From 4abcb123be56ca1d4ca91ec2f356cee5c6559498 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Thu, 22 Jan 2026 15:39:03 +0800 Subject: [PATCH 1/5] change(mbedtls): update mbedTLS default configs 1. Disables MBEDTLS_ARIA_C by default 2. SECP192R1 support is disabled by default --- components/mbedtls/Kconfig | 5 ++++- components/mbedtls/config/mbedtls_preset_default.conf | 2 +- components/mbedtls/port/include/mbedtls/esp_config.h | 2 -- docs/en/migration-guides/release-6.x/6.0/security.rst | 10 ++++++++++ 4 files changed, 15 insertions(+), 4 deletions(-) diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig index d06280fdf1..d4be891dbb 100644 --- a/components/mbedtls/Kconfig +++ b/components/mbedtls/Kconfig @@ -868,7 +868,7 @@ menu "mbedTLS" config MBEDTLS_ARIA_C bool "ARIA block cipher" - default y + default n config MBEDTLS_CAMELLIA_SMALL_MEMORY bool "Use small memory implementation of Camellia" @@ -1272,6 +1272,7 @@ menu "mbedTLS" help Enable hardware accelerated ECDSA peripheral to verify signature on curve SECP192R1 and SECP256R1 in mbedTLS. + Note that SECP192R1 support is disabled by default. menu "Enable Software Countermeasure for ECDSA signing using on-chip ECDSA peripheral" depends on MBEDTLS_HARDWARE_ECDSA_SIGN @@ -1312,6 +1313,7 @@ menu "mbedTLS" help Enable hardware accelerated ECDSA peripheral to sign data on curve SECP192R1 and SECP256R1 in mbedTLS. + Note that SECP192R1 support is disabled by default. Note that for signing, the private key has to be burnt in an efuse key block with key purpose set to ECDSA_KEY. @@ -1332,6 +1334,7 @@ menu "mbedTLS" help Enable hardware accelerated ECC point multiplication and point verification for points on curve SECP192R1 and SECP256R1 in mbedTLS + Note that SECP192R1 support is disabled by default. config MBEDTLS_ECC_OTHER_CURVES_SOFT_FALLBACK bool "Fallback to software implementation for curves not supported in hardware" diff --git a/components/mbedtls/config/mbedtls_preset_default.conf b/components/mbedtls/config/mbedtls_preset_default.conf index 8e7a211649..e4d7bd74e9 100644 --- a/components/mbedtls/config/mbedtls_preset_default.conf +++ b/components/mbedtls/config/mbedtls_preset_default.conf @@ -92,7 +92,7 @@ CONFIG_MBEDTLS_SSL_PROTO_DTLS=n # Symmetric Ciphers CONFIG_MBEDTLS_AES_C=y CONFIG_MBEDTLS_CAMELLIA_C=n -CONFIG_MBEDTLS_ARIA_C=y +CONFIG_MBEDTLS_ARIA_C=n CONFIG_MBEDTLS_DES_C=n CONFIG_MBEDTLS_CCM_C=y CONFIG_MBEDTLS_CIPHER_MODE_CBC=y diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h index 64dd7635d7..8fd8408ec0 100644 --- a/components/mbedtls/port/include/mbedtls/esp_config.h +++ b/components/mbedtls/port/include/mbedtls/esp_config.h @@ -60,8 +60,6 @@ */ #define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS -#define PSA_WANT_ECC_SECP_R1_192 1 - /** * \name SECTION: System support * diff --git a/docs/en/migration-guides/release-6.x/6.0/security.rst b/docs/en/migration-guides/release-6.x/6.0/security.rst index 707e7354e0..7d98a63265 100644 --- a/docs/en/migration-guides/release-6.x/6.0/security.rst +++ b/docs/en/migration-guides/release-6.x/6.0/security.rst @@ -60,6 +60,16 @@ ESP-IDF v6.0 updates to Mbed TLS v4.0, where **PSA Crypto is