esp-idf

mirror of https://github.com/espressif/esp-idf.git synced 2025-10-04 04:19:39 +00:00

Author	SHA1	Message	Date
Mahavir Jain	858a988d6e	Merge branch 'feat/adding_different_strategy_to_perform_tls_using_dynamic_feature_v5.4' into 'release/v5.4' Add configuration to control dynamic buffer strategy in mbedtls (v5.4) See merge request espressif/esp-idf!39920	2025-06-27 10:42:24 +05:30
Mahavir Jain	72775cd61c	Merge branch 'fix/suppress_cert_bundle_serial_number_warning_v5.4' into 'release/v5.4' fix(mbedtls/esp_crt_bundle): Suppress non-negative serial number warning (v5.4) See merge request espressif/esp-idf!39402	2025-06-26 13:39:08 +05:30
hrushikesh.bhosale	d7b3e3b978	feat(mbedtls): Add configuration to control dynamic buffer strategy in mbedtls Problem: 1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation. 2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of the RX buffer can lead to fragmentation. 3. If another component allocates memory between these operations, it can break up the available 16KB block, causing allocation failure. Solution: 1. Introduce configurable strategy for using dynamic buffers in TLS connections. 2. For example, convert RX buffers to static after the TLS handshake. 3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure. 4. The strategy can be controlled independently for each TLS session.	2025-06-26 12:22:44 +05:30
wanckl	ea03622621	ci(esp32c61): remove c61 support from readme on 5.4	2025-06-17 15:09:40 +08:00
harshal.patil	f81c69eabc	fix(mbedtls/esp_crt_bundle): Suppress non-negative serial number warning Co-authored-by: Mahavir Jain <mahavir.jain@espressif.com>	2025-05-26 13:34:38 +05:30
Jiang Jiang Jian	45d95b1bd8	Merge branch 'fix/fix_esp32p4_retention_cost_v5.4' into 'release/v5.4' fix(esp_hw_support): optimize retention cost and update sleep time compensation (v5.4) See merge request espressif/esp-idf!38744	2025-05-06 14:18:49 +08:00
harshal.patil	05353d8d8f	fix(mbedtls): Fix config dependencies when ROM mbedtls is used	2025-04-29 10:53:06 +05:30
wuzhenghui	33aca83c63	change(ci): remove esp32c5 from readme since esp32c5 skipped CI build	2025-04-25 17:13:27 +08:00
Ashish Sharma	605206b69f	feat(mbedtls): new config to allow weak cert verification	2025-04-16 09:50:24 +08:00
Ashish Sharma	7578913742	feat(mbedtls): update to version 3.6.3	2025-04-16 09:50:24 +08:00
harshal.patil	96f48cd1cf	feat(mbedtls): Make mbedtls SHA1 support configurable	2025-04-01 12:40:55 +05:30
Ashish Sharma	a83a0ab02b	fix(component/mbedtls): Adds github root cert to cmn_crt_authorities.csv	2025-03-18 14:36:18 +08:00
Aditya Patwardhan	b301e03f57	feat(docs): Update minimizing binary size The ESP32-H2 software countermeasure may not be necessary for ESP32-H2 v1.2 and above, this commit updates the relevant documentation	2025-02-20 21:03:10 +08:00
Aditya Patwardhan	2ff128ebf4	fix(soc): Fixed ECDSA register compatibility	2025-02-20 21:03:10 +08:00
Aditya Patwardhan	3bcafe77d8	fix(hal): Make the ECDSA countermeasure dynamically applicable This commit makes the ECDSA countermeasure dynamically applicable across different revisions of the ESP32H2 SoC.	2025-02-20 21:03:10 +08:00
Mahavir Jain	748d29b5ad	feat(ecc): enable ECC constant time mode for ESP32-H2 ECO5	2025-02-20 21:03:10 +08:00
harshal.patil	7d803e661e	feat(hal/aes): Enable pseudo rounds function during AES operations	2025-01-21 12:28:23 +05:30
harshal.patil	e0312feddb	fix(mbedtls/aes): Fix external memory corruption caused due to unaligned length cache sync Fixes the memory corruption issue that arises due to external memory cache sync of unaligned length bytes when L2 cache line size is greater than the L1 cache line size	2024-11-21 12:15:57 +05:30
Harshal Patil	27f11f87f5	Merge branch 'feat/mbedtls_size_optimization' into 'master' Fix the increase in build size of mbedtls while upgrading to v3.x See merge request espressif/esp-idf!34179	2024-10-26 01:20:40 +08:00
harshal.patil	4cdfdac18c	fix(mbedtls): Fix the increase in build size of mbedtls when upgrading to v3.x	2024-10-24 14:45:57 +05:30
harshal.patil	c2b71a3855	ci(mbedtls): Fix component dependencies for security-related test apps	2024-10-24 14:45:56 +05:30
nilesh.kale	854101959d	feat: enable security related testcases for c5 and c61	2024-10-21 14:24:36 +05:30
nilesh.kale	dacb9a57cb	feat(mbedtls): update mbedtls version to 3.6.2	2024-10-18 11:59:31 +05:30
harshal.patil	3957e59f1a	feat(mbedtls/esp_crt_bundle): Move dummy cert to .rodata to save 408B from dram Co-authored-by: Hanno <h.binder@web.de>	2024-10-16 16:21:28 +05:30
Mahavir Jain	fa4c38738e	Merge branch 'contrib/github_pr_13204' into 'master' Reduce RAM usage by modifying the certificate bundle format (GitHub PR) Closes IDFGH-12148 See merge request espressif/esp-idf!29595	2024-10-11 05:05:43 +08:00
Marius Vikhammer	331abf74ff	Merge branch 'docs/rtc_heap_mem_description' into 'master' fix(system): fixed docs for ESP_SYSTEM_ALLOW_RTC_FAST_MEM_AS_HEAP, enabled on H2 See merge request espressif/esp-idf!33537	2024-10-10 16:31:07 +08:00
harshal.patil	20fff296e4	test(mbedtls): Update custom cert bundle init API - bound checking testcase - Support the newer cert bundle format in the test	2024-10-09 16:08:35 +05:30
harshal.patil	b097eb12b3	ci(mbedtls/esp_crt_bundle): Format esp_crt_bundle.c using astyle	2024-10-09 16:08:35 +05:30
Hanno	d8e31eb6d0	feat(mbedtls/esp_crt_bundle): Reduced RAM & stack use of cert bundle Closes https://github.com/espressif/esp-idf/pull/13204 Signed-off-by: harshal.patil <harshal.patil@espressif.com>	2024-10-09 16:08:35 +05:30
morris	aebf700919	refactor(freertos): rename SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY and move to freertos	2024-10-09 13:32:03 +08:00
Marius Vikhammer	3e443a9033	fix(system): fixed docs for ESP_SYSTEM_ALLOW_RTC_FAST_MEM_AS_HEAP, enabled on H2	2024-10-08 12:24:20 +08:00
Aditya Patwardhan	1b770c3931	fix(mbedtls): Fix the MBEDTLS_FS_IO dependency on vfs By default MBEDTLS_FS_IO option in mbedtls uses the filesystem supported added by vfs component. If the vfs support is disabled by user then mbedtls raises a warning that the filesystem realted operation shall always fail This commit fixes the behaviour by enabling respective depedency check for the MBEDTLS_FS_IO option Closes https://github.com/espressif/esp-idf/issues/14409	2024-09-30 13:43:29 +05:30
nilesh.kale	0216236d0c	feat(mbedtls): updated mbedtls version to 3.6.1	2024-09-26 10:26:29 +05:30
Espressif BOT	d9d303fd6f	change(mbedtls/crt_bundle): Update esp_crt_bundle certificates	2024-09-25 16:39:46 +08:00
Mahavir Jain	bfd4085bea	Merge branch 'feat/support_ecc_constant_time_mul_operations' into 'master' feat(mbedtls/ecc): Support ECC hardware constant-time point multiplication operations Closes IDF-10327 See merge request espressif/esp-idf!31888	2024-09-25 12:53:45 +08:00
