alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-30 20:51:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
44,983 Commits 22 Branches 172 Tags
b43daa6bbf08ec1ebbaf026439b0e57554ac0dee
Commit Graph

775 Commits

Author SHA1 Message Date
Mahavir Jain
a8bf745f23 Merge branch 'feat/adding_different_strategy_to_perform_tls_using_dynamic_feature' into 'master' 
Add configuration to control dynamic buffer strategy in mbedtls

Closes IDF-12591

See merge request espressif/esp-idf!39469
 2025-06-12 09:52:35 +05:30
Harshal Patil
c85075dc12 Merge branch 'update/update_cmn_crt_authorities_csv' into 'master' 
Update common cert authorities csv

See merge request espressif/esp-idf!39564
 2025-06-09 12:08:03 +05:30
Aditya Patwardhan
8d0527d7bf Merge branch 'feat/support_sha512_for_esp32c5' into 'master' 
Support SHA 512 for ESP32-C5

See merge request espressif/esp-idf!39421
 2025-06-09 09:42:37 +05:30
Espressif BOT
da1842ea0f change(mbedtls/crt_bundle): Update esp_cmn_crt_bundle certificates 2025-06-08 13:35:51 +05:30
harshal.patil
85ec4df4db change(mbedlts/port): Remove deprecated header files 2025-06-06 14:52:03 +05:30
harshal.patil
fe78370ec9 feat(mbedtls/sha): New API for setting SHA mode 2025-06-06 14:51:44 +05:30
hrushikesh.bhosale
5928a87aa7 feat(mbedtls): Add configuration to control dynamic buffer strategy in mbedtls 
Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.

Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
 2025-06-05 12:43:47 +05:30
Ashish Sharma
2ef09a7952 fix(esp_tls): fix failing build with TLS1.3 only and dynamic buffer 2025-06-02 09:14:03 +08:00
harshal.patil
65642866bc change(mbedtls/esp_crt_bundle): Remove deprecated certs for the major release version (v6.0) 2025-05-28 23:16:47 +05:30
Espressif BOT
e6d92ab49c change(mbedtls/crt_bundle): Update esp_crt_bundle certificates 2025-05-28 23:16:47 +05:30
Mahavir Jain
619996f74a Merge branch 'bugfix/fix_tls1_3_server_failing_handshake' into 'master' 
fix(mbedtls): Fix failing handshake when running HTTPS Server with TLS1.3

Closes IDFGH-15325 and IDF-13113

See merge request espressif/esp-idf!39318
 2025-05-28 13:16:49 +05:30
Ashish Sharma
dbb846c348 fix(mbedtls): Fixes failing TLS 1.3 server handshake 
Closes https://github.com/espressif/esp-idf/issues/15984
 2025-05-26 17:16:21 +08:00
Espressif BOT
e08ed84287 change(mbedtls/crt_bundle): Update esp_cmn_crt_bundle certificates 2025-05-26 13:19:57 +05:30
Harshal Patil
fe40cc8f8b Merge branch 'fix/suppress_cert_bundle_serial_number_warning' into 'master' 
fix(mbedtls/esp_crt_bundle): Suppress non-negative serial number warning

Closes IDFCI-2945

See merge request espressif/esp-idf!39381
 2025-05-26 13:19:00 +05:30
harshal.patil
5ae42e6f0b fix(mbedtls/esp_crt_bundle): Suppress non-negative serial number warning 
Co-authored-by: Mahavir Jain <mahavir.jain@espressif.com>
 2025-05-23 09:28:42 +05:30
nilesh.kale
148d31b659 feat: enable support for deterministic mode for esp32h2 2025-05-22 14:55:15 +05:30
nilesh.kale
0fb8c2a9b8 feat: enabled ECDSA-P192 support for ESP32H2 2025-05-22 14:55:03 +05:30
Laukik Hase
12e2df2d74 feat(esp_tee): Support for ESP32-H2 - the rest of the components 2025-05-20 16:31:23 +05:30
harshal.patil
0154c7cfe3 fix(mbedtls): Enable signature verification s/w fallback when ECDSA curve is disabled 2025-05-14 12:31:56 +05:30
Laukik Hase
d116567a66 refactor(esp_tee): Update TEE secure storage interface APIs 2025-05-04 18:03:29 +05:30
Laukik Hase
c9f7bcd452 feat(esp_tee): Support the nvs_flash for the ESP-TEE build 2025-05-04 18:03:28 +05:30
Zhang Xiao Yan
97f904b6fb Merge branch 'docs/fix_some_typos' into 'master' 
docs: Fix some typos

Closes DOC-10600, DOC-10605, DOC-10606, DOC-10607, DOC-10608, and DOC-10671

See merge request espressif/esp-idf!37977
 2025-04-30 18:35:40 +08:00
Shen Meng Jing
62d4115e08 docs: Fix some typos 2025-04-30 18:35:39 +08:00
Aditya Patwardhan
d3e3790fc9 Merge branch 'fix/refactor_source_code_and_comments' into 'master' 
fix(hal): updated API description and added comments

Closes IDF-12618

See merge request espressif/esp-idf!38415
 2025-04-30 18:26:57 +08:00
Mahavir Jain
ff555428d1 Merge branch 'feat/dynamic_buffer_tls1.3' into 'master' 
feat(mbedtls): add support for dynamic buffer for TLS1.3