the primary cryptog - 41084 - 4.97 + + +Default configuration changes +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +- Note: The default Mbed TLS configuration in ESP-IDF v6.0 has been tightened for security and footprint: + + - ``MBEDTLS_ARIA_C`` is disabled by default. Applications that rely on ARIA must explicitly enable it in ``menuconfig`` (Component config -> mbedTLS) or by customizing ``components/mbedtls/config/mbedtls_preset_default.conf``. + - Support for ``secp192r1`` is disabled by default, consistent with the removal of support for elliptic curves smaller than 250 bits in certificates and TLS. If an application still requires legacy curve support outside TLS/certificates, it must be enabled explicitly (for example by defining ``PSA_WANT_ECC_SECP_R1_192=1``) and validated for compatibility. Note: this legacy support may be disabled in the next minor ESP-IDF release. + References ^^^^^^^^^^ From 0aef47a07e784ebcf949d0fa8fc41b808ae50b17 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Thu, 22 Jan 2026 16:34:15 +0800 Subject: [PATCH 2/5] change(mbedtls): rename builtin to mbed-builtin --- components/mbedtls/CMakeLists.txt | 3 + components/mbedtls/test_apps/main/test_ecp.c | 24 +---- .../mbedtls/test_apps/main/test_psa_ecdsa.c | 93 +------------------ .../mbedtls/test_apps/main/test_psa_gcm.c | 13 +-- .../mbedtls/test_apps/pytest_mbedtls_ut.py | 15 ++- .../mbedtls/test_apps/sdkconfig.ci.aria | 1 + 6 files changed, 27 insertions(+), 122 deletions(-) create mode 100644 components/mbedtls/test_apps/sdkconfig.ci.aria diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt index e8eac5da22..1e69282055 100644 --- a/components/mbedtls/CMakeLists.txt +++ b/components/mbedtls/CMakeLists.txt @@ -186,6 +186,9 @@ endif() # Core libraries from the mbedTLS project set(mbedtls_targets mbedtls mbedx509 tfpsacrypto builtin) +add_library(mbed-builtin ALIAS builtin) +set_target_properties(builtin PROPERTIES OUTPUT_NAME "mbed-builtin") + target_include_directories(tfpsacrypto PUBLIC "port/include") message(STATUS "Setting up mbedtls configuration") diff --git a/components/mbedtls/test_apps/main/test_ecp.c b/components/mbedtls/test_apps/main/test_ecp.c index dc514efcdd..df8a684339 100644 --- a/components/mbedtls/test_apps/main/test_ecp.c +++ b/components/mbedtls/test_apps/main/test_ecp.c @@ -3,7 +3,7 @@ * Focus on testing functionality where we use ESP32 hardware * accelerated crypto features. * - * SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2021-2026 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -308,9 +308,7 @@ static void test_ecp_mul(mbedtls_ecp_group_id id, const uint8_t *x_coord, const TEST_ASSERT_EQUAL(0, memcmp(x, result_x_coord, mbedtls_mpi_size(&R.MBEDTLS_PRIVATE(X)))); TEST_ASSERT_EQUAL(0, memcmp(y, result_y_coord, mbedtls_mpi_size(&R.MBEDTLS_PRIVATE(Y)))); - if (id == MBEDTLS_ECP_DP_SECP192R1) { - TEST_PERFORMANCE_CCOMP_LESS_THAN(ECP_P192_POINT_MULTIPLY_OP, "%" NEWLIB_NANO_COMPAT_FORMAT" us", NEWLIB_NANO_COMPAT_CAST(elapsed_time)); - } else if (id == MBEDTLS_ECP_DP_SECP256R1) { + if (id == MBEDTLS_ECP_DP_SECP256R1) { TEST_PERFORMANCE_CCOMP_LESS_THAN(ECP_P256_POINT_MULTIPLY_OP, "%" NEWLIB_NANO_COMPAT_FORMAT" us", NEWLIB_NANO_COMPAT_CAST(elapsed_time)); #if