alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-11 13:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
39,567 Commits 21 Branches 167 Tags
2a30f64b71809e7621d247c480d9500055e14f08
Commit Graph

668 Commits

Author SHA1 Message Date
Ashish Sharma
9357b6c606 fix(component/mbedtls): Adds github root cert to cmn_crt_authorities.csv 2025-03-18 14:39:32 +08:00
Aditya Patwardhan
78874d7f7c feat(docs): Update minimizing binary size 
The ESP32-H2 software countermeasure may not be necessary
        for ESP32-H2 v1.2 and above, this commit updates
        the relevant documentation
 2025-02-26 17:04:28 +05:30
Aditya Patwardhan
08e250d081 fix(soc): Fixed ECDSA register compatibility 2025-02-26 17:04:27 +05:30
Aditya Patwardhan
68eb689b35 fix(hal): Make the ECDSA countermeasure dynamically applicable 
This commit makes the ECDSA countermeasure dynamically applicable
    across different revisions of the ESP32H2 SoC.
 2025-02-26 17:04:19 +05:30
Mahavir Jain
e97c51ea24 feat(ecc): enable ECC constant time mode for ESP32-H2 ECO5 2025-02-19 19:15:17 +05:30
harshal.patil
8d30077744 feat(hal/aes): Enable pseudo rounds function during AES operations 2025-01-23 14:06:16 +05:30
Harshit Malpani
b577f659cd fix: Fixed build errors with TLS 1.3 only configuration 2024-12-10 13:07:44 +08:00
harshal.patil
ea5c318031 fix(mbedtls/aes): Fix external memory corruption caused due to unaligned length cache sync 
Fixes the memory corruption issue that arises due to external memory cache sync of unaligned
length bytes when L2 cache line size is greater than the L1 cache line size
 2024-11-21 12:16:18 +05:30
Mahavir Jain
921a8a7e71 Merge branch 'feat/mbedtls_size_optimization_v5.3' into 'release/v5.3' 
Fix the increase in build size of mbedtls while upgrading to v3.x (v5.3)

See merge request espressif/esp-idf!34252
 2024-10-28 11:16:23 +08:00
nilesh.kale
75f416f435 feat(mbedtls): update mbedtls version to 3.6.2 2024-10-22 13:23:28 +05:30
Aditya Patwardhan
20ab1e807d fix(mbedtls): Fix the MBEDTLS_FS_IO dependency on vfs 
By default MBEDTLS_FS_IO option in mbedtls uses the filesystem supported
added by vfs component.
If the vfs support is disabled by user then mbedtls raises a warning
that the filesystem realted operation shall always fail
This commit fixes the behaviour by enabling respective depedency check for the
MBEDTLS_FS_IO option

Closes https://github.com/espressif/esp-idf/issues/14409
 2024-10-18 09:15:23 +05:30
harshal.patil
18998ddbe0 fix(mbedtls): Fix the increase in build size of mbedtls when upgrading to v3.x 2024-10-17 14:53:30 +05:30
harshal.patil
8d9d5ee218 feat(mbedtls/esp_crt_bundle): Move dummy cert to .rodata to save 408B from dram 
Co-authored-by: Hanno <h.binder@web.de>
 2024-10-16 16:36:33 +05:30
Mahavir Jain
6ccdda249b fix(mbedtls): link esp-cryptoauthlib to mbedcrypto library 
If the certificate bundle feature is disabled then the mbedtls
component library becomes interface only component and hence
adding esp-cryptoauthlib as its PRIVATE dependency does not work.

Instead the esp-cryptoauthlib should be added as PRIVATE dependency
for mbedcrypto library (for alternate ECDSA implementation).
 2024-10-15 12:15:04 +08:00
Aditya Patwardhan
8c9361afaf Merge branch 'feature/update_mbedtls_version_to_3.6.1_v5.3' into 'release/v5.3' 
feat(mbedtls): updated mbedtls version to 3.6.1 (v5.3)

See merge request espressif/esp-idf!33913
 2024-10-03 15:00:09 +08:00
Aditya Patwardhan
44ce512011 feat(hal): Add countermeasure for ECDSA generate signature 
The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA
    sign operation in constant time. This allows an attacker to read the
    power signature of the ECDSA sign operation and then calculate the
    ECDSA key stored inside the eFuse. The commit adds a countermeasure
    for this attack. In this case the real ECDSA sign operation is
    masked under dummy ECDSA sign operations to hide its real power
    signature
 2024-09-30 12:24:38 +08:00
nilesh.kale
82c178618d feat(mbedtls): updated mbedtls version to 3.6.1 2024-09-29 20:20:07 +05:30
Jiang Jiang Jian
144b039abc Merge branch 'feat/bringup_esp32c2_rom_mbedtls_to_formal_feature_v5.3' into 'release/v5.3' 
feat(mbedtls): bringup rom mbedtls feature to formal (v5.3)

See merge request espressif/esp-idf!33800
 2024-09-27 12:18:34 +08:00
Jiang Guang Ming
6729419ee9 feat(mbedtls): bringup rom mbedtls feature to formal 2024-09-25 14:56:36 +08:00
harshal.patil
e1d72e960c feat(mbedtls): Wrap mbedtls_ecdsa_read_signature to use ECDSA hardware when possible 2024-09-24 17:05:27 +05:30
harshal.patil
87ddff0ce5 fix(mbedtls/port): Check signature hash length before using ECDSA hardware 2024-09-24 16:48:01 +05:30
Richard Allen
0d3856e369 change(mbedtls/port): optimize gcm_mult() 
1) pre-shift GCM last4 to use 32-bit shift

On 32-bit architectures like Aarch32, RV32, Xtensa,
shifting a 64-bit variable by 32-bits is free,
since it changes the register representing half of the 64-bit var.
Pre-shift the last4 array to take advantage of this.

