
esp_mbedtls_free_buf(ssl->in_buf);
memcpy(cache_buf, ssl->MBEDTLS_PRIVATE(in_buf), 16);
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(in_buf));
init_rx_buffer(ssl, NULL);
}
@@ -382,13 +382,13 @@ int esp_mbedtls_add_rx_buffer(mbedtls_ssl_context *ssl)
init_rx_buffer(ssl, esp_buf->buf);
if (cached) {
memcpy(ssl->in_ctr, cache_buf, 8);
memcpy(ssl->in_iv, cache_buf + 8, 8);
memcpy(ssl->MBEDTLS_PRIVATE(in_ctr), cache_buf, 8);
memcpy(ssl->MBEDTLS_PRIVATE(in_iv), cache_buf + 8, 8);
}
memcpy(ssl->in_hdr, msg_head, in_left);
ssl->in_left = in_left;
ssl->in_msglen = 0;
memcpy(ssl->MBEDTLS_PRIVATE(in_hdr), msg_head, in_left);
ssl->MBEDTLS_PRIVATE(in_left) = in_left;
ssl->MBEDTLS_PRIVATE(in_msglen) = 0;
exit:
ESP_LOGV(TAG, "<-- add rx");
@@ -407,23 +407,23 @@ int esp_mbedtls_free_rx_buffer(mbedtls_ssl_context *ssl)
/**
* When have read multi messages once, can't free the input buffer directly.
*/
if (!ssl->in_buf || (ssl->in_hslen && (ssl->in_hslen < ssl->in_msglen)) ||
(ssl->in_buf && (esp_mbedtls_get_buf_state(ssl->in_buf) == ESP_MBEDTLS_SSL_BUF_NO_CACHED))) {
if (!ssl->MBEDTLS_PRIVATE(in_buf) || (ssl->MBEDTLS_PRIVATE(in_hslen) && (ssl->MBEDTLS_PRIVATE(in_hslen) < ssl->MBEDTLS_PRIVATE(in_msglen))) ||
(ssl->MBEDTLS_PRIVATE(in_buf) && (esp_mbedtls_get_buf_state(ssl->MBEDTLS_PRIVATE(in_buf)) == ESP_MBEDTLS_SSL_BUF_NO_CACHED))) {
ret = 0;
goto exit;
}
/**
* The previous processing is just skipped, so "ssl->in_msglen = 0"
* The previous processing is just skipped, so "ssl->MBEDTLS_PRIVATE(in_msglen) = 0"
*/
if (!ssl->in_msgtype) {
if (!ssl->MBEDTLS_PRIVATE(in_msgtype)) {
goto exit;
}
memcpy(buf, ssl->in_ctr, 8);
memcpy(buf + 8, ssl->in_iv, 8);
memcpy(buf, ssl->MBEDTLS_PRIVATE(in_ctr), 8);
memcpy(buf + 8, ssl->MBEDTLS_PRIVATE(in_iv), 8);
esp_mbedtls_free_buf(ssl->in_buf);
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(in_buf));
init_rx_buffer(ssl, NULL);
esp_buf = mbedtls_calloc(1, SSL_BUF_HEAD_OFFSET_SIZE + 16);
@@ -436,7 +436,7 @@ int esp_mbedtls_free_rx_buffer(mbedtls_ssl_context *ssl)
esp_mbedtls_init_ssl_buf(esp_buf, 16);
memcpy(esp_buf->buf, buf, 16);
init_rx_buffer(ssl, esp_buf->buf);
esp_mbedtls_set_buf_state(ssl->in_buf, ESP_MBEDTLS_SSL_BUF_NO_CACHED);
esp_mbedtls_set_buf_state(ssl->MBEDTLS_PRIVATE(in_buf), ESP_MBEDTLS_SSL_BUF_NO_CACHED);
exit:
ESP_LOGV(TAG, "<-- free rx");
@@ -449,10 +449,10 @@ size_t esp_mbedtls_get_crt_size(mbedtls_x509_crt *cert, size_t *num)
size_t bytes = 0;
while (cert) {
bytes += cert->raw.len;
bytes += cert->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(len);
n++;
cert = cert->next;
cert = cert->MBEDTLS_PRIVATE(next);
}
*num = n;
@@ -464,15 +464,15 @@ size_t esp_mbedtls_get_crt_size(mbedtls_x509_crt *cert, size_t *num)
void esp_mbedtls_free_dhm(mbedtls_ssl_context *ssl)
{
#ifdef CONFIG_MBEDTLS_DHM_C
mbedtls_mpi_free((mbedtls_mpi *)&ssl->conf->dhm_P);
mbedtls_mpi_free((mbedtls_mpi *)&ssl->conf->dhm_G);
mbedtls_mpi_free((mbedtls_mpi *)&ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(dhm_P));
mbedtls_mpi_free((mbedtls_mpi *)&ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(dhm_G));
#endif /* CONFIG_MBEDTLS_DHM_C */
}
void esp_mbedtls_free_keycert(mbedtls_ssl_context *ssl)
{
mbedtls_ssl_config *conf = (mbedtls_ssl_config *)ssl->conf;
mbedtls_ssl_key_cert *keycert = conf->key_cert, *next;
mbedtls_ssl_config *conf = (mbedtls_ssl_config *)ssl->MBEDTLS_PRIVATE(conf);
mbedtls_ssl_key_cert *keycert = conf->MBEDTLS_PRIVATE(key_cert), *next;
while (keycert) {
next = keycert->next;
@@ -484,12 +484,12 @@ void esp_mbedtls_free_keycert(mbedtls_ssl_context *ssl)
keycert = next;
}
conf->key_cert = NULL;
conf->MBEDTLS_PRIVATE(key_cert) = NULL;
}
void esp_mbedtls_free_keycert_key(mbedtls_ssl_context *ssl)
{
mbedtls_ssl_key_cert *keycert = ssl->conf->key_cert;
mbedtls_ssl_key_cert *keycert = ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(key_cert);
while (keycert) {
if (keycert->key) {
@@ -502,7 +502,7 @@ void esp_mbedtls_free_keycert_key(mbedtls_ssl_context *ssl)
void esp_mbedtls_free_keycert_cert(mbedtls_ssl_context *ssl)
{
mbedtls_ssl_key_cert *keycert = ssl->conf->key_cert;
mbedtls_ssl_key_cert *keycert = ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(key_cert);
while (keycert) {
if (keycert->cert) {
@@ -517,11 +517,11 @@ void esp_mbedtls_free_keycert_cert(mbedtls_ssl_context *ssl)
#ifdef CONFIG_MBEDTLS_DYNAMIC_FREE_CA_CERT
void esp_mbedtls_free_cacert(mbedtls_ssl_context *ssl)
{
if (ssl->conf->ca_chain) {
mbedtls_ssl_config *conf = (mbedtls_ssl_config *)ssl->conf;
if (ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(ca_chain)) {
mbedtls_ssl_config *conf = (mbedtls_ssl_config *)ssl->MBEDTLS_PRIVATE(conf);
mbedtls_x509_crt_free(conf->ca_chain);
conf->ca_chain = NULL;
mbedtls_x509_crt_free(conf->MBEDTLS_PRIVATE(ca_chain));
conf->MBEDTLS_PRIVATE(ca_chain) = NULL;
}
}
#endif /* CONFIG_MBEDTLS_DYNAMIC_FREE_CA_CERT */