SOC_ECC_SUPPORT_CURVE_P384 } else if (id == MBEDTLS_ECP_DP_SECP384R1) { @@ -326,15 +324,6 @@ static void test_ecp_mul(mbedtls_ecp_group_id id, const uint8_t *x_coord, const mbedtls_ecp_group_free(&grp); } -TEST_CASE("mbedtls ECP point multiply with SECP192R1", "[mbedtls]") -{ - test_ecp_mul(MBEDTLS_ECP_DP_SECP192R1, ecc_p192_point_x, ecc_p192_point_y, ecc_p192_scalar, - ecc_p192_mul_res_x, ecc_p192_mul_res_y); - - test_ecp_mul(MBEDTLS_ECP_DP_SECP192R1, ecc_p192_point_x, ecc_p192_point_y, NULL, - ecc_p192_small_mul_res_x, ecc_p192_small_mul_res_y); -} - TEST_CASE("mbedtls ECP point multiply with SECP256R1", "[mbedtls]") { test_ecp_mul(MBEDTLS_ECP_DP_SECP256R1, ecc_p256_point_x, ecc_p256_point_y, ecc_p256_scalar, @@ -383,9 +372,7 @@ static void test_ecp_verify(mbedtls_ecp_group_id id, const uint8_t *x_coord, con TEST_ASSERT_EQUAL(0, ret); - if (id == MBEDTLS_ECP_DP_SECP192R1) { - TEST_PERFORMANCE_CCOMP_LESS_THAN(ECP_P192_POINT_VERIFY_OP, "%" NEWLIB_NANO_COMPAT_FORMAT" us", NEWLIB_NANO_COMPAT_CAST(elapsed_time)); - } else if (id == MBEDTLS_ECP_DP_SECP256R1) { + if (id == MBEDTLS_ECP_DP_SECP256R1) { TEST_PERFORMANCE_CCOMP_LESS_THAN(ECP_P256_POINT_VERIFY_OP, "%" NEWLIB_NANO_COMPAT_FORMAT" us", NEWLIB_NANO_COMPAT_CAST(elapsed_time)); #if SOC_ECC_SUPPORT_CURVE_P384 } else if (id == MBEDTLS_ECP_DP_SECP384R1) { @@ -399,11 +386,6 @@ static void test_ecp_verify(mbedtls_ecp_group_id id, const uint8_t *x_coord, con mbedtls_ecp_group_free(&grp); } -TEST_CASE("mbedtls ECP point verify with SECP192R1", "[mbedtls]") -{ - test_ecp_verify(MBEDTLS_ECP_DP_SECP192R1, ecc_p192_mul_res_x, ecc_p192_mul_res_y); -} - TEST_CASE("mbedtls ECP point verify with SECP256R1", "[mbedtls]") { test_ecp_verify(MBEDTLS_ECP_DP_SECP256R1, ecc_p256_mul_res_x, ecc_p256_mul_res_y); diff --git a/components/mbedtls/test_apps/main/test_psa_ecdsa.c b/components/mbedtls/test_apps/main/test_psa_ecdsa.c index 1ebe7dfe6c..c9c1d25f78 100644 --- a/components/mbedtls/test_apps/main/test_psa_ecdsa.c +++ b/components/mbedtls/test_apps/main/test_psa_ecdsa.c @@ -195,10 +195,6 @@ void test_ecdsa_verify(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8 psa_set_key_algorithm(&key_attr, PSA_ALG_ECDSA(PSA_ALG_SHA_256)); switch (curve) { - case ESP_ECDSA_CURVE_SECP192R1: - plen = 192; - hash_len = HASH_LEN; - break; case ESP_ECDSA_CURVE_SECP256R1: plen = 256; hash_len = HASH_LEN; @@ -237,9 +233,7 @@ void test_ecdsa_verify(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8 TEST_ASSERT_EQUAL(PSA_SUCCESS, status); elapsed_time = ccomp_timer_stop(); - if (curve == ESP_ECDSA_CURVE_SECP192R1) { - TEST_PERFORMANCE_CCOMP_LESS_THAN(ECDSA_P192_VERIFY_OP, "%" NEWLIB_NANO_COMPAT_FORMAT" us", NEWLIB_NANO_COMPAT_CAST(elapsed_time)); - } else if (curve == ESP_ECDSA_CURVE_SECP256R1) { + if (curve == ESP_ECDSA_CURVE_SECP256R1) { TEST_PERFORMANCE_CCOMP_LESS_THAN(ECDSA_P256_VERIFY_OP, "%" NEWLIB_NANO_COMPAT_FORMAT" us", NEWLIB_NANO_COMPAT_CAST(elapsed_time)); } #if SOC_ECDSA_SUPPORT_CURVE_P384 @@ -251,16 +245,6 @@ void test_ecdsa_verify(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8 psa_reset_key_attributes(&key_attr); } -TEST_CASE("mbedtls