alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-31 04:59:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
42,164 Commits 22 Branches 172 Tags
c94014cc3ddabf108f31d8a3885d29c20a0a5e81
Commit Graph

705 Commits

Author SHA1 Message Date
harshal.patil
96f48cd1cf feat(mbedtls): Make mbedtls SHA1 support configurable 2025-04-01 12:40:55 +05:30
Ashish Sharma
a83a0ab02b fix(component/mbedtls): Adds github root cert to cmn_crt_authorities.csv 2025-03-18 14:36:18 +08:00
Aditya Patwardhan
b301e03f57 feat(docs): Update minimizing binary size 
The ESP32-H2 software countermeasure may not be necessary
        for ESP32-H2 v1.2 and above, this commit updates
        the relevant documentation
 2025-02-20 21:03:10 +08:00
Aditya Patwardhan
2ff128ebf4 fix(soc): Fixed ECDSA register compatibility 2025-02-20 21:03:10 +08:00
Aditya Patwardhan
3bcafe77d8 fix(hal): Make the ECDSA countermeasure dynamically applicable 
This commit makes the ECDSA countermeasure dynamically applicable
    across different revisions of the ESP32H2 SoC.
 2025-02-20 21:03:10 +08:00
Mahavir Jain
748d29b5ad feat(ecc): enable ECC constant time mode for ESP32-H2 ECO5 2025-02-20 21:03:10 +08:00
harshal.patil
7d803e661e feat(hal/aes): Enable pseudo rounds function during AES operations 2025-01-21 12:28:23 +05:30
harshal.patil
e0312feddb fix(mbedtls/aes): Fix external memory corruption caused due to unaligned length cache sync 
Fixes the memory corruption issue that arises due to external memory cache sync of unaligned
length bytes when L2 cache line size is greater than the L1 cache line size
 2024-11-21 12:15:57 +05:30
Harshal Patil
27f11f87f5 Merge branch 'feat/mbedtls_size_optimization' into 'master' 
Fix the increase in build size of mbedtls while upgrading to v3.x

See merge request espressif/esp-idf!34179
 2024-10-26 01:20:40 +08:00
harshal.patil
4cdfdac18c fix(mbedtls): Fix the increase in build size of mbedtls when upgrading to v3.x 2024-10-24 14:45:57 +05:30
harshal.patil
c2b71a3855 ci(mbedtls): Fix component dependencies for security-related test apps 2024-10-24 14:45:56 +05:30
nilesh.kale
854101959d feat: enable security related testcases for c5 and c61 2024-10-21 14:24:36 +05:30
nilesh.kale
dacb9a57cb feat(mbedtls): update mbedtls version to 3.6.2 2024-10-18 11:59:31 +05:30
harshal.patil
3957e59f1a feat(mbedtls/esp_crt_bundle): Move dummy cert to .rodata to save 408B from dram 
Co-authored-by: Hanno <h.binder@web.de>
 2024-10-16 16:21:28 +05:30
Mahavir Jain
fa4c38738e Merge branch 'contrib/github_pr_13204' into 'master' 
Reduce RAM usage by modifying the certificate bundle format (GitHub PR)

Closes IDFGH-12148

See merge request espressif/esp-idf!29595
 2024-10-11 05:05:43 +08:00
Marius Vikhammer
331abf74ff Merge branch 'docs/rtc_heap_mem_description' into 'master' 
fix(system): fixed docs for ESP_SYSTEM_ALLOW_RTC_FAST_MEM_AS_HEAP, enabled on H2

See merge request espressif/esp-idf!33537
 2024-10-10 16:31:07 +08:00
harshal.patil
20fff296e4 test(mbedtls): Update custom cert bundle init API - bound checking testcase 
- Support the newer cert bundle format in the test
 2024-10-09 16:08:35 +05:30
harshal.patil
b097eb12b3 ci(mbedtls/esp_crt_bundle): Format esp_crt_bundle.c using astyle 2024-10-09 16:08:35 +05:30
Hanno
d8e31eb6d0 feat(mbedtls/esp_crt_bundle): Reduced RAM & stack use of cert bundle 
Closes https://github.com/espressif/esp-idf/pull/13204

