alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-29 20:34:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
43,184 Commits 22 Branches 172 Tags
b62736b764c3a41abf90336effcae9c0f366f7b1
Commit Graph

136 Commits

Author SHA1 Message Date
harshal.patil
7d8211bf87 feat(mbedtls): Support both SHA block and DMA modes during runtime 
Dynamically switch the SHA operation modes based on the buffer operating length
 2025-02-04 16:49:30 +05:30
harshal.patil
4cdfdac18c fix(mbedtls): Fix the increase in build size of mbedtls when upgrading to v3.x 2024-10-24 14:45:57 +05:30
Aditya Patwardhan
1b770c3931 fix(mbedtls): Fix the MBEDTLS_FS_IO dependency on vfs 
By default MBEDTLS_FS_IO option in mbedtls uses the filesystem supported
added by vfs component.
If the vfs support is disabled by user then mbedtls raises a warning
that the filesystem realted operation shall always fail
This commit fixes the behaviour by enabling respective depedency check for the
MBEDTLS_FS_IO option

Closes https://github.com/espressif/esp-idf/issues/14409
 2024-09-30 13:43:29 +05:30
harshal.patil
c94986d793 fix(mbedtls): Fix https_request example build failure for mbedtls_config 
- This was caused due to some mbedtls confisg being defined but their all prerequisites were not
 2024-08-27 14:09:21 +05:30
Laukik Hase
e8477fb894 feat(mbedtls): Extend the esp_sha API to support SHA224 operations 2024-08-07 10:03:11 +05:30
Mahavir Jain
64fd14e787 feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C 
Disabling this config can reduce footprint for the cases where
mbedtls_strerror() is used and hence the debug strings are getting
pulled into the application image.
 2024-04-04 09:20:28 +05:30
harshal.patil
e383616503 fix(mbedtls/aes): Fix incorrect dma alignment size 2024-04-02 14:30:14 +08:00
Aditya Patwardhan
d0a23799e8 feat(mbedtls): Added support for using ECDSA key through key manager 2024-04-01 14:37:12 +05:30
harshal.patil
211a2a5477 feat(mbedtls/sha): Support SHA-DMA operations by satisfying L1 cache alignment requirements 
- Use block mode as default SHA operation mode instead of DMA
 2024-03-27 11:23:29 +05:30
harshal.patil
d737625215 feat(mbedtls/sha): Support in AXI-DMA SHA driver layer 2024-03-27 11:23:29 +05:30
harshal.patil
2abb656ba2 feat(mbedtls/aes): Support AES-DMA operations by satisfying L1 cache alignment requirements 
- Use DMA RX done interrupt status bit while waiting for DMA rx transfer
 2024-03-13 15:22:07 +05:30
harshal.patil
83dd60307f feat(mbedtls/esp_crypto_shared_gdma): support AXI-DMA in the crypto shared gdma layer 
- In case of AXI-DMA, the DMA descriptors need to be 8 bytes aligned
lldesc_t do not satify this condition thus we need to replace it with
dma_descriptor_t (align(4) and align(8)) in esp_crypto_shared_gdma.

- Added new shared gdma start API that supports the dma_descriptor_t
DMA descriptor.

- Added some generic dma descriptor macros and helper functions

- replace lldesc_t with dma_descriptor_t
 2024-03-13 15:22:06 +05:30
harshal.patil
2c570ed53b change(mbedtls/aes): moved esp_aes_internal.h to be a private header 
- Also enable AES-GCM test in the hal crypto test app for all targets
 2024-03-13 15:22:06 +05:30
harshal.patil
8977be856d fix(mbedtls/gcm): Add support for software fallback for non-AES ciphers in a GCM operation 
- Even if the config MBEDTLS_HARDWARE_AES is enabled, we now support fallback
to software implementation of GCM operations when non-AES ciphers are used.
 2024-02-23 10:47:30 +05:30
nilesh.kale
aab3f604ec feat(hal/testapps): Added AES and SHA testcases with DMA support 2024-02-09 14:23:06 +05:30
Aditya Patwardhan
4dc2ace0b7 fix(esp_hw_support): Update key manager support 
1) Added new Key Manager APIs
    2) Added crypto locking layer for Key Manager
    3) Remove support for deploying known key
    4) Format key manager support
    5) Fix build header error
    6) Updated the key_mgr_types.h file
    7) Added key manager tests
 2024-01-23 10:24:39 +05:30
Mahavir Jain
fec7fc30f1 fix(api-docs): include in the ECDSA APIs for doxygen build 2023-11-15 09:42:27 +05:30
Mahavir Jain
7bb29086df docs: add ECDSA peripheral chapter for H2/P4 
- Add ECDSA peripheral chapter and instructions to program efuse key block
- Update security guide for ECDSA peripheral mention for device identity
- Link with ESP-TLS guide about using ECDSA peripheral in TLS connection
 2023-11-15 09:42:26 +05:30
Mahavir Jain
804ed172dd fix(mbedtls): allow to use built in entropy implementation for linux target 2023-10-26 15:12:42 +05:30
Mahavir Jain
0c3ed4f540 fix(mbedtls): remove deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION 
This config has been removed in the upstream mbedTLS starting 3.0
release. Please see mbedTLS changelog for more details.
 2023-10-11 09:32:32 +00:00
Mahavir Jain
9ca8f3d45b feat(mbedtls): update to 3.5.0 release 
Changelog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0
 2023-10-11 09:32:32 +00:00
Kapil Gupta
c82a792bc3 change(esp_wifi): Port fast_pbkdf2 implementation for mbedlts 
Add changes to use fast_pbkdf2 as default for PMK calculations.
fast_pbkdf2 is significantly faster than current implementations
for esp chips.

