nilesh.kale 
							
						 
					 
					
						
						
							
						
						2bc43825eb 
					 
					
						
						
							
							feat(mbedtls): updated mbedtls version to 3.6.1  
						
						
						
						
					 
					
						2024-09-29 22:37:58 +05:30 
						 
				 
			
				
					
						
							
							
								Jiang Jiang Jian 
							
						 
					 
					
						
						
							
						
						3f72cc5410 
					 
					
						
						
							
							Merge branch 'feat/bringup_esp32c2_rom_mbedtls_to_formal_feature_v5.2' into 'release/v5.2'  
						
						... 
						
						
						
						feat(mbedtls): bringup rom mbedtls feature to formal (v5.2)
See merge request espressif/esp-idf!33801  
						
						
					 
					
						2024-09-27 12:15:51 +08:00 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						2aad80cd92 
					 
					
						
						
							
							Merge branch 'fix/ecdsa_verify_check_hash_len_v5.2' into 'release/v5.2'  
						
						... 
						
						
						
						Wrap some mbedtls' ECDSA verification related APIs (v5.2)
See merge request espressif/esp-idf!33784  
						
						
					 
					
						2024-09-26 15:13:28 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						b20225d06a 
					 
					
						
						
							
							Merge branch 'feat/support_esp32c2_eco4_rom_mbedtls_v3.6.0_lts_v5.2' into 'release/v5.2'  
						
						... 
						
						
						
						feat(mbedtls): support esp32c2 eco4 rom mbedtls v3.6.0 lts v5.2 (backport v5.2)
See merge request espressif/esp-idf!33421  
						
						
					 
					
						2024-09-26 11:02:28 +08:00 
						 
				 
			
				
					
						
							
							
								JiangGuangMing 
							
						 
					 
					
						
						
							
						
						3bfe43fb68 
					 
					
						
						
							
							feat(mbedtls): bringup rom mbedtls feature to formal  
						
						
						
						
					 
					
						2024-09-25 11:52:35 +08:00 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						52cf97ebd5 
					 
					
						
						
							
							feat(mbedtls): Wrap mbedtls_ecdsa_read_signature to use ECDSA hardware when possible  
						
						
						
						
					 
					
						2024-09-24 16:50:38 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						a14ed03c11 
					 
					
						
						
							
							fix(mbedtls/port): Check signature hash length before using ECDSA hardware  
						
						
						
						
					 
					
						2024-09-24 16:50:28 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						5b6d8812d1 
					 
					
						
						
							
							feat(hal): Add countermeasure for ECDSA generate signature  
						
						... 
						
						
						
						The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA
    sign operation in constant time. This allows an attacker to read the
    power signature of the ECDSA sign operation and then calculate the
    ECDSA key stored inside the eFuse. The commit adds a countermeasure
    for this attack. In this case the real ECDSA sign operation is
    masked under dummy ECDSA sign operations to hide its real power
    signature 
						
						
					 
					
						2024-09-23 19:28:12 +05:30 
						 
				 
			
				
					
						
							
							
								Jiang Guang Ming 
							
						 
					 
					
						
						
							
						
						3340050eae 
					 
					
						
						
							
							feat(mbedtls): support rom mbedtls threading layer  
						
						
						
						
					 
					
						2024-09-10 10:20:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jiang Guang Ming 
							
						 
					 
					
						
						
							
						
						d4dea72f24 
					 
					
						
						
							
							feat(mbedtls): select MBEDTLS_CMAC_C when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled  
						
						
						
						
					 
					
						2024-09-10 10:20:23 +08:00 
						 
				 
			
				
					
						
							
							
								Jiang Guang Ming 
							
						 
					 
					
						
						
							
						
						4c567bd203 
					 
					
						
						
							
							feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4)  
						
						
						
						
					 
					
						2024-09-10 10:20:14 +08:00 
						 
				 
			
				
					
						
							
							
								Richard Allen 
							
						 
					 
					
						
						
							
						
						cda82f8ee8 
					 
					
						
						
							
							change(mbedtls/port): optimize gcm_mult()  
						
						... 
						