16
components/mbedtls/port/dynamic/esp_ssl_cli.c
View File

@@ -15,14 +15,14 @@ static const char *TAG = "SSL client";
static int manage_resource(mbedtls_ssl_context *ssl, bool add)
{
int state = add ? ssl->state : ssl->state - 1;
int state = add ? ssl->MBEDTLS_PRIVATE(state) : ssl->MBEDTLS_PRIVATE(state) - 1;
if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) {
if (ssl->MBEDTLS_PRIVATE(state) == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->MBEDTLS_PRIVATE(handshake) == NULL) {
return 0;
}
if (!add) {
if (!ssl->out_left) {
if (!ssl->MBEDTLS_PRIVATE(out_left)) {
CHECK_OK(esp_mbedtls_free_tx_buffer(ssl));
}
}
@@ -61,25 +61,25 @@ static int manage_resource(mbedtls_ssl_context *ssl, bool add)
if (add) {
CHECK_OK(esp_mbedtls_add_rx_buffer(ssl));
} else {
if (!ssl->keep_current_message) {
if (!ssl->MBEDTLS_PRIVATE(keep_current_message)) {
CHECK_OK(esp_mbedtls_free_rx_buffer(ssl));
}
}
break;
case MBEDTLS_SSL_CERTIFICATE_REQUEST:
if (add) {
if (!ssl->keep_current_message) {
if (!ssl->MBEDTLS_PRIVATE(keep_current_message)) {
CHECK_OK(esp_mbedtls_add_rx_buffer(ssl));
}
} else {
if (!ssl->keep_current_message) {
if (!ssl->MBEDTLS_PRIVATE(keep_current_message)) {
CHECK_OK(esp_mbedtls_free_rx_buffer(ssl));
}
}
break;
case MBEDTLS_SSL_SERVER_HELLO_DONE:
if (add) {
if (!ssl->keep_current_message) {
if (!ssl->MBEDTLS_PRIVATE(keep_current_message)) {
CHECK_OK(esp_mbedtls_add_rx_buffer(ssl));
}
} else {
@@ -91,7 +91,7 @@ static int manage_resource(mbedtls_ssl_context *ssl, bool add)
case MBEDTLS_SSL_CLIENT_CERTIFICATE:
if (add) {
size_t buffer_len = 3;
mbedtls_ssl_key_cert *key_cert = ssl->conf->key_cert;
mbedtls_ssl_key_cert *key_cert = ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(key_cert);
while (key_cert && key_cert->cert) {
size_t num;

10
components/mbedtls/port/dynamic/esp_ssl_srv.c
View File

@@ -14,21 +14,21 @@ static const char *TAG = "SSL Server";
static int manage_resource(mbedtls_ssl_context *ssl, bool add)
{
int state = add ? ssl->state : ssl->state - 1;
int state = add ? ssl->MBEDTLS_PRIVATE(state) : ssl->MBEDTLS_PRIVATE(state) - 1;
if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) {
if (ssl->MBEDTLS_PRIVATE(state) == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->MBEDTLS_PRIVATE(handshake) == NULL) {
return 0;
}
if (!add) {
if (!ssl->out_left) {
if (!ssl->MBEDTLS_PRIVATE(out_left)) {
CHECK_OK(esp_mbedtls_free_tx_buffer(ssl));
}
}
switch (state) {
case MBEDTLS_SSL_HELLO_REQUEST:
ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
ssl->MBEDTLS_PRIVATE(major_ver) = MBEDTLS_SSL_MAJOR_VERSION_3;
break;
case MBEDTLS_SSL_CLIENT_HELLO:
if (add) {
@@ -49,7 +49,7 @@ static int manage_resource(mbedtls_ssl_context *ssl, bool add)
case MBEDTLS_SSL_SERVER_CERTIFICATE:
if (add) {
size_t buffer_len = 3;
mbedtls_ssl_key_cert *key_cert = ssl->conf->key_cert;
mbedtls_ssl_key_cert *key_cert = ssl->MBEDTLS_PRIVATE(conf)->MBEDTLS_PRIVATE(key_cert);
while (key_cert && key_cert->cert) {
size_t num;