Aditya Patwardhan	11128b73f5	feat(hal): Add countermeasure for ECDSA generate signature The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA sign operation in constant time. This allows an attacker to read the power signature of the ECDSA sign operation and then calculate the ECDSA key stored inside the eFuse. The commit adds a countermeasure for this attack. In this case the real ECDSA sign operation is masked under dummy ECDSA sign operations to hide its real power signature	2024-09-23 18:55:43 +08:00
harshal.patil	46cbaa7d4d	fix(mbedtls/ecc): Enable hardware ECC mult operations only for SOC_ECC_CONSTANT_TIME_MUL Co-authored-by: aditya.patwardhan <aditya.patwardhane@espressif.com>	2024-09-20 18:46:55 +05:30
Mahavir Jain	a71e0fc028	Merge branch 'feature/enable_sha_support_for_esp32c61' into 'master' feat: enable support for sha peripheral in esp32c61 Closes IDF-9234 See merge request espressif/esp-idf!32830	2024-09-20 13:22:14 +08:00
Mahavir Jain	f5b55b2967	Merge branch 'fix/ecdsa_verify_check_hash_len' into 'master' Wrap some mbedtls' ECDSA verification related APIs See merge request espressif/esp-idf!33349	2024-09-20 12:38:10 +08:00
JiangGuangMing	ee9a072c82	feat(mbedtls): bringup rom mbedtls feature to formal	2024-09-13 16:40:20 +08:00
nilesh.kale	12fc7a677e	feat: enable support for sha peripheral in esp32c61	2024-09-11 14:49:01 +05:30
Jiang Guang Ming	5bb93061a3	feat(mbedtls): support rom mbedtls threading layer	2024-09-06 19:27:57 +08:00
Jiang Guang Ming	d0ec6fc04d	fix(mbedtls): MBEDTLS_CMAC_C not effective when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled	2024-09-06 09:55:27 +08:00
Jiang Guang Ming	d74ff5224c	feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4)	2024-09-06 09:55:27 +08:00
harshal.patil	c4f60d91f1	feat(mbedtls): Wrap mbedtls_ecdsa_read_signature to use ECDSA hardware when possible	2024-09-05 16:27:58 +05:30
harshal.patil	331fd7f79f	fix(mbedtls/port): Check signature hash length before using ECDSA hardware	2024-09-05 16:27:58 +05:30
harshal.patil	945ad6ea5d	ci(mbedtls): Enable PSRAM-related tests for ESP32-P4 and ESP32-C5	2024-08-30 17:19:12 +05:30
harshal.patil	c94986d793	fix(mbedtls): Fix https_request example build failure for mbedtls_config - This was caused due to some mbedtls confisg being defined but their all prerequisites were not	2024-08-27 14:09:21 +05:30
Mahavir Jain	ad3a257390	Merge branch 'contrib/github_pr_14314' into 'master' perf(gcm): shrink Shoup table and tune GCM loop (GitHub PR) Closes IDFGH-13409 Closes https://github.com/espressif/esp-idf/pull/14314 See merge request espressif/esp-idf!32908	2024-08-21 12:12:10 +08:00
Richard Allen	0b51c24238	change(mbedtls/port): optimize gcm_mult() 1) pre-shift GCM last4 to use 32-bit shift On 32-bit architectures like Aarch32, RV32, Xtensa, shifting a 64-bit variable by 32-bits is free, since it changes the register representing half of the 64-bit var. Pre-shift the last4 array to take advantage of this. 2) unroll first GCM iteration The first loop of gcm_mult() is different from the others. By unrolling it separately from the others, the other iterations may take advantage of the zero-overhead loop construct, in addition to saving a conditional branch in the loop.	2024-08-20 16:44:56 +08:00

1 2 3 4 5 ...

715 Commits