Also removes unnecessary code for pbkdf-sha256 and pbkdf-sha512.
 2023-09-11 19:33:17 +05:30
Aditya Patwardhan
a57c8dc938 Merge branch 'contrib/github_pr_12177' into 'master' 
mbedtls: define MBEDTLS_SSL_CID_TLS1_3_PAD_GRANULARITY for CID padding (GitHub PR)

See merge request espressif/esp-idf!25826
 2023-09-09 12:27:56 +08:00
Daniel Mangum
35c428b0ec mbedtls: define MBEDTLS_SSL_CID_TLS1_3_PAD_GRANULARITY for CID padding 
Updates config to define the new MBEDTLS_SSL_CID_TLS1_3_PAD_GRANULARITY
option, which replaced the previously used
MBEDTLS_SSL_CID_PADDING_GRANULARITY. The old option is continuing to be
used as the new one exceeds the maximum length for an option name in
esp-idf.

See https://github.com/Mbed-TLS/mbedtls/pull/4490 for more information.

Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
 2023-09-08 11:45:55 +05:30
harshal.patil
4c0dd8388b feat(mbedtls): Integrate the ecdsa export public key feature in mbedtls 2023-09-06 11:07:40 +05:30
Jiang Guang Ming
3f2746688c feat(mbedtls): support ecp fixed-point multiplication configurable 2023-08-08 14:03:57 +08:00
Linda
65ee4992ce docs: update the algorithm and key name from AES-XTS to XTS-AES 2023-05-15 17:54:50 +08:00
harshal.patil
9a87b26294 mbedtls: fix sha-512 block mode build error 2023-05-08 10:27:34 +05:30
Mahavir Jain
3fd171f092 mbedtls: fix small typo in the config file 2023-04-25 17:44:28 +05:30
harshal.patil
f30b58f665 mbedtls: Update config options as per release/v3.4.0 
- Added a Kconfig option for the newly added mbedtls option MBEDTLS_PKCS7_C
 2023-04-17 12:50:15 +05:30
Sachin Parekh
d634970ed1 ecdsa: Support multiple ECDSA keys 
Add provision to choose which efuse block should be used as ECDSA
private key
 2023-04-07 14:55:21 +05:30
Sachin Parekh
d2940c5ff3 mbedtls: Add port layer for ECDSA peripheral 2023-03-24 10:43:40 +05:30
harshal.patil
270ff95022 mbedtls/port: refactor sanity checks and their return values 
Refactored and returned correct error codes for sanity checks
present in port layer esp_aes.c and esp_aes_gcm.c
 2023-01-16 15:04:08 +05:30
Laukik Hase
59de3948dc mbedtls: Update config options as per v3.3.0 release 2023-01-09 15:41:36 +05:30
LiPeng
5c93fe47cb mbedtls: GCM implementation is replaced with CTR-based calculation 
- GCM operation in mbedtls used ECB, which calculated only 16 bytes of data each time.
	- Therefore, when processing a large amount of data, it is necessary to frequently set hardware acceleration calculations,
	- which could not make good use of the AES DMA function to improve efficiency.
	- Hence, GCM implementation is replaced with CTR-based calculation which utilizes AES DMA to improve efficiency.
 2022-12-28 12:14:29 +05:30
jgujarathi
915fb4dfe2 Removed some occurences of the RC4 cipher suite(deprecated now) 2022-10-26 03:02:16 +00:00
Sachin Parekh
aa4437d3d3 mbedtls: Override ecp_mul_restartable_internal 
ECDSA verification uses ecp_mul_restartable_internal instead
of the public API mbedtls_ecp_mul_restartable
 2022-08-24 11:59:35 +05:30
Marius Vikhammer
f4c79687f8 SHA: added hardware support for SHA on C2. 2022-06-23 11:01:16 +08:00
Laukik Hase
28ac0b12fb mbedtls: Remove deprecated options from mbedtls/esp_config.h 
- Removed options related to RC4 ciphersuite, SSL3 and TLS1
  (as per mbedtls v3.1.0)
 2022-05-28 10:21:06 +05:30
Mahavir Jain
93987e6b79 Merge branch 'fix/remove_test_cert_files_from_mbedtls_port_directory' into 'master' 
mbedtls: Remove certs.c and certs.h from port directory

