alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-11-04 06:11:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,531 Commits 22 Branches 172 Tags
07b62da0d4529e65b600bd62381ca8ced6a261d3
Commit Graph

89 Commits

Author SHA1 Message Date
Mahavir Jain
f5e51e7c1b Merge branch 'feature/esp32c3_ds_mbedtls_integration' into 'master' 
esp32c3/Digital Signature: mbedtls integration through ESP-TLS

Closes IDF-2267

See merge request espressif/esp-idf!12033
 2021-01-22 17:06:46 +08:00
yuanjm
044c3e3e74 Modify esp-tls and tcp_transport to support keep alive for tcp and ssl connection 
Closes IDFGH-4543
 2021-01-22 06:56:28 +00:00
Aditya Patwardhan
79c23a1886 esp32c3/Digital Signature: mbedtls integration through ESP-TLS 2021-01-22 11:54:16 +05:30
Aditya Patwardhan
cc3843263a esp-tls: Added unit tests 2021-01-21 01:17:23 +00:00
Aditya Patwardhan
43a1b53aad esp_tls_wolfssl: Move order of crt_bundle check to match that in 
esp_tls_mbedtls
 2021-01-21 01:17:23 +00:00
Aditya Patwardhan
1a09e16af2 esp_tls: Fix memory leak when esp-tls server session is deleted 2021-01-21 01:17:23 +00:00
Aditya Patwardhan
cddb8c29e6 esp-tls: Fix mem leak when global_ca_store is freed 2021-01-21 01:17:23 +00:00
Aditya Patwardhan
0841d2bc75 esp_tls: Add warning if the CA chain provided contains one/more invalid 
cert
 2021-01-11 03:20:35 +00:00
Aditya Patwardhan
ca964dfbcc esp-tls: Changed default behaviour for esp-tls client ( for security 
purpose)
        By default esp-tls client will now return error if no server verify option
        is provided, earlier it used to skip the verification by
        default.
        Added config option to skip server verification by default (for testing
        purpose)
        Updated required docs
 2021-01-05 07:33:32 +00:00
Aditya Patwardhan
39b446f9fe esp_tls_wolfssl : Add domain name check 2020-12-23 18:10:36 +05:30
Aditya Patwardhan
95d9533294 esp-tls : (Fix) update tls->sockfd value after socket is freed internally 
Closes https://github.com/espressif/esp-idf/issues/6163
 2020-12-02 03:47:15 +00:00
Angus Gratton
935e4b4d62 Merge branch 'feature/riscv_arch' into 'master' 
Add RISC-V support

Closes IDF-2359

See merge request espressif/esp-idf!11140
 2020-11-13 07:50:31 +08:00
Angus Gratton
420aef1ffe Updates for riscv support 
* Target components pull in xtensa component directly
* Use CPU HAL where applicable
* Remove unnecessary xtensa headers
* Compilation changes necessary to support non-xtensa gcc types (ie int32_t/uint32_t is no
  longer signed/unsigned int).

Changes come from internal branch commit a6723fc
 2020-11-13 07:49:11 +11:00
David Cermak
ce519ee783 tcp_transport: Extend transport error storage for socket error 
Everytime we report error and log errno, we also capture the actual
errno to an internal storage so that user application can retrieve
its value.
 2020-11-12 12:46:22 +00:00
Aditya Patwardhan
8d65cee0a9 esp32/esp-tls: Make crypto abstraction layer inside esp-tls 
Which allows several components to use cryptographic functions from
esp-tls which is the current abstraction layer.
 2020-10-23 05:16:06 +00:00
Aditya Patwardhan
47f7c6a991 esp32s2/esp_ds: Digital Signature software support 
1)Added support for alt rsa sign implementation with DS peripheral (
through ESP-TLS - mbedTLS SSL/TLS stack)
 2020-09-22 18:31:31 +05:30
Mahavir Jain
52469c8505 esp-tls: enable TLS renegotiation using explicit API call 
mbedTLS stack does not keep TLS renegotiation enabled even if
relevant config option is turned on, it needs explicit API call
`mbedtls_ssl_conf_renegotiation` to do so.

This issue was observed in case of Azure IoT, where keys needs to
be refreshed periodically to keep TLS connection intact.
 2020-07-03 05:52:22 +00:00
Aditya Patwardhan
ea635c2bba esp_tls_wolfssl: fix incorrect error message after handshake fails 2020-06-18 10:10:40 +05:30
Aditya Patwardhan
423e600d46 secure_element: atecc608_ecdsa example 
* Replaced crypotoauthlib with esp-cryptoauthlib
* Added menuconfig option for esp-tls about using HSM
* Added error codes for HSM in esp-tls,
* Added support to select different type of ATECC608A chips
* Added README, updated docs
* tcp_transport: Added option to enable secure_element for ssl

Closes https://github.com/espressif/esp-idf/issues/4432
 2020-05-21 13:08:30 +05:30
Mahavir Jain
7a2ea9b7f7 esp-tls: add support for using hardware security module 2020-05-20 22:52:37 +05:30
David Cermak
6182e6f303 tcp_transport: close to return error only for socket error or invalid args 
Closes https://github.com/espressif/esp-idf/issues/4872
 2020-05-05 15:53:09 +02:00
Vikram Dattu
60dc4285f4 Fixed esp_tls_conn_write documentation. 
Return value `0` in actual is case of partial write and not error as per `mbedtls_ssl_write`
Modified documentation of `esp_tls_conn_write` accordingly.