23
components/mbedtls/port/dynamic/esp_ssl_tls.c
View File

@@ -3,7 +3,6 @@
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <sys/param.h>
#include "esp_mbedtls_dynamic_impl.h"
@@ -27,7 +26,7 @@ static const char *TAG = "SSL TLS";
static int tx_done(mbedtls_ssl_context *ssl)
{
if (!ssl->out_left)
if (!ssl->MBEDTLS_PRIVATE(out_left))
return 1;
return 0;
@@ -35,7 +34,7 @@ static int tx_done(mbedtls_ssl_context *ssl)
static int rx_done(mbedtls_ssl_context *ssl)
{
if (!ssl->in_msglen) {
if (!ssl->MBEDTLS_PRIVATE(in_msglen)) {
return 1;
}
@@ -178,10 +177,12 @@ int __wrap_mbedtls_ssl_setup(mbedtls_ssl_context *ssl, const mbedtls_ssl_config
ssl->conf = conf;
CHECK_OK(ssl_handshake_init(ssl));
ssl->out_buf = NULL;
mbedtls_free(ssl->MBEDTLS_PRIVATE(out_buf));
ssl->MBEDTLS_PRIVATE(out_buf) = NULL;
CHECK_OK(esp_mbedtls_setup_tx_buffer(ssl));
ssl->in_buf = NULL;
mbedtls_free(ssl->MBEDTLS_PRIVATE(in_buf));
ssl->MBEDTLS_PRIVATE(in_buf) = NULL;
esp_mbedtls_setup_rx_buffer(ssl);
return 0;
@@ -228,14 +229,14 @@ int __wrap_mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t
void __wrap_mbedtls_ssl_free(mbedtls_ssl_context *ssl)
{
if (ssl->out_buf) {
esp_mbedtls_free_buf(ssl->out_buf);
ssl->out_buf = NULL;
if (ssl->MBEDTLS_PRIVATE(out_buf)) {
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(out_buf));
ssl->MBEDTLS_PRIVATE(out_buf) = NULL;
}
if (ssl->in_buf) {
esp_mbedtls_free_buf(ssl->in_buf);
ssl->in_buf = NULL;
if (ssl->MBEDTLS_PRIVATE(in_buf)) {
esp_mbedtls_free_buf(ssl->MBEDTLS_PRIVATE(in_buf));
ssl->MBEDTLS_PRIVATE(in_buf) = NULL;
}
__real_mbedtls_ssl_free(ssl);

14
components/mbedtls/port/esp32/bignum.c
View File

@@ -83,11 +83,11 @@ void esp_mpi_interrupt_clear( void )
static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, size_t hw_words)
{
uint32_t *pbase = (uint32_t *)mem_base;
uint32_t copy_words = MIN(hw_words, mpi->n);
uint32_t copy_words = MIN(hw_words, mpi->MBEDTLS_PRIVATE(n));
/* Copy MPI data to memory block registers */
for (uint32_t i = 0; i < copy_words; i++) {
pbase[i] = mpi->p[i];
pbase[i] = mpi->MBEDTLS_PRIVATE(p[i]);
}
/* Zero any remaining memory block data */
@@ -105,15 +105,15 @@ static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, s
*/
static inline void mem_block_to_mpi(mbedtls_mpi *x, uint32_t mem_base, size_t num_words)
{
assert(x->n >= num_words);
assert(x->MBEDTLS_PRIVATE(n) >= num_words);
/* Copy data from memory block registers */
esp_dport_access_read_buffer(x->p, mem_base, num_words);
esp_dport_access_read_buffer(x->MBEDTLS_PRIVATE(p), mem_base, num_words);
/* Zero any remaining limbs in the bignum, if the buffer is bigger
than num_words */
for (size_t i = num_words; i < x->n; i++) {
x->p[i] = 0;
for (size_t i = num_words; i < x->MBEDTLS_PRIVATE(n); i++) {
x->MBEDTLS_PRIVATE(p[i]) = 0;
}
}
@@ -215,7 +215,7 @@ int esp_mont_hw_op(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, c
mpi_to_mem_block(RSA_MEM_RB_BLOCK_BASE, Y, hw_words);
start_op(RSA_MULT_START_REG);
Z->s = 1; // The sign of Z will be = M->s (but M->s is always 1)
Z->MBEDTLS_PRIVATE(s) = 1; // The sign of Z will be = M->s (but M->s is always 1)
MBEDTLS_MPI_CHK( mbedtls_mpi_grow(Z, hw_words) );
wait_op_complete();

10
components/mbedtls/port/esp32c3/bignum.c
View File

@@ -80,11 +80,11 @@ void esp_mpi_interrupt_clear( void )
static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, size_t num_words)
{
uint32_t *pbase = (uint32_t *)mem_base;
uint32_t copy_words = MIN(num_words, mpi->n);
uint32_t copy_words = MIN(num_words, mpi->MBEDTLS_PRIVATE(n));
/* Copy MPI data to memory block registers */
for (int i = 0; i < copy_words; i++) {
pbase[i] = mpi->p[i];
pbase[i] = mpi->MBEDTLS_PRIVATE(p)[i];
}
/* Zero any remaining memory block data */
@@ -103,12 +103,12 @@ static inline void mem_block_to_mpi(mbedtls_mpi *x, uint32_t mem_base, int num_w
/* Copy data from memory block registers */
const size_t REG_WIDTH = sizeof(uint32_t);
for (size_t i = 0; i < num_words; i++) {
x->p[i] = REG_READ(mem_base + (i * REG_WIDTH));
x->MBEDTLS_PRIVATE(p)[i] = REG_READ(mem_base + (i * REG_WIDTH));
}
/* Zero any remaining limbs in the bignum, if the buffer is bigger
than num_words */
for (size_t i = num_words; i < x->n; i++) {
x->p[i] = 0;
for (size_t i = num_words; i < x->MBEDTLS_PRIVATE(n); i++) {
x->MBEDTLS_PRIVATE(p)[i] = 0;
}
}