Closes IDF-4709

See merge request espressif/esp-idf!17485
 2022-03-18 16:47:53 +08:00
Aditya Patwardhan
f31d8dd295 mbedtls: Remove certs.c and certs.h from port directory 2022-03-15 17:16:07 +05:30
Laukik Hase
1c65ab5307 mbedtls: Add config for MBEDTLS_PLATFORM_TIME_ALT 2022-03-14 09:42:33 +05:30
Sachin Parekh
32a6550e87 mbedtls: Added ECC hardware accelerator support on ESP32C2 
ESP32C2 has a ECC hardware accelerator capable of performing point
multiplication and point verification with a significant performance
boost
 2022-03-08 14:05:23 +00:00
Aditya Patwardhan
4582af75b8 mbedtls: Update licenses of files updated in mbedtls-3.1 update 2022-03-04 05:18:58 +00:00
Aditya Patwardhan
8cbfb18037 mbedtls-3.x: Update Kconfig macros 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
8111286668 Add entropy_poll.h in port directory 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
66a9243d3b mbedtls 3.X update: 
*MBEDTLS_ECDH_LEGACY_CONTEXT is now disabled by default.
*Fixed MBEDTLS_ECDH_LEGACY_CONTEXT issue for protocomm component.
*Removed all code under MBEDTLS_DEPRECATED_REMOVED
 2022-03-03 01:37:10 +05:30
Laukik Hase
3925365351 ci: Fix pre-check stage failing tests 
- Updated license headers
- Re-enabled public headers and static analysis checks
- Fix public header file check failure

Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
3b71bd7326 mbedtls-3.0: Fixed ESP32 build issues 
- Added MBEDLTS_PRIVATE(...) wherever necessary
- For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function
  pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL
- For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this.
  Currently, corresponding snippet has been commented.
- Examples tested: hello-world | https_request | wifi_prov_mgr

mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues
- Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port
- DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument
- Added MBEDTLS_PRIVATE(...) wherever required

mbedtls-3.0: Fixed ESP32-S2 build issues
- Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module

mbedtls-3.0: Fixed ESP32-H2 build issues

ci: Fixing build stage
- Added MBEDTLS_PRIVATE(...) wherever required
- Added RNG function parameter
- Updated GCM Module changes
- Updated Copyright notices

- Tests:
- build_esp_idf_tests_cmake_esp32
- build_esp_idf_tests_cmake_esp32s2
- build_esp_idf_tests_cmake_esp32c3
- build_esp_idf_tests_cmake_esp32s3

ci: Fixing build stage (mbedtls-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

ci: Fixing build stage (example-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

ci: Fixing target_test stage
- Updated test SSL version to TLS_v1_2

- Tests:
- example_test_protocols 1/2

ci: Fixing build stage
- Added checks for MBEDTLS_DHM_C (disabled by default)
- Updated esp_cryptoauthlib submodule
- Updated factory partition size for legacy BLE provisioning example

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

Co-authored-by: Laukik Hase <laukik.hase@espressif.com>
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
45122533e0 mbedtls-3 update: 
1) Fix build issue in mbedtls
2) skip the public headers check in IDF
3)Update Kconfig Macros
4)Remove deprecated config options
5) Update the sha API according to new nomenclature
6) Update mbedtls_rsa_init usage
7) Include mbedtls/build_info.h instead of mbedtls/config.h
8) Dont include check_config.h
9) Add additional error message in esp_blufi_api.h
 2022-03-03 01:37:10 +05:30