2) unroll first GCM iteration

The first loop of gcm_mult() is different from
the others. By unrolling it separately from the
others, the other iterations may take advantage
of the zero-overhead loop construct, in addition
to saving a conditional branch in the loop.
 2024-09-17 20:06:24 +08:00
Jiang Guang Ming
5a3c22dc2b feat(mbedtls): support rom mbedtls threading layer 2024-09-10 10:00:44 +08:00
Jiang Guang Ming
9e618fffcb feat(mbedtls): select MBEDTLS_CMAC_C when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled 2024-09-10 10:00:44 +08:00
Jiang Guang Ming
fb9a435952 feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4) 2024-09-10 09:47:39 +08:00
Richard Allen
b4c956c801 fix(mbedtls/port): fix codespell issues 
Fix a few comments codespell identified.
 2024-09-09 14:09:19 +08:00
harshal.patil
e94d1f275c fix(mbedtls/aes): Avoid extra C2M sync of memory 2024-08-08 14:50:38 +05:30
Mahavir Jain
2c84e2e40b Merge branch 'fix/fix_aes_dma_desc_align_v5.3' into 'release/v5.3' 
fix(aes): fixed aes wrong dma desc alignment (v5.3)

See merge request espressif/esp-idf!32206
 2024-07-26 11:46:23 +08:00
Mahavir Jain
99467a17e9 Merge branch 'bugfix/c5_mpi_ecc_power_mode_v5.3' into 'release/v5.3' 
fix(hal): correct mpi/ecc peripheral power up sequence for ESP32-C5 (v5.3)

See merge request espressif/esp-idf!31728
 2024-07-25 16:49:05 +08:00
Mahavir Jain
99b1e56500 fix(hal): correct the power up sequence for MPI/ECC peripherals in ESP32-C5 2024-07-19 13:39:03 +08:00
Armando
c3fc7cffda fix(aes): fixed aes wrong dma desc alignment 2024-07-18 16:26:09 +08:00
morris
3e3e1c77ba change(aes): refactor DMA buffer allocation 2024-06-25 13:49:24 +08:00
morris
2f0c9b3584 feat(gdma): set burst size and return alignment constraint 
burst size can affect the buffer alignment
 2024-06-07 22:44:18 +08:00
harshal.patil
0c5bce6918 fix(bootloader_support): Make esp_flash_encrypt.h independent of spi_flash_mmap.h header 2024-05-20 14:40:49 +08:00
harshal.patil
bef1fba3bc fix(mbedtls/crypto_shared_gdma): Enable AXI-DMA enable external memory AES-ECC access 
- When external memory encryption is enabled, set the aes_ecc bit of AXI-DMA to enable memory access
 2024-05-20 14:40:49 +08:00
nilesh.kale
fe628d5951 feat(mbedtls): updated mbedtls version from 3.5.2 to 3.6.0 
This MR updated MbedTLS version to latest version 3.6.0.
 2024-05-07 14:16:21 +05:30
Armando
d341540a5e change(drivers): other driver changes for cache malloc 2024-04-15 15:34:51 +08:00
Kevin (Lao Kaiyao)
432864e917 Merge branch 'ci/enable_c5_mp_ci_jobs' into 'master' 
ci(esp32c5mp): enable esp32c5 build on CI

See merge request espressif/esp-idf!29895
 2024-04-08 12:16:16 +08:00
laokaiyao
65b1fd33d3 ci(esp32c5mp): disable the unsupported tests 2024-04-07 12:13:29 +08:00
Mahavir Jain
64fd14e787 feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C 
Disabling this config can reduce footprint for the cases where
mbedtls_strerror() is used and hence the debug strings are getting
pulled into the application image.
 2024-04-04 09:20:28 +05:30
harshal.patil
e383616503 fix(mbedtls/aes): Fix incorrect dma alignment size 2024-04-02 14:30:14 +08:00
gaoxu
40f38bea6f feat(dma): refactor dma calloc function 2024-04-02 14:30:14 +08:00
Aditya Patwardhan
d0a23799e8 feat(mbedtls): Added support for using ECDSA key through key manager 2024-04-01 14:37:12 +05:30
harshal.patil
272633bde1 fix(mbedtls/ecdsa): Fix dependant peripheral's enable and reset 2024-03-29 12:40:13 +05:30
harshal.patil
84b6940ce4 feat(mbedtls/ecdsa): Wrapped ecdsa_write_signature to support deterministic ECDSA signatures 2024-03-29 12:14:11 +05:30
harshal.patil
70ef80d974 feat(mbedtls/ecdsa): Add support for deterministic ECDSA signature generation 2024-03-29 12:14:11 +05:30
harshal.patil
95fac15698 feat(hal/ecdsa): Add HAL API for operation successful check 2024-03-29 12:14:11 +05:30
harshal.patil
9cd10e196b feat(hal/sha): use RCC atomic block to enable/reset the SHA peripheral 2024-03-27 11:23:30 +05:30
harshal.patil
211a2a5477 feat(mbedtls/sha): Support SHA-DMA operations by satisfying L1 cache alignment requirements 
- Use block mode as default SHA operation mode instead of DMA
 2024-03-27 11:23:29 +05:30
harshal.patil
d737625215 feat(mbedtls/sha): Support in AXI-DMA SHA driver layer 2024-03-27 11:23:29 +05:30