10
components/mbedtls/port/esp32h2/bignum.c
View File

@@ -80,11 +80,11 @@ void esp_mpi_interrupt_clear( void )
static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, size_t num_words)
{
uint32_t *pbase = (uint32_t *)mem_base;
uint32_t copy_words = MIN(num_words, mpi->n);
uint32_t copy_words = MIN(num_words, mpi->MBEDTLS_PRIVATE(n));
/* Copy MPI data to memory block registers */
for (int i = 0; i < copy_words; i++) {
pbase[i] = mpi->p[i];
pbase[i] = mpi->MBEDTLS_PRIVATE(p)[i];
}
/* Zero any remaining memory block data */
@@ -103,12 +103,12 @@ static inline void mem_block_to_mpi(mbedtls_mpi *x, uint32_t mem_base, int num_w
/* Copy data from memory block registers */
const size_t REG_WIDTH = sizeof(uint32_t);
for (size_t i = 0; i < num_words; i++) {
x->p[i] = REG_READ(mem_base + (i * REG_WIDTH));
x->MBEDTLS_PRIVATE(p)[i] = REG_READ(mem_base + (i * REG_WIDTH));
}
/* Zero any remaining limbs in the bignum, if the buffer is bigger
than num_words */
for (size_t i = num_words; i < x->n; i++) {
x->p[i] = 0;
for (size_t i = num_words; i < x->MBEDTLS_PRIVATE(n); i++) {
x->MBEDTLS_PRIVATE(p)[i] = 0;
}
}

10
components/mbedtls/port/esp32s2/bignum.c
View File

@@ -78,11 +78,11 @@ void esp_mpi_interrupt_clear( void )
static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, size_t num_words)
{
uint32_t *pbase = (uint32_t *)mem_base;
uint32_t copy_words = MIN(num_words, mpi->n);
uint32_t copy_words = MIN(num_words, mpi->MBEDTLS_PRIVATE(n));
/* Copy MPI data to memory block registers */
for (uint32_t i = 0; i < copy_words; i++) {
pbase[i] = mpi->p[i];
pbase[i] = mpi->MBEDTLS_PRIVATE(p)[i];
}
/* Zero any remaining memory block data */
@@ -99,11 +99,11 @@ static inline void mem_block_to_mpi(mbedtls_mpi *x, uint32_t mem_base, int num_w
{
/* Copy data from memory block registers */
esp_dport_access_read_buffer(x->p, mem_base, num_words);
esp_dport_access_read_buffer(x->MBEDTLS_PRIVATE(p), mem_base, num_words);
/* Zero any remaining limbs in the bignum, if the buffer is bigger
than num_words */
for (size_t i = num_words; i < x->n; i++) {
x->p[i] = 0;
for (size_t i = num_words; i < x->MBEDTLS_PRIVATE(n); i++) {
x->MBEDTLS_PRIVATE(p)[i] = 0;
}
}

10
components/mbedtls/port/esp32s3/bignum.c
View File

@@ -75,11 +75,11 @@ void esp_mpi_interrupt_clear( void )
static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, size_t num_words)
{
uint32_t *pbase = (uint32_t *)mem_base;
uint32_t copy_words = MIN(num_words, mpi->n);
uint32_t copy_words = MIN(num_words, mpi->MBEDTLS_PRIVATE(n));
/* Copy MPI data to memory block registers */
for (uint32_t i = 0; i < copy_words; i++) {
pbase[i] = mpi->p[i];
pbase[i] = mpi->MBEDTLS_PRIVATE(p)[i];
}
/* Zero any remaining memory block data */
@@ -96,11 +96,11 @@ static inline void mem_block_to_mpi(mbedtls_mpi *x, uint32_t mem_base, int num_w
{
/* Copy data from memory block registers */
esp_dport_access_read_buffer(x->p, mem_base, num_words);
esp_dport_access_read_buffer(x->MBEDTLS_PRIVATE(p), mem_base, num_words);
/* Zero any remaining limbs in the bignum, if the buffer is bigger
than num_words */
for (size_t i = num_words; i < x->n; i++) {
x->p[i] = 0;
for (size_t i = num_words; i < x->MBEDTLS_PRIVATE(n); i++) {
x->MBEDTLS_PRIVATE(p)[i] = 0;
}
}