						
						
						1) pre-shift GCM last4 to use 32-bit shift
On 32-bit architectures like Aarch32, RV32, Xtensa,
shifting a 64-bit variable by 32-bits is free,
since it changes the register representing half of the 64-bit var.
Pre-shift the last4 array to take advantage of this.
2) unroll first GCM iteration
The first loop of gcm_mult() is different from
the others. By unrolling it separately from the
others, the other iterations may take advantage
of the zero-overhead loop construct, in addition
to saving a conditional branch in the loop. 
						
						
					 
					
						2024-08-21 18:26:08 +05:30 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						adea6829b3 
					 
					
						
						
							
							fix(hal): correct the power up sequence for MPI/ECC peripherals in ESP32-C5  
						
						
						
						
					 
					
						2024-07-02 13:36:54 +05:30 
						 
				 
			
				
					
						
							
							
								nilesh.kale 
							
						 
					 
					
						
						
							
						
						5d5113c5f9 
					 
					
						
						
							
							feat(mbedtls): updated mbedtls version from 3.5.2 to 3.6.0  
						
						... 
						
						
						
						This MR updated MbedTLS version to latest version 3.6.0. 
						
						
					 
					
						2024-05-07 14:16:37 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						bd826801ba 
					 
					
						
						
							
							fix(mbedtls/ecdsa): Fix dependant peripheral's enable and reset  
						
						
						
						
					 
					
						2024-04-11 13:46:59 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						85186042c3 
					 
					
						
						
							
							feat(hal/ecdsa): Add HAL API for operation successful check  
						
						
						
						
					 
					
						2024-04-11 12:33:06 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						b359cd85f1 
					 
					
						
						
							
							Merge branch 'feature/mbedtls_error_str_config_v5.2' into 'release/v5.2'  
						
						... 
						
						
						
						feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C (v5.2)
See merge request espressif/esp-idf!30104  
						
						
					 
					
						2024-04-11 11:53:24 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						b6f5573e0f 
					 
					
						
						
							
							feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C  
						
						... 
						
						
						
						Disabling this config can reduce footprint for the cases where
mbedtls_strerror() is used and hence the debug strings are getting
pulled into the application image. 
						
						
					 
					
						2024-04-08 16:02:21 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						c97d3aed45 
					 
					
						
						
							
							fix(mbedtls/aes-gcm): Fix null pointer derefernce coverity reports  
						
						... 
						
						
						
						- Also fixed a tcp_transport report 
						
						
					 
					
						2024-03-13 11:42:03 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						0f7c9a29a2 
					 
					
						
						
							
							ci(mbedtls/gcm): Added test to verify software fallback for non-AES cipher GCM operations  
						
						
						
						
					 
					
						2024-02-26 14:29:20 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						ca4f560f2b 
					 
					
						
						
							
							fix(mbedtls/gcm): Add support for software fallback for non-AES ciphers in a GCM operation  
						
						... 
						
						
						
						- Even if the config MBEDTLS_HARDWARE_AES is enabled, we now support fallback
to software implementation of GCM operations when non-AES ciphers are used. 
						
						
					 
					
						2024-02-26 14:29:18 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						5862b981ed 
					 
					
						
						
							
							fix(mbedtls/gcm): Avoid using GCM hardware when config MBEDTLS_HARDWARE_GCM is disabled  
						
						
						
						
					 
					
						2024-02-16 11:54:39 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						38f13b15d3 
					 
					
						
						
							
							fix(mbedtls/gcm): Fix build failure when config MBEDTLS_HARDWARE_GCM is disabled  
						
						
						
						
					 
					
						2024-02-16 11:54:37 +05:30 
						 
				 
			
				
					
						
							
							
								nilesh.kale 
							
						 
					 
					
						
						
							
						
						7d358754a2 
					 
					
						
						
							
							feat(mbedtls): updated mbedtls version from 3.5.0 to 3.5.2  
						
						... 
						
						
						
						This updates the submodule mbedtls to its latest version 3.5.2. 
						
						
					 
					
						2024-02-05 12:50:27 +05:30 
						 
				 
			
				
					
						
							
							
								jim 
							
						 
					 
					
						
						
							
						
						5a234cf642 
					 
					
						
						
							
							mbedtls: Fix enable dynamic mbedtls will occur heap corruption when server support TLS renegotiation  
						
						
						
						
					 
					
						2024-01-08 14:23:32 +08:00 
						 
				 
			
				
					
						
							
							
								Darian Leung 
							
						 
					 
					
						
						
							
						
						b85e6d3dd8 
					 
					
						
						
							
							change(xtensa): Deprecate ".../xtensa_timer.h" include path  
						
						... 
						
						
						
						This commit deprecates the "freertos/xtensa_timer.h" and "xtensa/xtensa_timer.h"
include paths. Users should use "xtensa_timer.h" instead.
- Replace legacy include paths
- Removed some unnecessary includes of "xtensa_timer.h"
- Add warning to compatibility header 
						
						
					 
					
						2023-12-05 18:04:52 +08:00 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						b94656115e 
					 
					
						
						
							
							fix(mbedtls/aes): fix AES interrupt allocation for AES-GCM operations  
						
						
						
						
					 
					
						2023-12-01 16:34:49 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						c1779ff8b7 
					 
					
						
						
							
							fix(mbedtls): Removed redundant menuconfig entry  
						
						
						
						
					 
					
						2023-11-29 09:50:12 +05:30 
						 
				 
			
				
					
						
							
							
								Jiang Jiang Jian 
							
						 
					 
					
						
						
							
						
						df7ba090f3 
					 
					
						
						
							
							Merge branch 'bugfix/esp32h2_ecdsa_hardware_k_v5.2' into 'release/v5.2'  
						
						... 
						
						
						
						fix(esp32h2): program use_hardware_k efuse bit for ECDSA key purpose (v5.2)
See merge request espressif/esp-idf!27234  
						
						
					 
					
						2023-11-21 11:13:37 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						f207ce15df 
					 
					
						
						
							
							fix(api-docs): include in the ECDSA APIs for doxygen build  
						
						
						
						
					 
					
						2023-11-17 07:13:53 +00:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						2882b6f68b 
					 
					
						
						
							
							docs: add ECDSA peripheral chapter for H2/P4  
						
						... 
						
						
						
						- Add ECDSA peripheral chapter and instructions to program efuse key block
- Update security guide for ECDSA peripheral mention for device identity
- Link with ESP-TLS guide about using ECDSA peripheral in TLS connection 
						
						
					 
					
						2023-11-17 07:13:53 +00:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						f434d21f4a 
					 
					
						
						
							
							fix(ecdsa): remove unused k_mode from the ECDSA HAL/LL API  
						
						... 
						
						
						
						For ESP32-H2 case, the hardware k mode is always enforced through
efuse settings (done in startup code).
For ESP32-P4 case, the software k mode is not supported in the peripheral
itself and code was redundant. 
						
						
					 
					
						2023-11-17 07:13:53 +00:00 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						9bf48e77f0 
					 
					
						
						
							
							fix(mbedtls): move interrupt allocation during initialization phase  
						
						
						
						
					 
					
						2023-11-16 16:16:57 +05:30 
						 
				 
			
				
					
						
							
							
								Jiang Guang Ming 
							
						 
					 
					
						
						
							
						
						e882782f0d 
					 
					
						
						
							
							feat(mbedtls): add new option CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL for mbedtls pytest  
						
						
						
						
					 
					
						2023-10-23 13:10:44 +08:00 
						 
				 
			
				
					
						
							
							
								Jiang Guang Ming 
							
						 
					 
					
						
						
							
						
						37ec1cc592 
					 
					
						
						
							
							feat(mbedtls): support C2 mbedtls can use crypto algorithm in ROM  
						
						
						
						
					 
					
						2023-10-23 13:10:44 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						dbc33ca7aa 
					 
					
						
						
							
							Merge branch 'feature/add_intr_priority_config_option' into 'master'  
						
						... 
						
						
						
						feat(mbedtls): Add config for interrupt priority in AES and RSA
Closes IDF-7963 and IDF-7964
See merge request espressif/esp-idf!26190  
						
						
					 
					
						2023-10-16 11:33:03 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						6b62065b92 
					 
					
						
						
							
							Merge branch 'fix/crypto_periphs_use_rcc_atomic_blocks' into 'master'  
						
						... 
						
						
						
						Use rcc atomic blocks to enable/reset crypto peripherals
See merge request espressif/esp-idf!25811  
						
						
					 
					
						2023-10-13 22:37:58 +08:00 
						 
				 
			
				
					
						
							
							
								nilesh.kale 
							
						 
					 
					
						
						
							
						
						cf4a7bb09d 
					 
					
						
						
							
							feat(mbedtls): Add config for interrupt priority in AES and RSA(MPI)  
						
						
						
						
					 
					
						2023-10-12 11:06:13 +05:30 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						0c3ed4f540 
					 
					
						
						
							
							fix(mbedtls): remove deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION  
						
						... 
						
						
						
						This config has been removed in the upstream mbedTLS starting 3.0
release. Please see mbedTLS changelog for more details. 
						
						
					 
					
						2023-10-11 09:32:32 +00:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						e9094cef66 
					 
					
						
						
							
							fix(mbedtls): dynamic buffer feature issue with mbedtls 3.5.0  
						
						... 
						
						
						
						Set max TLS version in the SSL context during setup phase. Dynamic
buffer feature overrides the `mbedtls_ssl_setup` API and hence
this change is required per upstream 3.5.0 codebase change. 
						
						
					 
					
						2023-10-11 09:32:32 +00:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						9ca8f3d45b 
					 
					
						
						
							
							feat(mbedtls): update to 3.5.0 release  
						
						... 
						
						
						
						Changelog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0  
						
						
					 
					
						2023-10-11 09:32:32 +00:00 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						57d10477da 
					 
					
						
						
							
							feat(ecdsa): use RCC atomic block to enable/reset the ECDSA peripheral  
						
						
						
						
					 
					
						2023-10-11 14:59:04 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						1c6ff8ce9f 
					 
					
						
						
							
							feat(ecc): use RCC atomic block to enable/reset the ECC peripheral  
						
						
						
						
					 
					
						2023-10-11 14:59:04 +05:30 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						c5cc4f488a 
					 
					
						
						
							
							feat(mpi): use RCC atomic block to enable/reset the MPI peripheral  
						
						
						
						
					 
					
						2023-10-11 14:59:03 +05:30 
						 
				 
			
				
					
						
							
							
								Alexey Lapshin 
							
						 
					 
					
						
						
							
						
						71713bcdb5 
					 
					
						
						
							
							fix(mbedtls): fix gcc 13.1.0 warnings  
						
						
						
						
					 
					
						2023-10-09 12:13:02 +04:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						ab74fb4d92 
					 
					
						
						
							
							Merge branch 'feature/locking_layer_for_ecdsa' into 'master'  
						
						... 
						
						
						
						feat(esp_hw_support): Added locking mechanism for the ECDSA and ECC peripherals
Closes IDF-7990
See merge request espressif/esp-idf!26029  
						
						
					 
					
						2023-09-25 18:04:21 +08:00 
						 
				 
			
				
					
						
							
							
								Jakob Hasse 
							
						 
					 
					
						
						
							
						
						ac2515e199 
					 
					
						
						
							
							refactor(lwip): Added on/off switch for LwIP stack  
						
						... 
						
						
						
						* This switch allows applications to replace lwip with a different
  IP stack or just make it build if it is a dependency but not
  actually needed. 
						
						
					 
					
						2023-09-22 10:03:13 +08:00 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						6a7caa7b8e 
					 
					
						
						
							
							feat(esp_hw_support): Added locking mechanism for the ECDSA and ECC peripheral  
						
						
						
						
					 
					
						2023-09-20 16:05:50 +05:30 
						 
				 
			
				
					
						
							
							
								Jiang Jiang Jian 
							
						 
					 
					
						
						
							
						
						62720ffa8c 
					 
					
						
						
							
							Merge branch 'feature/pbkdf2_fast_implementation' into 'master'  
						
						... 
						
						
						
						esp_wifi: Port fast_pbkdf2 implementation to calculate PMK
See merge request espressif/esp-idf!24287  
						
						
					 
					
						2023-09-12 14:06:02 +08:00 
						 
				 
			
				
					
						
							
							
								Kapil Gupta 
							
						 
					 
					
						
						
							
						
						c82a792bc3 
					 
					
						
						
							
							change(esp_wifi): Port fast_pbkdf2 implementation for mbedlts  
						
						... 
						
						
						
						Add changes to use fast_pbkdf2 as default for PMK calculations.
fast_pbkdf2 is significantly faster than current implementations
for esp chips.
Also removes unnecessary code for pbkdf-sha256 and pbkdf-sha512. 
						
						
					 
					
						2023-09-11 19:33:17 +05:30