harshal.patil 
							
						 
					 
					
						
						
							
						
						97c9eae41d 
					 
					
						
						
							
							feat(mbedtls/esp_crt_bundle): Move dummy cert to .rodata to save 408B from dram  
						
						... 
						
						
						
						Co-authored-by: Hanno <h.binder@web.de > 
						
						
					 
					
						2024-10-16 16:41:39 +05:30 
						 
				 
			
				
					
						
							
							
								jim 
							
						 
					 
					
						
						
							
						
						35b4151fee 
					 
					
						
						
							
							mbedtls: Fix enable dynamic mbedtls will occur heap corruption when server support TLS renegotiation  
						
						
						
						
					 
					
						2024-01-24 17:53:09 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						bf59005fe1 
					 
					
						
						
							
							fix(mbedtls): dynamic buffer feature issue with mbedtls 3.5.0  
						
						... 
						
						
						
						Set max TLS version in the SSL context during setup phase. Dynamic
buffer feature overrides the `mbedtls_ssl_setup` API and hence
this change is required per upstream 3.5.0 codebase change. 
						
						
					 
					
						2023-10-17 10:03:39 +00:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						ec8268d863 
					 
					
						
						
							
							fix(mbedtls): Build issue in dynamic buffer feature  
						
						... 
						
						
						
						Fix build issue in mbedTLS dynamic buffer feature with
`CONFIG_MBEDTLS_DHM_C` enabled case.
Closes https://github.com/espressif/esp-idf/issues/11770  
						
						
					 
					
						2023-07-03 04:01:19 +00:00 
						 
				 
			
				
					
						
							
							
								harshal.patil 
							
						 
					 
					
						
						
							
						
						0116dcb578 
					 
					
						
						
							
							mbedtls: replace low-level sha apis with md apis in esp_ssl_tls  
						
						
						
						
					 
					
						2023-04-24 11:56:56 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						1e4493e592 
					 
					
						
						
							
							mbedtls: Fix build with dynamic buffers feature  
						
						
						
						
					 
					
						2023-01-09 15:41:36 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						aeb42ce3a7 
					 
					
						
						
							
							https_server: Fix example when MBEDTLS_DYNAMIC_BUFFER is enabled  
						
						... 
						
						
						
						- While checking if ciphersuite uses RSA key exchange methods,
  the APIs `mbedtls_ssl_get_ciphersuite_id_from_ssl` and
  `mbedtls_ssl_ciphersuite_from_id` were used to get the ciphersuite
  info.
- However, this is incorrect as we need the ciphersuite info from the
  handshake instance and not the ssl_session instance. 
						
						
					 
					
						2022-09-30 23:25:27 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						d7eb2c7b4e 
					 
					
						
						
							
							mbedtls: MBEDTLS_PRIVATE & MBEDTLS_ALLOW_PRIVATE_ACCESS-related cleanup  
						
						
						
						
					 
					
						2022-09-29 10:13:14 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						9b290e3668 
					 
					
						
						
							
							mbedtls/port: Fix dynamic buffers feature for v3.2.1  
						
						... 
						
						
						
						Co-authored-by: Li Jingyi <lijingyi@espressif.com > 
						
						
					 
					
						2022-08-24 11:59:34 +05:30 
						 
				 
			
				
					
						
							
							
								Li Jingyi 
							
						 
					 
					
						
						
							
						
						c88af419a3 
					 
					
						
						
							
							mbedtls: fix ssl server crash when enable mbedtls dynamic buffer  
						
						... 
						
						
						
						Not free keycert until MBEDTLS_SSL_CLIENT_KEY_EXCHANGE for rsa key exchange methods, because keycert will be used to parse client key exchange. 
						
						
					 
					
						2022-05-20 11:21:48 +00:00 
						 
				 
			
				
					
						
							
							
								Li Jingyi 
							
						 
					 
					
						
						
							
						
						fa3cbf9162 
					 
					
						
						
							
							fix(mbedtls): fix ssl server memory leak when enable mbedtls dynamic buffer function  
						
						
						
						
					 
					
						2022-05-09 13:56:20 +00:00 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						87d3296c37 
					 
					
						
						
							
							mbedtls: Disable MBEDTLS_DYNAMIC_BUFFER when TLS 1.3 is enabled  
						
						... 
						