52
components/mbedtls/port/esp_bignum.c
View File

@@ -150,8 +150,8 @@ static inline size_t bits_to_words(size_t bits)
#if defined(MBEDTLS_MPI_EXP_MOD_ALT) || defined(MBEDTLS_MPI_EXP_MOD_ALT_FALLBACK)
static size_t mpi_words(const mbedtls_mpi *mpi)
{
for (size_t i = mpi->n; i > 0; i--) {
if (mpi->p[i - 1] != 0) {
for (size_t i = mpi->MBEDTLS_PRIVATE(n); i > 0; i--) {
if (mpi->MBEDTLS_PRIVATE(p[i - 1]) != 0) {
return i;
}
}
@@ -174,7 +174,7 @@ static mbedtls_mpi_uint modular_inverse(const mbedtls_mpi *M)
uint64_t t = 1;
uint64_t two_2_i_minus_1 = 2; /* 2^(i-1) */
uint64_t two_2_i = 4; /* 2^i */
uint64_t N = M->p[0];
uint64_t N = M->MBEDTLS_PRIVATE(p[0]);
for (i = 2; i <= 32; i++) {
if ((mbedtls_mpi_uint) N * t % two_2_i >= two_2_i_minus_1) {
@@ -252,7 +252,7 @@ int esp_mpi_mul_mpi_mod(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Z, z_words));
esp_mpi_read_result_hw_op(Z, z_words);
Z->s = X->s * Y->s;
Z->MBEDTLS_PRIVATE(s) = X->MBEDTLS_PRIVATE(s) * Y->MBEDTLS_PRIVATE(s);
cleanup:
mbedtls_mpi_free(&Rinv);
@@ -270,11 +270,11 @@ cleanup:
static size_t mbedtls_mpi_msb( const mbedtls_mpi *X )
{
int i, j;
if (X != NULL && X->n != 0) {
for (i = X->n - 1; i >= 0; i--) {
if (X->p[i] != 0) {
if (X != NULL && X->MBEDTLS_PRIVATE(n) != 0) {
for (i = X->MBEDTLS_PRIVATE(n) - 1; i >= 0; i--) {
if (X->MBEDTLS_PRIVATE(p[i]) != 0) {
for (j = biL - 1; j >= 0; j--) {
if ((X->p[i] & (1 << j)) != 0) {
if ((X->MBEDTLS_PRIVATE(p[i]) & (1 << j)) != 0) {
return (i * biL) + j;
}
}
@@ -374,7 +374,7 @@ static int esp_mpi_exp_mod( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_
return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
}
if (mbedtls_mpi_cmp_int(M, 0) <= 0 || (M->p[0] & 1) == 0) {
if (mbedtls_mpi_cmp_int(M, 0) <= 0 || (M->MBEDTLS_PRIVATE(p[0]) & 1) == 0) {
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
@@ -394,7 +394,7 @@ static int esp_mpi_exp_mod( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_
} else {
Rinv = _Rinv;
}
if (Rinv->p == NULL) {
if (Rinv->MBEDTLS_PRIVATE(p) == NULL) {
MBEDTLS_MPI_CHK(calculate_rinv(Rinv, M, num_words));
}
@@ -435,11 +435,11 @@ static int esp_mpi_exp_mod( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_
#endif
// Compensate for negative X
if (X->s == -1 && (Y->p[0] & 1) != 0) {
Z->s = -1;
if (X->MBEDTLS_PRIVATE(s) == -1 && (Y->MBEDTLS_PRIVATE(p[0]) & 1) != 0) {
Z->MBEDTLS_PRIVATE(s) = -1;
MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(Z, M, Z));
} else {
Z->s = 1;
Z->MBEDTLS_PRIVATE(s) = 1;
}
cleanup:
@@ -504,12 +504,12 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi
}
if (x_bits == 1) {
ret = mbedtls_mpi_copy(Z, Y);
Z->s *= X->s;
Z->MBEDTLS_PRIVATE(s) *= X->MBEDTLS_PRIVATE(s);
return ret;
}
if (y_bits == 1) {
ret = mbedtls_mpi_copy(Z, X);
Z->s *= Y->s;
Z->MBEDTLS_PRIVATE(s) *= Y->MBEDTLS_PRIVATE(s);
return ret;
}
@@ -548,7 +548,7 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi
esp_mpi_disable_hardware_hw_op();
Z->s = X->s * Y->s;
Z->MBEDTLS_PRIVATE(s) = X->MBEDTLS_PRIVATE(s) * Y->MBEDTLS_PRIVATE(s);
cleanup:
return ret;
@@ -559,9 +559,9 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint
mbedtls_mpi _B;
mbedtls_mpi_uint p[1];
_B.s = 1;
_B.n = 1;
_B.p = p;
_B.MBEDTLS_PRIVATE(s) = 1;
_B.MBEDTLS_PRIVATE(n) = 1;
_B.MBEDTLS_PRIVATE(p) = p;
p[0] = b;
return( mbedtls_mpi_mul_mpi( X, A, &_B ) );
@@ -592,15 +592,15 @@ static int mpi_mult_mpi_overlong(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbe
const size_t words_slice = y_words / 2;
/* Yp holds lower bits of Y (declared to reuse Y's array contents to save on copying) */
const mbedtls_mpi Yp = {
.p = Y->p,
.n = words_slice,
.s = Y->s
.MBEDTLS_PRIVATE(p) = Y->MBEDTLS_PRIVATE(p),
.MBEDTLS_PRIVATE(n) = words_slice,
.MBEDTLS_PRIVATE(s) = Y->MBEDTLS_PRIVATE(s)
};
/* Ypp holds upper bits of Y, right shifted (also reuses Y's array contents) */
const mbedtls_mpi Ypp = {
.p = Y->p + words_slice,
.n = y_words - words_slice,
.s = Y->s
.MBEDTLS_PRIVATE(p) = Y->MBEDTLS_PRIVATE(p) + words_slice,
.MBEDTLS_PRIVATE(n) = y_words - words_slice,
.MBEDTLS_PRIVATE(s) = Y->MBEDTLS_PRIVATE(s)
};
mbedtls_mpi_init(&Ztemp);
@@ -651,7 +651,7 @@ static int mpi_mult_mpi_failover_mod_mult( mbedtls_mpi *Z, const mbedtls_mpi *X,
MBEDTLS_MPI_CHK( mbedtls_mpi_grow(Z, hw_words) );
esp_mpi_read_result_hw_op(Z, hw_words);
Z->s = X->s * Y->s;
Z->MBEDTLS_PRIVATE(s) = X->MBEDTLS_PRIVATE(s) * Y->MBEDTLS_PRIVATE(s);
cleanup:
esp_mpi_disable_hardware_hw_op();
return ret;

2
components/mbedtls/port/esp_ds/esp_rsa_sign_alt.c
View File

@@ -204,7 +204,7 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg,
int esp_ds_rsa_sign( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig )
{
esp_ds_context_t *esp_ds_ctx;