Closes IDFGH-14708, IDF-12469, IDF-9178, and IDF-1725

See merge request espressif/esp-idf!38258
 2025-04-30 17:52:43 +08:00
nilesh.kale
f19e8e6970 fix: re-enabled ecdsa support for esp32c5-eco2 2025-04-28 20:58:09 +05:30
Ashish Sharma
415e0f3c86 feat(mbedtls): add support for dynamic buffer for TLS1.3 
Closes https://github.com/espressif/esp-idf/issues/15448
 2025-04-24 12:05:36 +08:00
Mahavir Jain
8b239ab605 Merge branch 'fix/remove_mbedtls_logical_dead_code' into 'master' 
fix(mbedtls): remove logical dead code from mbedtls

Closes IDF-12866

See merge request espressif/esp-idf!38498
 2025-04-23 12:21:20 +08:00
harshal.patil
b0d9ccf6e3 fix(mbedtls): Fix config dependencies when ROM mbedtls is used 2025-04-21 13:38:29 +05:30
Ashish Sharma
0de1429834 fix(mbedtls): remove logical dead code from mbedtls 2025-04-17 13:43:48 +08:00
Laukik Hase
4a4d63d36e feat(esp_tee): Protect the ECC peripheral from REE access 2025-04-16 19:19:04 +05:30
Laukik Hase
1c4969bc47 feat(esp_security): Add a TEE-specific crypto lock layer with stub implementations 2025-04-16 19:19:03 +05:30
Mahavir Jain
c8f790078b Merge branch 'feature/enable_ecdsa_support_for_esp32h21' into 'master' 
feat: add ECDSA support for esp32h21

Closes IDF-11496

See merge request espressif/esp-idf!36591
 2025-04-16 17:58:52 +08:00
nilesh.kale
d9f03d7f28 fix(hal): updated API description and added comments 2025-04-15 14:58:53 +05:30
Laukik Hase
1c6405eb9b Merge branch 'fix/esp_tee_coverity_bugs' into 'master' 
fix(security): Fixed coverity warnings related to the `esp_tee` component

Closes IDF-12803, IDF-12804, and IDF-12826

See merge request espressif/esp-idf!38360
 2025-04-14 15:05:27 +08:00
nilesh.kale
aae4bfb6f3 feat: enable ecdsa support for esp32h21 
This commit enabled suppot for ECDSA peripheral in ESP32H21.
 2025-04-14 10:26:46 +05:30
Laukik Hase
13aff0b216 fix(security): Fixed coverity warnings related to the esp_tee component 
- Also, disable the SECP192R1 curve (Mbed TLS config) when TEE Secure Storage
  does not require it
 2025-04-14 10:12:51 +05:30
Ashish Sharma
b62e486247 fix(component/mbedtls): Fix failing cert verification with TLS1.3 and DS peripheral 2025-04-11 18:34:16 +08:00
Laukik Hase
bd314c2460 refactor(esp_tee): Update the SHA clock configuration service call 2025-04-04 10:31:28 +05:30
Laukik Hase
3e95020c59 refactor(esp_security): Introduce dedicated APIs for crypto clock configuration 2025-04-04 10:31:27 +05:30
Laukik Hase
3fd107aa04 feat(mbedtls): Add support for ECDSA signing with TEE secure storage 2025-04-03 15:35:15 +05:30
Laukik Hase
1e8933d296 feat(esp_tee): Add support for SECP192R1 curve in TEE secure storage 2025-04-03 15:35:14 +05:30
Mahavir Jain
21f59bd030 Merge branch 'feat/update_mbedtls_3.6.3' into 'master' 
feat(component/mbedtls): update to upstream v3.6.3

Closes IDF-12730

See merge request espressif/esp-idf!38041
 2025-04-01 18:38:12 +08:00
Ashish Sharma
b126ebb596 feat(mbedtls): new config to allow weak cert verification 2025-03-28 15:46:48 +08:00
Chen Jichang
c34b4eb882 feat(esp32h4): enable ESP32H4 ci build 2025-03-28 14:41:28 +08:00
Ashish Sharma
0291bee0ff feat(mbedtls): update to version 3.6.3 2025-03-28 13:03:12 +08:00
Mahavir Jain
8e4cbdfe36 Merge branch 'feat/configurable_mbedtls_sha1' into 'master' 
feat(mbedtls): Make mbedtls SHA1 support configurable

See merge request espressif/esp-idf!37795
 2025-03-24 17:38:05 +08:00
Laukik Hase
6b1f4fe46c fix(esp_tee): Utilize the SHA H/W for hashing operations in the TEE 2025-03-22 10:02:24 +05:30
Mahavir Jain
ce7ec7f19f Merge branch 'feature/enable_hmac_and_ds_support_for_esp32h21' into 'master' 
feat: enabled hmac and ds support in esp32h21

Closes IDF-11495 and IDF-11497

See merge request espressif/esp-idf!37085
 2025-03-21 17:23:46 +08:00
Laukik Hase
98e16412a7 refactor(esp_tee): Use the AES-GCM port layer for operations in the TEE 2025-03-19 14:30:52 +05:30