Even `esp_wolfssl_write` API considers just negative returns as errors.

Signed-off-by: Vikram Dattu <vikram.dattu@espressif.com>
 2020-04-01 11:04:09 +00:00
Aditya Patwardhan
d712453114 esp_tls_wolfssl: Added mutex to allow only one TLS conn using PSK at a time 2020-03-26 17:30:05 +05:30
Aditya Patwardhan
46643ab40f esp_tls_wolfssl: Add support for PSK using wolfSSL, 
enable SNI and ALPN
 2020-03-26 16:02:57 +05:30
Aditya Patwardhan
874e987a3b esp_tls: change argument pointer type to (void *) for esp_crt_bundle_attach 2020-03-11 15:54:05 +05:30
Marius Vikhammer
947e3e94ed Add ESP certificate bundle feature 
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.

Default bundle includes all Mozilla root certificates

Closes IDF-296
 2020-03-04 10:51:43 +08:00
Aditya Patwardhan
c6ad650796 esp_tls_wolfssl: Add support for DER formatted certificates 2020-02-27 15:20:22 +05:30
Aditya Patwardhan
0a25922043 esp_tls_wolfssl: 1) Fix SNI for wolfSSL 
2) Fix error captures
3) Add error flags specific wolfSSL
4) make respective changes to esp_err_to_name.c
 2020-02-27 15:20:22 +05:30
Aditya Patwardhan
d35862b662 esp-tls: Add support for https_server using wolfSSL 2020-02-27 15:20:22 +05:30
Angus Gratton
3f532c8895 Merge branch 'bugfix/esp_tls_blocking_timeout' into 'master' 
esp-tls: add timeout for blocking connection

See merge request espressif/esp-idf!7316
 2020-01-20 09:35:23 +08:00
David Cermak
98cf3142fa esp_tls: fail connection if esp_tls_conn_new() timeouts 2020-01-16 07:32:19 +00:00
David Cermak
aa3b1da384 esp_tls: added connection timeout to esp_tls_conn_new_sync() 2020-01-16 07:32:19 +00:00
Aditya Patwardhan
c7418042b4 esp32/esp-tls: provide API to retrieve sockfd value from esp_tls_t 2020-01-16 12:27:44 +05:30
David Cermak
b69ac4448e tcp_transport: added API for client-key password 2020-01-06 21:16:24 +00:00
Ivan Grokhotkov
87a41fabfa esp-tls: check return value of fcntl 2019-12-11 14:53:27 +01:00
Marius Vikhammer
ed85046138 tcp_transport: added functionality for using ALPN with SSL 
Closes IDF-1160
 2019-11-13 11:33:13 +08:00
Aditya Patwardhan
988f0c8feb ESP_TLS: Generalizing error messages for esp_tls 
:Replace mbedtls specific error messages
 2019-10-28 16:05:31 +05:30
Aditya Patwardhan
f7eaa5f946 ESP_TLS: Restructuring esp_tls 
1)Segregating mbedtls API into seperate file and cleaned esp_tls.c
2)Added support for wolfssl for CMake and make
3)Added support for debug_wolfssl (with menuconfig option)
4)Added info on wolfssl in ESP-TLS docs
 2019-10-28 16:05:22 +05:30
David Cermak
a9e63d947b esp-tls: Added support for fragmenting outgoing data in tls_write(), for cases of out data being larger than the maximum out buffer of underlying tls-stack. 2019-10-22 08:49:42 +00:00
Aditya Patwardhan
9f86f969b2 ESP32/esp-tls: include esp_err.h in esp_tls.h 
Closes https://github.com/espressif/esp-idf/issues/4100
 2019-10-07 19:47:32 +08:00
Liu Han
3ca07b3e70 fix(transport): Fix a bug of the connection whether be active or not by timeout option when the select function return a correct value. 2019-09-12 13:55:47 +08:00
Angus Gratton
e8bdfe07ae Merge branch 'feature/tls_psk_authentication' into 'master' 
esp_tls: add psk verification mode

Closes IDFGH-992

See merge request espressif/esp-idf!5095
 2019-08-12 12:45:34 +08:00
Renz Christian Bagaporo
4dd2b9edb1 components: fix incorrect include dir args 2019-08-09 08:40:17 +08:00
David Cermak
f3d6a34e7d esp_tls: enable psk verification mode, added mqtt example using psk authentication 2019-08-07 14:27:40 +10:00
Angus Gratton
7ef5fa8a0a Merge branch 'feature/transport_support_der_certs' into 'master' 
tcp transport ssl DER-support

See merge request espressif/esp-idf!5627
 2019-08-05 09:52:08 +08:00
David Cermak
25dd5e39af esp-tls: Naming variables refering to certificates and keys in a neutral way to suggest that both PEM and DER format could be used, added comments descibing important details about using these formats 2019-08-02 09:25:16 +02:00
Henning Fleddermann
73624e8560 modify comments on esp_tls_cfg, to clarify that other formats besides PEM (such as DER) might be used as well depending on mbedtls-support 
Signed-off-by: David Cermak <cermak@espressif.com>
 2019-08-02 09:25:16 +02:00
Anton Maklakov
afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
David Cermak
587739391c esp-tls: extending error handle to contain error descriptors with last mbedtls failure and latest certificate verification result flags, reworked tcp_transport to use this error handle 2019-07-04 20:55:10 +02:00
David Cermak
2972f96982 esp-tls: capturing specific errors to be available in tcp_transport and then in application code 2019-07-04 20:55:10 +02:00