14
components/mbedtls/port/esp_timing.c
View File

@@ -66,11 +66,11 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms )
{
mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
ctx->int_ms = int_ms;
ctx->fin_ms = fin_ms;
ctx->MBEDTLS_PRIVATE(int_ms) = int_ms;
ctx->MBEDTLS_PRIVATE(fin_ms) = fin_ms;
if( fin_ms != 0 )
(void) mbedtls_timing_get_timer( &ctx->timer, 1 );
(void) mbedtls_timing_get_timer( &ctx->MBEDTLS_PRIVATE(timer), 1 );
}
/*
@@ -81,15 +81,15 @@ int mbedtls_timing_get_delay( void *data )
mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
unsigned long elapsed_ms;
if( ctx->fin_ms == 0 )
if( ctx->MBEDTLS_PRIVATE(fin_ms) == 0 )
return( -1 );
elapsed_ms = mbedtls_timing_get_timer( &ctx->timer, 0 );
elapsed_ms = mbedtls_timing_get_timer( &ctx->MBEDTLS_PRIVATE(timer), 0 );
if( elapsed_ms >= ctx->fin_ms )
if( elapsed_ms >= ctx->MBEDTLS_PRIVATE(fin_ms) )
return( 2 );
if( elapsed_ms >= ctx->int_ms )
if( elapsed_ms >= ctx->MBEDTLS_PRIVATE(int_ms) )
return( 1 );
return( 0 );

131
components/mbedtls/port/include/aes/esp_aes_gcm.h
View File

@@ -93,50 +93,99 @@ int esp_aes_gcm_setkey( esp_gcm_context *ctx,
* \brief This function starts a GCM encryption or decryption
* operation.
*
* \param ctx The GCM context.
* \param ctx The GCM context. This must be initialized.
* \param mode The operation to perform: #MBEDTLS_GCM_ENCRYPT or
* #MBEDTLS_GCM_DECRYPT.
* \param iv The initialization vector.
* \param iv The initialization vector. This must be a readable buffer of
* at least \p iv_len Bytes.
* \param iv_len The length of the IV.
* \param add The buffer holding the additional data, or NULL
* if \p aad_len is 0.
* \param aad_len The length of the additional data. If 0,
* \p add is NULL.
*
* \return \c 0 on success.
*/
int esp_aes_gcm_starts( esp_gcm_context *ctx,
int mode,
const unsigned char *iv,
size_t iv_len,
const unsigned char *aad,
size_t aad_len );
size_t iv_len );
/**
* \brief This function feeds an input buffer as associated data
* (authenticated but not encrypted data) in a GCM
* encryption or decryption operation.
*
* Call this function after mbedtls_gcm_starts() to pass
* the associated data. If the associated data is empty,
* you do not need to call this function. You may not
* call this function after calling mbedtls_cipher_update().
*
* \param ctx The GCM context. This must have been started with
* mbedtls_gcm_starts() and must not have yet received
* any input with mbedtls_gcm_update().
* \param aad The buffer holding the additional data, or \c NULL
* if \p aad_len is \c 0.
* \param aad_len The length of the additional data. If \c 0,
* \p add may be \c NULL.
*
* \return \c 0 on success.
*/
int esp_aes_gcm_update_ad( esp_gcm_context *ctx,
const unsigned char *aad,
size_t aad_len );
/**
* \brief This function feeds an input buffer into an ongoing GCM
* encryption or decryption operation.
*
* ` The function expects input to be a multiple of 16
* Bytes. Only the last call before calling
* mbedtls_gcm_finish() can be less than 16 Bytes.
* You may call this function zero, one or more times
* to pass successive parts of the input: the plaintext to
* encrypt, or the ciphertext (not including the tag) to
* decrypt. After the last part of the input, call
* mbedtls_gcm_finish().
*
* This function may produce output in one of the following
* ways:
* - Immediate output: the output length is always equal
* to the input length.
* - Buffered output: the output consists of a whole number
* of 16-byte blocks. If the total input length so far
* (not including associated data) is 16 \* *B* + *A*
* with *A* < 16 then the total output length is 16 \* *B*.
*
* In particular:
* - It is always correct to call this function with
* \p output_size >= \p input_length + 15.
* - If \p input_length is a multiple of 16 for all the calls
* to this function during an operation, then it is
* correct to use \p output_size = \p input_length.
*
* \note For decryption, the output buffer cannot be the same as
* input buffer. If the buffers overlap, the output buffer
* must trail at least 8 Bytes behind the input buffer.
*
* \param ctx The GCM context.
* \param length The length of the input data. This must be a multiple of
* 16 except in the last call before mbedtls_gcm_finish().
* \param input The buffer holding the input data.
* \param output The buffer for holding the output data.
* \param ctx The GCM context. This must be initialized.
* \param input The buffer holding the input data. If \p input_length
* is greater than zero, this must be a readable buffer
* of at least \p input_length bytes.
* \param input_length The length of the input data in bytes.
* \param output The buffer for the output data. If \p output_size
* is greater than zero, this must be a writable buffer of
* of at least \p output_size bytes.
* \param output_size The size of the output buffer in bytes.
* See the function description regarding the output size.
* \param output_length On success, \p *output_length contains the actual
* length of the output written in \p output.
* On failure, the content of \p *output_length is
* unspecified.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure:
* total input length too long,
* unsupported input/output buffer overlap detected,
* or \p output_size too small.
*/
int esp_aes_gcm_update( esp_gcm_context *ctx,
size_t length,
const unsigned char *input,
unsigned char *output );
const unsigned char *input, size_t input_length,
unsigned char *output, size_t output_size,
size_t *output_length );
/**
* \brief This function finishes the GCM operation and generates
@@ -145,16 +194,36 @@ int esp_aes_gcm_update( esp_gcm_context *ctx,
* It wraps up the GCM stream, and generates the
* tag. The tag can have a maximum length of 16 Bytes.
*
* \param ctx The GCM context.
* \param tag The buffer for holding the tag.
* \param tag_len The length of the tag to generate. Must be at least four.
* \param ctx The GCM context. This must be initialized.
* \param tag The buffer for holding the tag. This must be a writable
* buffer of at least \p tag_len Bytes.
* \param tag_len The length of the tag to generate. This must be at least
* four.
* \param output The buffer for the final output.
* If \p output_size is nonzero, this must be a writable
* buffer of at least \p output_size bytes.
* \param output_size The size of the \p output buffer in bytes.
* This must be large enough for the output that
* mbedtls_gcm_update() has not produced. In particular:
* - If mbedtls_gcm_update() produces immediate output,
* or if the total input size is a multiple of \c 16,
* then mbedtls_gcm_finish() never produces any output,
* so \p output_size can be \c 0.
* - \p output_size never needs to be more than \c 15.
* \param output_length On success, \p *output_length contains the actual
* length of the output written in \p output.
* On failure, the content of \p *output_length is
* unspecified.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure:
* invalid value of \p tag_len,
* or \p output_size too small.
*/
int esp_aes_gcm_finish( esp_gcm_context *ctx,
unsigned char *tag,
size_t tag_len );
unsigned char *output, size_t output_size,
size_t *output_length,
unsigned char *tag, size_t tag_len );
/**
* \brief This function clears a GCM context
@@ -178,7 +247,7 @@ void esp_aes_gcm_free( esp_gcm_context *ctx);
* 16 except in the last call before mbedtls_gcm_finish().
* \param iv The initialization vector.
* \param iv_len The length of the IV.
* \param add The buffer holding the additional data.
* \param aad The buffer holding the additional data.
* \param aad_len The length of the additional data.
* \param input The buffer holding the input data.
* \param output The buffer for holding the output data.
@@ -192,7 +261,7 @@ int esp_aes_gcm_crypt_and_tag( esp_gcm_context *ctx,
size_t length,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
const unsigned char *aad,
size_t aad_len,
const unsigned char *input,
unsigned char *output,
@@ -213,7 +282,7 @@ int esp_aes_gcm_crypt_and_tag( esp_gcm_context *ctx,
* of 16 except in the last call before mbedtls_gcm_finish().
* \param iv The initialization vector.
* \param iv_len The length of the IV.
* \param add The buffer holding the additional data.
* \param aad The buffer holding the additional data.
* \param aad_len The length of the additional data.
* \param tag The buffer holding the tag.
* \param tag_len The length of the tag.
@@ -227,7 +296,7 @@ int esp_aes_gcm_auth_decrypt( esp_gcm_context *ctx,
size_t length,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
const unsigned char *aad,
size_t aad_len,
const unsigned char *tag,
size_t tag_len,