Signed-off-by: harshal.patil <harshal.patil@espressif.com>
 2024-10-09 16:08:35 +05:30
morris
aebf700919 refactor(freertos): rename SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY and move to freertos 2024-10-09 13:32:03 +08:00
Marius Vikhammer
3e443a9033 fix(system): fixed docs for ESP_SYSTEM_ALLOW_RTC_FAST_MEM_AS_HEAP, enabled on H2 2024-10-08 12:24:20 +08:00
Aditya Patwardhan
1b770c3931 fix(mbedtls): Fix the MBEDTLS_FS_IO dependency on vfs 
By default MBEDTLS_FS_IO option in mbedtls uses the filesystem supported
added by vfs component.
If the vfs support is disabled by user then mbedtls raises a warning
that the filesystem realted operation shall always fail
This commit fixes the behaviour by enabling respective depedency check for the
MBEDTLS_FS_IO option

Closes https://github.com/espressif/esp-idf/issues/14409
 2024-09-30 13:43:29 +05:30
nilesh.kale
0216236d0c feat(mbedtls): updated mbedtls version to 3.6.1 2024-09-26 10:26:29 +05:30
Espressif BOT
d9d303fd6f change(mbedtls/crt_bundle): Update esp_crt_bundle certificates 2024-09-25 16:39:46 +08:00
Mahavir Jain
bfd4085bea Merge branch 'feat/support_ecc_constant_time_mul_operations' into 'master' 
feat(mbedtls/ecc): Support ECC hardware constant-time point multiplication operations

Closes IDF-10327

See merge request espressif/esp-idf!31888
 2024-09-25 12:53:45 +08:00
Aditya Patwardhan
11128b73f5 feat(hal): Add countermeasure for ECDSA generate signature 
The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA
    sign operation in constant time. This allows an attacker to read the
    power signature of the ECDSA sign operation and then calculate the
    ECDSA key stored inside the eFuse. The commit adds a countermeasure
    for this attack. In this case the real ECDSA sign operation is
    masked under dummy ECDSA sign operations to hide its real power
    signature
 2024-09-23 18:55:43 +08:00
harshal.patil
46cbaa7d4d fix(mbedtls/ecc): Enable hardware ECC mult operations only for SOC_ECC_CONSTANT_TIME_MUL 
Co-authored-by: aditya.patwardhan <aditya.patwardhane@espressif.com>
 2024-09-20 18:46:55 +05:30
Mahavir Jain
a71e0fc028 Merge branch 'feature/enable_sha_support_for_esp32c61' into 'master' 
feat: enable support for sha peripheral in esp32c61

Closes IDF-9234

See merge request espressif/esp-idf!32830
 2024-09-20 13:22:14 +08:00
Mahavir Jain
f5b55b2967 Merge branch 'fix/ecdsa_verify_check_hash_len' into 'master' 
Wrap some mbedtls' ECDSA verification related APIs

See merge request espressif/esp-idf!33349
 2024-09-20 12:38:10 +08:00
JiangGuangMing
ee9a072c82 feat(mbedtls): bringup rom mbedtls feature to formal 2024-09-13 16:40:20 +08:00
nilesh.kale
12fc7a677e feat: enable support for sha peripheral in esp32c61 2024-09-11 14:49:01 +05:30
Jiang Guang Ming
5bb93061a3 feat(mbedtls): support rom mbedtls threading layer 2024-09-06 19:27:57 +08:00
Jiang Guang Ming
d0ec6fc04d fix(mbedtls): MBEDTLS_CMAC_C not effective when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled 2024-09-06 09:55:27 +08:00
Jiang Guang Ming
d74ff5224c feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4) 2024-09-06 09:55:27 +08:00
harshal.patil
c4f60d91f1 feat(mbedtls): Wrap mbedtls_ecdsa_read_signature to use ECDSA hardware when possible 2024-09-05 16:27:58 +05:30
harshal.patil
331fd7f79f fix(mbedtls/port): Check signature hash length before using ECDSA hardware 2024-09-05 16:27:58 +05:30
harshal.patil
945ad6ea5d ci(mbedtls): Enable PSRAM-related tests for ESP32-P4 and ESP32-C5 2024-08-30 17:19:12 +05:30
harshal.patil
c94986d793 fix(mbedtls): Fix https_request example build failure for mbedtls_config 
- This was caused due to some mbedtls confisg being defined but their all prerequisites were not
 2024-08-27 14:09:21 +05:30
Mahavir Jain
ad3a257390 Merge branch 'contrib/github_pr_14314' into 'master' 
perf(gcm): shrink Shoup table and tune GCM loop (GitHub PR)