						
						
						- Resulted in a crash in the handshake stage when
  used alongside TLS 1.3 (MBEDTLS_SSL_PROTO_TLS1_3)
- Fix build error when MBEDTLS_HARDWARE_SHA=n &&
  MBEDTLS_DYNAMIC_BUFFER=y
- Fix build error when TLS 1.3 is enabled with
  MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n 
						
						
					 
					
						2022-03-11 10:03:48 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						3925365351 
					 
					
						
						
							
							ci: Fix pre-check stage failing tests  
						
						... 
						
						
						
						- Updated license headers
- Re-enabled public headers and static analysis checks
- Fix public header file check failure
Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com > 
						
						
					 
					
						2022-03-03 01:37:10 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						60b167f2d6 
					 
					
						
						
							
							mbedtls-3.1 update: Removed the MBEDTLS_PRIVATE from multiple files  
						
						... 
						
						
						
						after they have been again made public in mbedtls-3.1
*Added `MBEDTLS_ALLOW_PRIVATE_ACCESS` in some files. 
						
						
					 
					
						2022-03-03 01:37:10 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						3b71bd7326 
					 
					
						
						
							
							mbedtls-3.0: Fixed ESP32 build issues  
						
						... 
						
						
						
						- Added MBEDLTS_PRIVATE(...) wherever necessary
- For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function
  pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL
- For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this.
  Currently, corresponding snippet has been commented.
- Examples tested: hello-world | https_request | wifi_prov_mgr
mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues
- Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port
- DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument
- Added MBEDTLS_PRIVATE(...) wherever required
mbedtls-3.0: Fixed ESP32-S2 build issues
- Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module
mbedtls-3.0: Fixed ESP32-H2 build issues
ci: Fixing build stage
- Added MBEDTLS_PRIVATE(...) wherever required
- Added RNG function parameter
- Updated GCM Module changes
- Updated Copyright notices
- Tests:
- build_esp_idf_tests_cmake_esp32
- build_esp_idf_tests_cmake_esp32s2
- build_esp_idf_tests_cmake_esp32c3
- build_esp_idf_tests_cmake_esp32s3
ci: Fixing build stage (mbedtls-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
ci: Fixing build stage (example-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
ci: Fixing target_test stage
- Updated test SSL version to TLS_v1_2
- Tests:
- example_test_protocols 1/2
ci: Fixing build stage
- Added checks for MBEDTLS_DHM_C (disabled by default)
- Updated esp_cryptoauthlib submodule
- Updated factory partition size for legacy BLE provisioning example
- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3
Co-authored-by: Laukik Hase <laukik.hase@espressif.com > 
						
						
					 
					
						2022-03-03 01:37:10 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						45122533e0 
					 
					
						
						
							
							mbedtls-3 update:  
						
						... 
						
						
						
						1) Fix build issue in mbedtls
2) skip the public headers check in IDF
3)Update Kconfig Macros
4)Remove deprecated config options
5) Update the sha API according to new nomenclature
6) Update mbedtls_rsa_init usage
7) Include mbedtls/build_info.h instead of mbedtls/config.h
8) Dont include check_config.h
9) Add additional error message in esp_blufi_api.h 
						
						
					 
					
						2022-03-03 01:37:10 +05:30 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						0483bfbbfe 
					 
					
						
						
							
							Initial Changes for updating mbedtls to v3.0  
						
						
						
						
					 
					
						2022-03-03 01:37:09 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						424c45df91 
					 
					
						
						
							
							ci: Fix issues for build stage  
						
						... 
						