20
components/mbedtls/port/include/esp_ds/esp_rsa_sign_alt.h
View File

@@ -1,16 +1,8 @@
// Copyright 2020 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
/*
* SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
@@ -65,7 +57,7 @@ void esp_ds_release_ds_lock(void);
*/
int esp_ds_rsa_sign( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig );
/*

1
components/mbedtls/port/include/gcm_alt.h
View File

@@ -41,6 +41,7 @@ typedef esp_gcm_context mbedtls_gcm_context;
#define mbedtls_gcm_free esp_aes_gcm_free
#define mbedtls_gcm_setkey esp_aes_gcm_setkey
#define mbedtls_gcm_starts esp_aes_gcm_starts
#define mbedtls_gcm_update_ad esp_aes_gcm_update_ad
#define mbedtls_gcm_update esp_aes_gcm_update
#define mbedtls_gcm_finish esp_aes_gcm_finish
#define mbedtls_gcm_auth_decrypt esp_aes_gcm_auth_decrypt

2
components/mbedtls/port/include/mbedtls/esp_config.h
View File

@@ -2188,8 +2188,10 @@
* This module adds support for SHA-384 and SHA-512.
*/
#ifdef CONFIG_MBEDTLS_SHA512_C
#define MBEDTLS_SHA384_C
#define MBEDTLS_SHA512_C
#else
#undef MBEDTLS_SHA384_C
#undef MBEDTLS_SHA512_C
#endif