Closes IDFGH-13409

Closes https://github.com/espressif/esp-idf/pull/14314

See merge request espressif/esp-idf!32908
 2024-08-21 12:12:10 +08:00
Richard Allen
0b51c24238 change(mbedtls/port): optimize gcm_mult() 
1) pre-shift GCM last4 to use 32-bit shift

On 32-bit architectures like Aarch32, RV32, Xtensa,
shifting a 64-bit variable by 32-bits is free,
since it changes the register representing half of the 64-bit var.
Pre-shift the last4 array to take advantage of this.

2) unroll first GCM iteration

The first loop of gcm_mult() is different from
the others. By unrolling it separately from the
others, the other iterations may take advantage
of the zero-overhead loop construct, in addition
to saving a conditional branch in the loop.
 2024-08-20 16:44:56 +08:00
harshal.patil
488b2a741d change(esp_security): Move the crypto locking layer into the security component 2024-08-20 12:35:22 +08:00
Mahavir Jain
a2de1ca576 fix(mbedtls): link esp-cryptoauthlib to mbedcrypto library 
If the certificate bundle feature is disabled then the mbedtls
component library becomes interface only component and hence
adding esp-cryptoauthlib as its PRIVATE dependency does not work.

Instead the esp-cryptoauthlib should be added as PRIVATE dependency
for mbedcrypto library (for alternate ECDSA implementation).
 2024-08-09 15:30:35 +05:30
Mahavir Jain
f477682938 Merge branch 'feature/remove_aes_rsa_ds_hmac_spport_for_c61' into 'master' 
feat: remove suppport for AES, RSA, DS and HMAC in esp32c61

Closes IDF-9326, IDF-9328, IDF-9323, and IDF-9325

See merge request espressif/esp-idf!31798
 2024-08-08 17:15:06 +08:00
Mahavir Jain
0aeb9653e7 Merge branch 'fix/avoid_extra_c2m_msync_in_aes_driver' into 'master' 
fix(mbedtls/aes): Avoid extra C2M sync of memory

See merge request espressif/esp-idf!32599
 2024-08-08 17:04:14 +08:00
harshal.patil
b9dc847ee2 fix(mbedtls/aes): Avoid extra C2M sync of memory 2024-08-08 09:12:31 +05:30
Richard Allen
bc56b4fc2e fix(mbedtls/port): fix codespell issues 
Fix a few comments codespell identified.
 2024-08-08 11:29:53 +08:00
Laukik Hase
e8477fb894 feat(mbedtls): Extend the esp_sha API to support SHA224 operations 2024-08-07 10:03:11 +05:30
nilesh.kale
e74dcb1fab feat: remove support for aes and rsa peripherals in esp32c61 2024-08-06 15:06:16 +05:30
nilesh.kale
5cc0110958 feat: enabled support for ecdsa in esp32c61 
This commit add ECDSA peripheral support in ESP32C61.
 2024-08-05 09:29:31 +05:30
Mahavir Jain
e40386bf4a Merge branch 'bugfix/check_return_values_in_ssl_handshake' into 'master' 
fix(mbedtls): Check return values of md functions during ssl handshake

Closes IDF-10478

See merge request espressif/esp-idf!32298
 2024-07-25 17:18:01 +08:00