						
						
						- Fixed logs expecting different format specifier
- Updated ignore list for check_public_header test
- Updated functions ported from mbedTLS 
						
						
					 
					
						2022-01-25 10:51:27 +05:30 
						 
				 
			
				
					
						
							
							
								Laukik Hase 
							
						 
					 
					
						
						
							
						
						befc93aa2d 
					 
					
						
						
							
							mbedtls: Added option MBEDTLS_SSL_KEEP_PEER_CERTIFICATE  
						
						... 
						
						
						
						- Removed code regarding MBEDTLS_DYNAMIC_FREE_PEER_CERT
  (config was kept for backward compatibility)
- Combined mbedTLS v2.28.x related options under a separate Kconfig menu 
						
						
					 
					
						2022-01-25 10:51:27 +05:30 
						 
				 
			
				
					
						
							
							
								Li Jingyi 
							
						 
					 
					
						
						
							
						
						2b1402890d 
					 
					
						
						
							
							fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable MBEDTLS_SSL_PROTO_DTLS when open MBEDTLS_DYNAMIC_BUFFER  
						
						
						
						
					 
					
						2021-12-21 16:11:03 +08:00 
						 
				 
			
				
					
						
							
							
								Li Jingyi 
							
						 
					 
					
						
						
							
						
						981ef057c4 
					 
					
						
						
							
							feat(mbedtls): modify __wrap_mbedtls_ssl_setup to decrease SSL peak heap cost  
						
						
						
						
					 
					
						2021-12-01 17:15:25 +08:00 
						 
				 
			
				
					
						
							
							
								Mahavir Jain 
							
						 
					 
					
						
						
							
						
						f7ed95349f 
					 
					
						
						
							
							mbedtls: fix dynamic buffer feature build  
						
						
						
						
					 
					
						2021-11-02 15:52:09 +08:00 
						 
				 
			
				
					
						
							
							
								yuanjm 
							
						 
					 
					
						
						
							
						
						93604b1a11 
					 
					
						
						
							
							mbedtls: Fix mbedtls_ssl_send_alert_message crash due to ssl->out_iv is NULL  
						
						
						
						
					 
					
						2021-04-22 09:33:59 +00:00 
						 
				 
			
				
					
						
							
							
								Aditya Patwardhan 
							
						 
					 
					
						
						
							
						
						bf513b6f31 
					 
					
						
						
							
							Fix esp_tls: Prevent freeing of global ca store after each connection  
						
						... 
						
						
						
						when dynamic ssl buffers are enabled 
						
						
					 
					
						2021-02-25 00:26:13 +00:00 
						 
				 
			
				
					
						
							
							
								Dong Heng 
							
						 
					 
					
						
						
							
						
						1c9592efc4 
					 
					
						
						
							
							fix(mbedtls): fix mbedtls dynamic resource memory leaks and RSA cert drop earlier  
						
						... 
						
						
						
						RX process caches the session information in "ssl->in_ctr" not in "ssl->in_buf".
So when freeing the SSL, can't free the "ssl->in_ctr", because the "ssl->in_buf"
is empty.
Make the RX process like TX process, and cache the session information in
"ssl->in_buf", so that the cache buffer can be freed when freeing the SSL.
Closes https://github.com/espressif/esp-idf/issues/6104  
						
						
					 
					
						2020-11-19 07:31:50 +00:00 
						 
				 
			
				
					
						
							
							
								Angus Gratton 
							
						 
					 
					
						
						
							
						
						66fb5a29bb 
					 
					
						
						
							
							Whitespace: Automated whitespace fixes (large commit)  
						
						... 
						
						
						
						Apply the pre-commit hook whitespace fixes to all files in the repo.
(Line endings, blank lines at end of file, trailing whitespace) 
						
						
					 
					
						2020-11-11 07:36:35 +00:00 
						 
				 
			
				
					
						
							
							
								Dong Heng 
							
						 
					 
					
						
						
							
						
						3d57bf30a2 
					 
					
						
						
							
							feat(mbedtls): add dynamic buffer and local resource managment to decrease SSL heap cost  
						
						
						
						
					 
					
						2020-05-14 11:45:09 +00:00