44
components/mbedtls/port/net_sockets.c
View File

@@ -62,7 +62,7 @@ static int net_prepare( void )
*/
void mbedtls_net_init( mbedtls_net_context *ctx )
{
ctx->fd = -1;
ctx->MBEDTLS_PRIVATE(fd) = -1;
}
/*
@@ -98,7 +98,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char
}
if ( connect( fd, cur->ai_addr, cur->ai_addrlen ) == 0 ) {
ctx->fd = fd; // connected!
ctx->MBEDTLS_PRIVATE(fd) = fd; // connected!
ret = 0;
break;
}
@@ -175,7 +175,7 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char
}
/* I we ever get there, it's a success */
ctx->fd = fd;
ctx->MBEDTLS_PRIVATE(fd) = fd;
ret = 0;
break;
}
@@ -224,7 +224,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
socklen_t type_len = (socklen_t) sizeof( type );
/* Is this a TCP or UDP socket? */
if ( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE,
if ( getsockopt( bind_ctx->MBEDTLS_PRIVATE(fd), SOL_SOCKET, SO_TYPE,
(void *) &type, (socklen_t *) &type_len ) != 0 ||
( type != SOCK_STREAM && type != SOCK_DGRAM ) ) {
return ( MBEDTLS_ERR_NET_ACCEPT_FAILED );
@@ -232,13 +232,13 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
if ( type == SOCK_STREAM ) {
/* TCP: actual accept() */
ret = client_ctx->fd = (int) accept( bind_ctx->fd,
ret = client_ctx->MBEDTLS_PRIVATE(fd) = (int) accept( bind_ctx->MBEDTLS_PRIVATE(fd),
(struct sockaddr *) &client_addr, &n );
} else {
/* UDP: wait for a message, but keep it in the queue */
char buf[1] = { 0 };
ret = recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
ret = recvfrom( bind_ctx->MBEDTLS_PRIVATE(fd), buf, sizeof( buf ), MSG_PEEK,
(struct sockaddr *) &client_addr, &n );
}
@@ -257,24 +257,24 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
struct sockaddr_in local_addr;
int one = 1;
if ( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 ) {
if ( connect( bind_ctx->MBEDTLS_PRIVATE(fd), (struct sockaddr *) &client_addr, n ) != 0 ) {
return ( MBEDTLS_ERR_NET_ACCEPT_FAILED );
}
client_ctx->fd = bind_ctx->fd;
bind_ctx->fd = -1; /* In case we exit early */
client_ctx->MBEDTLS_PRIVATE(fd) = bind_ctx->MBEDTLS_PRIVATE(fd);
bind_ctx->MBEDTLS_PRIVATE(fd) = -1; /* In case we exit early */
n = sizeof( struct sockaddr_in );
if ( getsockname( client_ctx->fd,
if ( getsockname( client_ctx->MBEDTLS_PRIVATE(fd),
(struct sockaddr *) &local_addr, &n ) != 0 ||
( bind_ctx->fd = (int) socket( AF_INET,
( bind_ctx->MBEDTLS_PRIVATE(fd) = (int) socket( AF_INET,
SOCK_DGRAM, IPPROTO_UDP ) ) < 0 ||
setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR,
setsockopt( bind_ctx->MBEDTLS_PRIVATE(fd), SOL_SOCKET, SO_REUSEADDR,
(const char *) &one, sizeof( one ) ) != 0 ) {
return ( MBEDTLS_ERR_NET_SOCKET_FAILED );
}
if ( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 ) {
if ( bind( bind_ctx->MBEDTLS_PRIVATE(fd), (struct sockaddr *) &local_addr, n ) != 0 ) {
return ( MBEDTLS_ERR_NET_BIND_FAILED );
}
}
@@ -298,12 +298,12 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
*/
int mbedtls_net_set_block( mbedtls_net_context *ctx )
{
return ( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL, 0 ) & ~O_NONBLOCK ) );
return ( fcntl( ctx->MBEDTLS_PRIVATE(fd), F_SETFL, fcntl( ctx->MBEDTLS_PRIVATE(fd), F_GETFL, 0 ) & ~O_NONBLOCK ) );
}
int mbedtls_net_set_nonblock( mbedtls_net_context *ctx )
{
return ( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL, 0 ) | O_NONBLOCK ) );
return ( fcntl( ctx->MBEDTLS_PRIVATE(fd), F_SETFL, fcntl( ctx->MBEDTLS_PRIVATE(fd), F_GETFL, 0 ) | O_NONBLOCK ) );
}
/*
@@ -323,7 +323,7 @@ void mbedtls_net_usleep( unsigned long usec )
int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
{
int ret;
int fd = ((mbedtls_net_context *) ctx)->fd;
int fd = ((mbedtls_net_context *) ctx)->MBEDTLS_PRIVATE(fd);
if ( fd < 0 ) {
return ( MBEDTLS_ERR_NET_INVALID_CONTEXT );
@@ -359,7 +359,7 @@ int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
int ret;
struct timeval tv;
fd_set read_fds;
int fd = ((mbedtls_net_context *) ctx)->fd;
int fd = ((mbedtls_net_context *) ctx)->MBEDTLS_PRIVATE(fd);
if ( fd < 0 ) {
return ( MBEDTLS_ERR_NET_INVALID_CONTEXT );
@@ -396,7 +396,7 @@ int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
{
int ret;
int fd = ((mbedtls_net_context *) ctx)->fd;
int fd = ((mbedtls_net_context *) ctx)->MBEDTLS_PRIVATE(fd);
if ( fd < 0 ) {
return ( MBEDTLS_ERR_NET_INVALID_CONTEXT );
@@ -428,14 +428,14 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
*/
void mbedtls_net_free( mbedtls_net_context *ctx )
{
if ( ctx->fd == -1 ) {
if ( ctx->MBEDTLS_PRIVATE(fd) == -1 ) {
return;
}
shutdown( ctx->fd, 2 );
close( ctx->fd );
shutdown( ctx->MBEDTLS_PRIVATE(fd), 2 );
close( ctx->MBEDTLS_PRIVATE(fd) );
ctx->fd = -1;
ctx->MBEDTLS_PRIVATE(fd) = -1;
}
#endif /* MBEDTLS_NET_C */

21
components/mbedtls/port/sha/dma/esp_sha1.c
View File

@@ -177,15 +177,6 @@ int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
return 0;
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_sha1__update( ctx, input, ilen );
}
#endif
static const unsigned char sha1_padding[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
@@ -214,10 +205,10 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
if ( ( ret = mbedtls_sha1__update( ctx, sha1_padding, padn ) ) != 0 ) {
if ( ( ret = mbedtls_sha1_update( ctx, sha1_padding, padn ) ) != 0 ) {
return ret;
}
if ( ( ret = mbedtls_sha1__update( ctx, msglen, 8 ) ) != 0 ) {
if ( ( ret = mbedtls_sha1_update( ctx, msglen, 8 ) ) != 0 ) {
return ret;
}
@@ -226,12 +217,4 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
return ret;
}
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
unsigned char output[20] )
{
mbedtls_sha1_finish( ctx, output );
}
#endif
#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */