alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-09-01 06:27:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
35,408 Commits 21 Branches 169 Tags
f8ca72cfe1967e0f4b200da5ec497eba7c6a6dbc
Commit Graph

107 Commits

Author SHA1 Message Date
Jiang Jiang Jian
3f72cc5410 Merge branch 'feat/bringup_esp32c2_rom_mbedtls_to_formal_feature_v5.2' into 'release/v5.2' 
feat(mbedtls): bringup rom mbedtls feature to formal (v5.2)

See merge request espressif/esp-idf!33801
 2024-09-27 12:15:51 +08:00
Mahavir Jain
b20225d06a Merge branch 'feat/support_esp32c2_eco4_rom_mbedtls_v3.6.0_lts_v5.2' into 'release/v5.2' 
feat(mbedtls): support esp32c2 eco4 rom mbedtls v3.6.0 lts v5.2 (backport v5.2)

See merge request espressif/esp-idf!33421
 2024-09-26 11:02:28 +08:00
JiangGuangMing
3bfe43fb68 feat(mbedtls): bringup rom mbedtls feature to formal 2024-09-25 11:52:35 +08:00
Aditya Patwardhan
5b6d8812d1 feat(hal): Add countermeasure for ECDSA generate signature 
The ECDSA peripheral before ECO5 of esp32h2 does not perform the ECDSA
    sign operation in constant time. This allows an attacker to read the
    power signature of the ECDSA sign operation and then calculate the
    ECDSA key stored inside the eFuse. The commit adds a countermeasure
    for this attack. In this case the real ECDSA sign operation is
    masked under dummy ECDSA sign operations to hide its real power
    signature
 2024-09-23 19:28:12 +05:30
Jiang Guang Ming
3340050eae feat(mbedtls): support rom mbedtls threading layer 2024-09-10 10:20:29 +08:00
Jiang Guang Ming
d4dea72f24 feat(mbedtls): select MBEDTLS_CMAC_C when MBEDTLS_USE_CRYPTO_ROM_IMPL enabled 2024-09-10 10:20:23 +08:00
Jiang Guang Ming
4c567bd203 feat(mbedtls): support ROM mbedtls v3.6.0 on C2 rev2.0(ECO4) 2024-09-10 10:20:14 +08:00
Aditya Patwardhan
b359cd85f1 Merge branch 'feature/mbedtls_error_str_config_v5.2' into 'release/v5.2' 
feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C (v5.2)

See merge request espressif/esp-idf!30104
 2024-04-11 11:53:24 +08:00
Mahavir Jain
b6f5573e0f feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C 
Disabling this config can reduce footprint for the cases where
mbedtls_strerror() is used and hence the debug strings are getting
pulled into the application image.
 2024-04-08 16:02:21 +05:30
harshal.patil
ca4f560f2b fix(mbedtls/gcm): Add support for software fallback for non-AES ciphers in a GCM operation 
- Even if the config MBEDTLS_HARDWARE_AES is enabled, we now support fallback
to software implementation of GCM operations when non-AES ciphers are used.
 2024-02-26 14:29:18 +05:30
Aditya Patwardhan
c1779ff8b7 fix(mbedtls): Removed redundant menuconfig entry 2023-11-29 09:50:12 +05:30
Jiang Guang Ming
37ec1cc592 feat(mbedtls): support C2 mbedtls can use crypto algorithm in ROM 2023-10-23 13:10:44 +08:00
Mahavir Jain
dbc33ca7aa Merge branch 'feature/add_intr_priority_config_option' into 'master' 
feat(mbedtls): Add config for interrupt priority in AES and RSA

Closes IDF-7963 and IDF-7964

See merge request espressif/esp-idf!26190
 2023-10-16 11:33:03 +08:00
nilesh.kale
cf4a7bb09d feat(mbedtls): Add config for interrupt priority in AES and RSA(MPI) 2023-10-12 11:06:13 +05:30
Mahavir Jain
0c3ed4f540 fix(mbedtls): remove deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION 
This config has been removed in the upstream mbedTLS starting 3.0
release. Please see mbedTLS changelog for more details.
 2023-10-11 09:32:32 +00:00
Daniel Mangum
35c428b0ec mbedtls: define MBEDTLS_SSL_CID_TLS1_3_PAD_GRANULARITY for CID padding 
Updates config to define the new MBEDTLS_SSL_CID_TLS1_3_PAD_GRANULARITY
option, which replaced the previously used
MBEDTLS_SSL_CID_PADDING_GRANULARITY. The old option is continuing to be
used as the new one exceeds the maximum length for an option name in
esp-idf.

See https://github.com/Mbed-TLS/mbedtls/pull/4490 for more information.

Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
 2023-09-08 11:45:55 +05:30
Jiang Guang Ming
3f2746688c feat(mbedtls): support ecp fixed-point multiplication configurable 2023-08-08 14:03:57 +08:00
harshal.patil
f30b58f665 mbedtls: Update config options as per release/v3.4.0 
- Added a Kconfig option for the newly added mbedtls option MBEDTLS_PKCS7_C
 2023-04-17 12:50:15 +05:30
Sachin Parekh
d2940c5ff3 mbedtls: Add port layer for ECDSA peripheral 2023-03-24 10:43:40 +05:30
Harshit Malpani
214627f14b mbedtls: Keep CONFIG_MBEDTLS_DYNAMIC_BUFFER disabled for Linux target 2023-02-27 15:12:14 +05:30
Laukik Hase
59de3948dc mbedtls: Update config options as per v3.3.0 release 2023-01-09 15:41:36 +05:30
Laukik Hase
28ac0b12fb mbedtls: Remove deprecated options from mbedtls/esp_config.h 
- Removed options related to RC4 ciphersuite, SSL3 and TLS1
  (as per mbedtls v3.1.0)
 2022-05-28 10:21:06 +05:30
Aditya Patwardhan
c27c6916a7 esp_crt_bundle: Add bounds checking for the "esp_crt_bundle_set" API. 
Closes https://github.com/espressif/esp-idf/issues/8397
 2022-03-31 13:11:11 +05:30
Mahavir Jain
3af2d15216 mbedtls: Fix build failures for ESP32-C2 with hardware SHA 
Clean support for SHA peripheral will appear with IDF-3830
 2022-03-22 02:06:30 +00:00
Mahavir Jain
36377b9cc3 mbedtls: use SOC capability macros instead of target names 2022-03-22 02:06:30 +00:00
Laukik Hase
1c65ab5307 mbedtls: Add config for MBEDTLS_PLATFORM_TIME_ALT 2022-03-14 09:42:33 +05:30
Laukik Hase
87d3296c37 mbedtls: Disable MBEDTLS_DYNAMIC_BUFFER when TLS 1.3 is enabled 
- Resulted in a crash in the handshake stage when
  used alongside TLS 1.3 (MBEDTLS_SSL_PROTO_TLS1_3)
- Fix build error when MBEDTLS_HARDWARE_SHA=n &&
  MBEDTLS_DYNAMIC_BUFFER=y
- Fix build error when TLS 1.3 is enabled with
  MBEDTLS_SSL_KEEP_PEER_CERTIFICATE=n
 2022-03-11 10:03:48 +05:30
Sachin Parekh
32a6550e87 mbedtls: Added ECC hardware accelerator support on ESP32C2 
ESP32C2 has a ECC hardware accelerator capable of performing point
multiplication and point verification with a significant performance
boost
 2022-03-08 14:05:23 +00:00
Laukik Hase
f5feb7813e mbedtls: Fix build errors related to TLS 1.3 
- Kconfig: Enabled MBEDTLS_HKDF_C by default when TLS 1.3 support is enabled
- esp-tls (mbedtls): Forced client to use TLS 1.3 when TLS 1.3 support is enabled
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
8cbfb18037 mbedtls-3.x: Update Kconfig macros 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
66a9243d3b mbedtls 3.X update: 
*MBEDTLS_ECDH_LEGACY_CONTEXT is now disabled by default.
*Fixed MBEDTLS_ECDH_LEGACY_CONTEXT issue for protocomm component.
*Removed all code under MBEDTLS_DEPRECATED_REMOVED
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
45122533e0 mbedtls-3 update: 
1) Fix build issue in mbedtls
2) skip the public headers check in IDF
3)Update Kconfig Macros
4)Remove deprecated config options
5) Update the sha API according to new nomenclature
6) Update mbedtls_rsa_init usage
7) Include mbedtls/build_info.h instead of mbedtls/config.h
8) Dont include check_config.h
9) Add additional error message in esp_blufi_api.h
 2022-03-03 01:37:10 +05:30
Laukik Hase
befc93aa2d mbedtls: Added option MBEDTLS_SSL_KEEP_PEER_CERTIFICATE 
- Removed code regarding MBEDTLS_DYNAMIC_FREE_PEER_CERT
  (config was kept for backward compatibility)
- Combined mbedTLS v2.28.x related options under a separate Kconfig menu
 2022-01-25 10:51:27 +05:30
Laukik Hase
285790e5aa mbedtls: Added config options for v2.28.0 upgrade 2022-01-25 10:51:27 +05:30
laokaiyao
cf049e15ed esp8684: rename target to esp32c2 2022-01-19 11:08:57 +08:00
Marius Vikhammer
ba3f12a9fe rsa: add generate RSA keys test case 2022-01-07 11:35:35 +08:00
Marius Vikhammer
a9a7160cb6 MPI: add kconfig option for doing intr-based exp-mod operations 2021-12-29 18:55:48 +08:00
Mahavir Jain
1f435b4703 Merge branch 'feature/mbedtls_dynamic_memory' into 'master' 
fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable...

Closes IDFGH-6437

See merge request espressif/esp-idf!16471
 2021-12-22 08:19:14 +00:00
Li Jingyi
2b1402890d fix(mbedtls): fix compiling error when open MBEDTLS_SSL_PROTO_DTLS and disable MBEDTLS_SSL_PROTO_DTLS when open MBEDTLS_DYNAMIC_BUFFER 2021-12-21 16:11:03 +08:00
Mahavir Jain
bcadeeb7d3 mbedtls: small documentation update 2021-12-20 10:27:44 +05:30
Mahavir Jain
1a390f4518 mbedtls: update kconfig help to correct on supported MPI bits 2021-11-29 15:13:02 +08:00
Cao Sen Miao
5add6593f4 ESP8684: Add esp_gdbstub, mbedtls, esp_timer 2021-11-06 17:33:45 +08:00
Mahavir Jain
8c9a3da695 mbedtls: disable Diffie-Hellman key exchange modes by default 
Using these ciphers can constitute a security risk if the server
uses a weak prime for the key exchange.

Footprint impact:
Roughly 3K saved in text+rodata in default https_request example
 2021-11-02 15:52:09 +08:00
Li Jingyi
b8892137f5 mbedtls: Add CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1 for support GMSSL component 
The configure will be enabled for GMSSL component and disabled as default because of it doesn't provide by IDF project.
 2021-07-28 19:54:58 +08:00
Kapil Gupta
38d6772507 mbedtls: Add config option key element and key element ext 2021-07-08 09:23:22 +05:30
Shu Chen
6fce2930d0 esp32h2: enable more components to support esp32h2 
Involved components:
 * app_trace
 * esp-tls
 * esp_adc_cal
 * esp_pm
 * esp_serial_slave_link
 * esp_timer
 * freertos
 * idf_test
 * log
 * mbedtls
 * newlib
 * perfmon
 * spi_flash
 * spiffs
 * ulp
 * unity
 * vfs
 2021-07-01 19:53:11 +08:00
Aditya Patwardhan
e44bd93cc9 i) wpa_supplicant: Force enable the necessary options for mbedtls in the wpa_supplicant to fix illegal combinations in mbedtls 
ii) Fix dependancy for one option in mbedtls menuconfig
 2021-06-20 08:39:51 +05:30
Marius Vikhammer
4786f2d88a aes/sha/rsa: update registers for ESP32-S3 
Updates register headers for ESP32-S3 and default
crypto accelerators for S3 to enabled
 2021-06-08 14:15:18 +08:00
Marius Vikhammer
9b4ba3d707 crypto: initial S3 Beta 3 bringup and testing for SHA/AES/RSA/flash enc 2021-05-18 11:25:41 +08:00
Marcel Kottmann
cf4b9ef854 mbedtls: Allow external mem alloc for ESP32-S2 
Closes https://github.com/espressif/esp-idf/pull/6998
Closes IDFGH-5226
 2021-05-17 10:43:42 +00:00