ECDSA signature verification performance on SECP192R1", "[mbedtls]") -{ -#if SOC_ECDSA_SUPPORTED - if (!ecdsa_ll_is_supported()) { - TEST_IGNORE_MESSAGE("ECDSA is not supported"); - } -#endif - test_ecdsa_verify(ESP_ECDSA_CURVE_SECP192R1, sha, ecdsa192_r, ecdsa192_s, ecdsa192_pub_x, ecdsa192_pub_y); -} - TEST_CASE("mbedtls ECDSA signature verification performance on SECP256R1", "[mbedtls]") { #if SOC_ECDSA_SUPPORTED @@ -291,11 +275,9 @@ TEST_CASE("mbedtls ECDSA signature verification performance on SECP384R1", "[mbe /* * This test assumes that ECDSA private key has been burnt in efuse. * - * ecdsa_key_p192.pem must be burnt in efuse block 4 * ecdsa_key_p256.pem must be burnt in efuse block 5 * ecdsa_key_p384.pem must be burnt in efuse block 6 and 7 */ -#define SECP192R1_EFUSE_BLOCK 4 // EFUSE_BLK_KEY0 #define SECP256R1_EFUSE_BLOCK 5 // EFUSE_BLK_KEY1 #define SECP384R1_EFUSE_BLOCK_HIGH 6 // EFUSE_BLK_KEY2 #define SECP384R1_EFUSE_BLOCK_LOW 7 // EFUSE_BLK_KEY3 @@ -327,11 +309,6 @@ void test_ecdsa_sign(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8_t psa_algorithm_t sha_alg = 0; switch (curve) { - case ESP_ECDSA_CURVE_SECP192R1: - hash_len = HASH_LEN; - plen = 192; - sha_alg = PSA_ALG_SHA_256; - break; case ESP_ECDSA_CURVE_SECP256R1: hash_len = HASH_LEN; plen = 256; @@ -390,14 +367,6 @@ void test_ecdsa_sign(esp_ecdsa_curve_t curve, const uint8_t *hash, const uint8_t psa_reset_key_attributes(&priv_attr); } -TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][efuse_key]") -{ - if (!ecdsa_ll_is_supported()) { - TEST_IGNORE_MESSAGE("ECDSA is not supported"); - } - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP192R1, sha, ecdsa192_pub_x, ecdsa192_pub_y, false, SECP192R1_EFUSE_BLOCK); -} - TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][efuse_key]") { if (!ecdsa_ll_is_supported()) { @@ -442,17 +411,6 @@ static void deploy_key_in_key_manager(const uint8_t *k1_encrypted, esp_key_mgr_k free(key_config); } -TEST_CASE("mbedtls ECDSA signature generation on SECP192R1", "[mbedtls][key_manager_key]") -{ - if (!key_mgr_ll_is_supported()) { - TEST_IGNORE_MESSAGE("Key manager is not supported"); - } - - deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_192); - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP192R1, sha, ecdsa192_pub_x, ecdsa192_pub_y, false, USE_ECDSA_KEY_FROM_KEY_MANAGER); - esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY); -} - TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_manager_key]") { if (!key_mgr_ll_is_supported()) { @@ -466,14 +424,6 @@ TEST_CASE("mbedtls ECDSA signature generation on SECP256R1", "[mbedtls][key_mana #endif /* SOC_KEY_MANAGER_SUPPORTED */ #ifdef SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE -TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][efuse_key]") -{ - if (!ecdsa_ll_is_deterministic_mode_supported()) { - ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); - } else { - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP192R1, sha, ecdsa192_pub_x, ecdsa192_pub_y, true, SECP192R1_EFUSE_BLOCK); - } -} TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbedtls][efuse_key]") { @@ -493,20 +443,6 @@ TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP384R1", "[mbe #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ #if SOC_KEY_MANAGER_SUPPORTED -TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP192R1", "[mbedtls][key_manager_key]") -{ - if (!key_mgr_ll_is_supported()) { - TEST_IGNORE_MESSAGE("Key manager is not supported"); - } - - if (!ecdsa_ll_is_deterministic_mode_supported()) { - ESP_LOGI(TAG, "Skipping test because ECDSA deterministic mode is not supported."); - } else { - deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_192); - test_ecdsa_sign(ESP_ECDSA_CURVE_SECP192R1, sha, ecdsa192_pub_x, ecdsa192_pub_y, true, USE_ECDSA_KEY_FROM_KEY_MANAGER); - esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY); - } -} TEST_CASE("mbedtls ECDSA deterministic signature generation on SECP256R1", "[mbedtls][key_manager_key]") { @@ -538,10 +474,6 @@ void test_ecdsa_export_pubkey(esp_ecdsa_curve_t curve, const uint8_t *pub_x, con psa_algorithm_t sha_alg = 0; switch (curve) { - case ESP_ECDSA_CURVE_SECP192R1: - plen = 192; - sha_alg = PSA_ALG_SHA_256; - break; case ESP_ECDSA_CURVE_SECP256R1: plen = 256; sha_alg = PSA_ALG_SHA_256; @@ -588,14 +520,6 @@ void test_ecdsa_export_pubkey(esp_ecdsa_curve_t curve, const uint8_t *pub_x, con psa_reset_key_attributes(&key_attr); } -TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][efuse_key]") -{ - if (!ecdsa_ll_is_supported()) { - TEST_IGNORE_MESSAGE("ECDSA is not supported"); - } - test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP192R1, ecdsa192_pub_x, ecdsa192_pub_y, SECP192R1_EFUSE_BLOCK); -} - TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][efuse_key]") { if (!ecdsa_ll_is_supported()) { @@ -613,16 +537,6 @@ TEST_CASE("mbedtls ECDSA export public key on SECP384R1", "[mbedtls][efuse_key]" #endif /* SOC_ECDSA_SUPPORT_CURVE_P384 */ #if SOC_KEY_MANAGER_SUPPORTED -TEST_CASE("mbedtls ECDSA export public key on SECP192R1", "[mbedtls][key_manager_key]") -{ - if (!key_mgr_ll_is_supported()) { - TEST_IGNORE_MESSAGE("Key manager is not supported"); - } - - deploy_key_in_key_manager(k1_ecdsa192_encrypt, ESP_KEY_MGR_ECDSA_KEY, ESP_KEY_MGR_ECDSA_LEN_192); - test_ecdsa_export_pubkey(ESP_ECDSA_CURVE_SECP192R1, ecdsa192_pub_x, ecdsa192_pub_y, USE_ECDSA_KEY_FROM_KEY_MANAGER); - esp_key_mgr_deactivate_key(ESP_KEY_MGR_ECDSA_KEY); -} TEST_CASE("mbedtls ECDSA export public key on SECP256R1", "[mbedtls][key_manager_key]") { @@ -644,11 +558,6 @@ void test_ecdsa_sign_verify_import_export_error_codes(esp_ecdsa_curve_t curve, c psa_algorithm_t sha_alg = 0; switch (curve) { - case ESP_ECDSA_CURVE_SECP192R1: - hash_len = HASH_LEN; - plen = 192; - sha_alg = PSA_ALG_SHA_256; - break; case ESP_ECDSA_CURVE_SECP256R1: hash_len = HASH_LEN; plen = 256; diff --git a/components/mbedtls/test_apps/main/test_psa_gcm.c b/components/mbedtls/test_apps/main/test_psa_gcm.c index 5bc858a0c5..f747a9b0d3 100644 --- a/components/mbedtls/test_apps/main/test_psa_gcm.c +++ b/components/mbedtls/test_apps/main/test_psa_gcm.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2025-2026 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Unlicense OR CC0-1.0 */ @@ -13,8 +13,7 @@ #include "unity.h" #include "sdkconfig.h" -#if CONFIG_MBEDTLS_GCM_SUPPORT_NON_AES_CIPHER - +#ifdef CONFIG_MBEDTLS_ARIA_C static const uint8_t key_256[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, @@ -22,10 +21,8 @@ static const uint8_t key_256[] = { 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, }; -TEST_CASE("PSA ARIA-GCM multipart", "[psa-gcm]") +TEST_CASE("PSA ARIA-GCM multipart", "[psa-gcm][aria]") { - // TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_crypto_init()); - const size_t SZ = 100; const size_t iv_SZ = 12; // GCM typically uses 12 bytes IV const size_t tag_SZ = 16; // GCM tag size @@ -134,7 +131,7 @@ TEST_CASE("PSA ARIA-GCM multipart", "[psa-gcm]") psa_destroy_key(key_id); } -TEST_CASE("PSA ARIA-GCM one-shot", "[psa-gcm]") +TEST_CASE("PSA ARIA-GCM one-shot", "[psa-gcm][aria]") { // TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_crypto_init()); @@ -209,4 +206,4 @@ TEST_CASE("PSA ARIA-GCM one-shot", "[psa-gcm]") /* Destroy the key */ psa_destroy_key(key_id); } -#endif /* CONFIG_MBEDTLS_GCM_SUPPORT_NON_AES_CIPHER */ +#endif /* CONFIG_MBEDTLS_ARIA_C */ diff --git a/components/mbedtls/test_apps/pytest_mbedtls_ut.py b/components/mbedtls/test_apps/pytest_mbedtls_ut.py index 2edea13c17..6723bef695 100644 --- a/components/mbedtls/test_apps/pytest_mbedtls_ut.py +++ b/components/mbedtls/test_apps/pytest_mbedtls_ut.py @@ -1,4 +1,4 @@ -# SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD +# SPDX-FileCopyrightText: 2022-2026 Espressif Systems (Shanghai) CO LTD # SPDX-License-Identifier: CC0-1.0 import pytest from pytest_embedded import Dut @@ -116,3 +116,16 @@ def test_mbedtls_ecdsa_sign(dut: Dut) -> None: @idf_parametrize('target', ['esp32s3'], indirect=['target']) def test_mbedtls_ds_rsa(dut: Dut) -> None: dut.run_all_single_board_cases(group='ds_rsa') + + +@pytest.mark.generic +@pytest.mark.parametrize( + 'config', + [ + 'aria', + ], + indirect=True, +) +@idf_parametrize('target', ['esp32s3'], indirect=['target']) +def test_mbedtls_aria(dut: Dut) -> None: + dut.run_all_single_board_cases(group='aria') diff --git a/components/mbedtls/test_apps/sdkconfig.ci.aria b/components/mbedtls/test_apps/sdkconfig.ci.aria new file mode 100644 index 0000000000..9aa619c011 --- /dev/null +++ b/components/mbedtls/test_apps/sdkconfig.ci.aria @@ -0,0 +1 @@ +CONFIG_MBEDTLS_ARIA_C=y From 397c6895481d401963f9c0fbd78a37686845c235 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Mon, 2 Feb 2026 12:30:14 +0800 Subject: [PATCH 3/5] fix: make the PSA compile definitions public --- components/mbedtls/CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/mbedtls/CMakeLists.txt b/components/mbedtls/CMakeLists.txt index 1e69282055..c7b6ee10e3 100644 --- a/components/mbedtls/CMakeLists.txt +++ b/components/mbedtls/CMakeLists.txt @@ -225,7 +225,7 @@ if(NOT ${IDF_TARGET} STREQUAL "linux") ) target_link_libraries(tfpsacrypto PRIVATE "$<$:idf::nvs_flash>") # Define compile definition to indicate ESP-IDF PSA ITS implementation is available - target_compile_definitions(tfpsacrypto PRIVATE "$<$:ESP_PSA_ITS_AVAILABLE>") + target_compile_definitions(tfpsacrypto PUBLIC "$<$:ESP_PSA_ITS_AVAILABLE>") else() # For v1: check if component is in build before adding source and linking idf_build_get_property(build_components BUILD_COMPONENTS) @@ -233,7 +233,7 @@ if(NOT ${IDF_TARGET} STREQUAL "linux") target_sources(tfpsacrypto PRIVATE "${COMPONENT_DIR}/port/psa_crypto_storage/esp_psa_its.c") idf_component_get_property(nvs_flash_lib nvs_flash COMPONENT_LIB) target_link_libraries(tfpsacrypto PRIVATE ${nvs_flash_lib}) - target_compile_definitions(tfpsacrypto PRIVATE ESP_PSA_ITS_AVAILABLE) + target_compile_definitions(tfpsacrypto PUBLIC ESP_PSA_ITS_AVAILABLE) endif() endif() endif() From aabf35b41bf5c17562115836159593d2a280d949 Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Thu, 29 Jan 2026 15:54:14 +0530 Subject: [PATCH 4/5] change(mbedtls): Disable MBEDTLS_SHA3_C by default --- docs/en/api-guides/performance/size.rst | 1 - docs/zh_CN/api-guides/performance/size.rst | 1 - 2 files changed, 2 deletions(-) diff --git a/docs/en/api-guides/performance/size.rst b/docs/en/api-guides/performance/size.rst index 3731368ae7..1353333557 100644 --- a/docs/en/api-guides/performance/size.rst +++ b/docs/en/api-guides/performance/size.rst @@ -214,7 +214,6 @@ These include: - :ref:`CONFIG_MBEDTLS_HAVE_TIME` - :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC` - :ref:`CONFIG_MBEDTLS_SHA512_C` - - :ref:`CONFIG_MBEDTLS_SHA3_C` - :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS` - :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS` - :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION` diff --git a/docs/zh_CN/api-guides/performance/size.rst b/docs/zh_CN/api-guides/performance/size.rst index b9a0048944..14e6094f10 100644 --- a/docs/zh_CN/api-guides/performance/size.rst +++ b/docs/zh_CN/api-guides/performance/size.rst @@ -213,7 +213,6 @@ MbedTLS 功能 - :ref:`CONFIG_MBEDTLS_HAVE_TIME` - :ref:`CONFIG_MBEDTLS_ECDSA_DETERMINISTIC` - :ref:`CONFIG_MBEDTLS_SHA512_C` - - :ref:`CONFIG_MBEDTLS_SHA3_C` - :ref:`CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS` - :ref:`CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS` - :ref:`CONFIG_MBEDTLS_SSL_CONTEXT_SERIALIZATION` From 526e7a0230aa84b5c0edd641119994d317600690 Mon Sep 17 00:00:00 2001 From: Zhang Shuxian Date: Mon, 2 Feb 2026 16:00:27 +0800 Subject: [PATCH 5/5] docs: update CN translation for security.rst --- .../migration-guides/release-6.x/6.0/security.rst | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst b/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst index 26621ffa9a..2f67c3efcb 100644 --- a/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst +++ b/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst @@ -60,6 +60,16 @@ ESP-IDF v6.0 已升级至 Mbed TLS v4.0,**PSA Crypto 成为主要加密接口* - 41084 - 4.97 + + +默认配置更改 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +- 注意:默认的 Mbed TLS 配置在 ESP-IDF v6.0 中已收紧,以提升安全性并降低资源占用: + + - ``MBEDTLS_ARIA_C`` 默认禁用。依赖 ARIA 的应用必须在 ``menuconfig`` (Component config -> mbedTLS) 中显式启用,或通过自定义 ``components/mbedtls/config/mbedtls_preset_default.conf`` 来启用。 + - 默认禁用 ``secp192r1``,这与证书和 TLS 中移除对 250 位以下椭圆曲线的支持策略保持一致。如果某个应用在 TLS/证书之外仍然需要旧版曲线支持,则必须显式启用该功能(例如通过定义 ``PSA_WANT_ECC_SECP_R1_192=1``),并验证其兼容性。注意:该旧版支持可能会在下一次 ESP-IDF 小版本更新中被禁用。 + 参考文档 ^^^^^^^^^^