espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
51,729 Commits 24 Branches 183 Tags
master
Commit Graph

972 Commits

Author SHA1 Message Date
harshal.patil 7eb44576be test(mbedtls): Add a test for opaque HMAC driver verification 2026-04-22 10:11:27 +05:30
harshal.patil f195d183be fix(mbedtls): Flash compatibility across multiple key sources (ECDSA, HMAC) 2026-04-22 10:11:12 +05:30
Mahavir Jain a572df21d3 Merge branch 'fix/remove_mbedtls_tls_disabled_config' into 'master' 
fix(mbedtls): remove not required MBEDTLS_TLS_DISABLED config

See merge request espressif/esp-idf!47818
 2026-04-22 08:51:14 +05:30
Ashish Sharma bcf0acdead fix(mbedtls): remove not required MBEDTLS_TLS_DISABLED config 
Closes https://github.com/espressif/esp-idf/issues/18458
 2026-04-21 17:48:48 +08:00
Aditya Patwardhan e1d01809dc fix(mbedtls): correct inverted NULL check in esp_hmac_abort_opaque 
esp_hmac_abort_opaque() had an inverted guard that called
mbedtls_platform_zeroize() on the context only when the context pointer
was NULL, dereferencing NULL and skipping cleanup of valid contexts.

Effect:
* Calling the abort path with a NULL pointer crashes (NULL write)
  instead of being a safe no-op.
* The valid (non-NULL) HMAC opaque operation context is never zeroized
  on abort, leaving sensitive intermediate HMAC state and key handle
  references in operation memory until the buffer is overwritten or
  freed.

Fix: invert the check so zeroization runs only when the context pointer
is non-NULL.
 2026-04-21 11:27:15 +05:30
Espressif BOT 54d4d0b140 change(mbedtls/crt_bundle): Update esp_crt_bundle certificates 2026-04-13 16:04:54 +05:30
Guillaume Souchere e7cf8cd3cb fix(mbedtls): fix undefined esp_mbedtls_mem_calloc/free at link time 
platform.c (compiled into the 'builtin' archive) calls
esp_mbedtls_mem_calloc and esp_mbedtls_mem_free directly by name via
the MBEDTLS_PLATFORM_STD_CALLOC/FREE macros in esp_config.h.
Previously, esp_mem.c was compiled into the 'tfpsacrypto' archive, which
appears after 'builtin' in the link command, causing the linker to fail
with undefined reference errors when 'builtin' was processed first.

Moving esp_mem.c into 'builtin' to assure that the function used by
esp_mbedtls_mem_calloc and esp_mbedtls_mem_free are available when
pltform.c is linked.
 2026-04-09 10:51:21 +02:00
Ashish Sharma a858f1683d fix(mbedtls): reenable RSA 4096 bit key performance test 2026-04-08 14:54:04 +08:00
Ashish Sharma a2f4554f10 fix(protocomm): fixes potential issues that can lead to crash during device provisioning 2026-04-01 10:08:00 +08:00
Mahavir Jain f6b7c2f9fe Merge branch 'fix/ds_ctx_efuse_key_id_type' into 'master' 
Preserve flash compatibility by reverting the modified `esp_ds_data_ctx_t` size

See merge request espressif/esp-idf!47009
 2026-03-26 10:12:02 +05:30
harshal.patil 2b77826e06 fix(mbedtls/rsa_ds): Preserve compatibility by reverting the modified esp_ds_data_ctx_t size 2026-03-25 18:54:04 +05:30
harshal.patil 28736a81fa fix(esp_security): Enable Key Manager clocks even for efuse key operations 
The Key Manager holds a key usage register, thus, the Key Manager peripheral
clock must be enabled even for efuses-based key operations to route the
crypto operations to correctly to the efuses (default is Key Manager)
 2026-03-25 10:38:44 +05:30
nilesh.kale 31c88b7a4d fix(mbedtls): disable cert bundle tests in FPGA env 2026-03-23 13:53:54 +08:00
Aditya Patwardhan 1e75562404 Merge branch 'fix/fix_psa_sha_driver_macro_checks' into 'master' 
fix(mbedtls): Gate PSA SHA driver on ACCEL flags instead of raw SOC caps

Closes IDFGH-17384

See merge request espressif/esp-idf!46685
 2026-03-18 13:53:17 +05:30
Ashish Sharma eb3922dd12 fix(mbedtls): fixes incorrect macro checks in PSA SHA driver 
Closes https://github.com/espressif/esp-idf/issues/18354
 2026-03-17 13:18:28 +08:00
Ashish Sharma d8b02883dc fix(secure_boot): marks 192 bit support curve legacy 2026-03-17 10:25:44 +08:00
harshal.patil b5550281b9 change(mbedtls): Change the ESP-DS-RSA key lifetime name to include the VOLATILE keyword 2026-03-06 15:00:38 +05:30
Mahavir Jain a5d7fb3a41 Merge branch 'fix/fix_dynamic_buffer_with_tls1_3' into 'master' 
fix: fixes failing dynamic buffer tests

Closes IDFCI-5130

See merge request espressif/esp-idf!45150
 2026-03-05 18:35:32 +05:30
harshal.patil a1bbab43fe feat(mbedtls/esp_rsa_ds): Support Key Manager key using the ESP-RSA-DS PSA interface 2026-03-03 18:42:07 +05:30
harshal.patil 8036017951 feat(mbedtls/esp_mac): Support Key Manager key using the ESP-HMAC PSA interface 2026-03-03 18:40:31 +05:30
harshal.patil 30a120c7cb feat(mbedtls/esp_ecdsa): Support Key Manager key using the ESP-ECDSA PSA interface 2026-03-03 18:40:31 +05:30
harshal.patil 163e0974b3 change(mbedtls/psa_driver_esp_hmac): Use efuse key block instead of efuse block 
- Maintains compatibility of the older esp_hmac_ APIs and the PSA driver
 2026-03-03 18:36:18 +05:30
harshal.patil aa63487d9f feat(mbedtls/esp_rsa_ds): Introduce ESP-RSA DS opaque key context 2026-03-03 18:36:18 +05:30
Ashish Sharma 20a6888b41 feat(esp-tls): adds per ssl context state management 2026-03-03 11:21:56 +08:00
Ashish Sharma b5c3e27a38 fix: fixes failing dynamic buffer tests 2026-03-03 11:16:49 +08:00
Ashish Sharma 4bec0bc5c2 fix(bleprph): skip using tls configs for bt examples 2026-03-02 10:48:10 +08:00
Mahavir Jain e0536d5ff2 Merge branch 'bugfix/mbedtls_poly1305_build' into 'master' 
fix(mbedtls): fix MBEDTLS_POLY1305_C build config

Closes IDFGH-17251

See merge request espressif/esp-idf!45934
 2026-02-19 15:05:12 +05:30
hrushikesh.bhosale 7b2bd0453a fix(mbedtls/test_apps): Enabling psram test for esp32p4 2026-02-18 11:55:06 +05:30
Mahavir Jain 89a44d513c fix(mbedtls): fix MBEDTLS_POLY1305_C build config 
Closes https://github.com/espressif/esp-idf/issues/18243
 2026-02-17 20:09:13 +05:30
Mahavir Jain ba61b8300f Merge branch 'feat/reenabling_test_for_esp32p4' into 'master' 
feat(tests): Reenabled the app_update and crypto driver test for esp32p4

Closes IDF-14367

See merge request espressif/esp-idf!43719
 2026-02-17 11:01:32 +05:30
Hrushikesh Bhosale 96dda2a6d8 Merge branch 'refactor/remove_common_component_dependency_ota_test_apps' into 'master' 
Removed the common_component dependency from app_update and protocols

Closes IDF-15300

See merge request espressif/esp-idf!45822
 2026-02-17 13:16:03 +08:00
hrushikesh.bhosale 8124c2e2cf refactor(protocols): Removed the common_component dependency 
- Removed the common_component build dependency from protocols test_apps
and examples
 2026-02-16 15:07:37 +05:30
Mahavir Jain 97d9585357 Merge branch 'fix/nvs_encr_use_hardware_aes' into 'master' 
Use h/w accelerated AES-ECB for XTS-AES operations

See merge request espressif/esp-idf!45628
 2026-02-12 18:22:03 +05:30
Mahavir Jain 5225e6a3e6 Merge branch 'fix/failed_test_ds_key_deployment_in_aes_mode' into 'master' 
Re-enable crypto drivers test app for ESP32-P4

Closes IDF-14418

See merge request espressif/esp-idf!45724
 2026-02-12 13:38:53 +05:30
Ashish Sharma 0b6843f2ed fix(mbedtls): updates crypto performance numbers 2026-02-11 23:35:59 +08:00
Ashish Sharma 8a8c4c175e fix(mbedtls): enable pthread threading by default 2026-02-11 17:59:04 +08:00
harshal.patil 8bd87b67e2 fix(nvs_flash): Use h/w accelerated AES-ECB for XTS-AES operations 2026-02-11 15:24:03 +05:30
Laukik Hase c5d72691e6 Merge branch 'feat/esp_tee_misc_optim' into 'master' 
feat(esp_tee): Miscellaneous updates and optimizations

See merge request espressif/esp-idf!45634
 2026-02-11 11:31:08 +05:30
Harshal Patil 9cf49269aa Merge branch 'fix/support_truncated_hmac' into 'master' 
Allow truncated ESP-PSA HMAC driver operations

Closes IDF-15299

See merge request espressif/esp-idf!45754
 2026-02-11 10:25:04 +05:30
nilesh.kale 0fd1a4c9f8 test(esp_security): re-enable crypto drivers test app for ESP32P4 
Also remove common_components dep for security-related tests
 2026-02-10 17:48:55 +05:30
harshal.patil b4542bf748 fix(mbedtls): Support truncated HMAC 2026-02-10 14:08:46 +05:30
Laukik Hase 1d425cee8e feat(esp_tee): Remove unused components from the PSA Crypto library 2026-02-10 13:52:30 +05:30
nilesh.kale 97dba09392 fix(mbedtls): Revised ECDSA verify HW config check 2026-02-10 12:36:30 +05:30
hrushikesh.bhosale e957e4801b feat(tests): Reenabled the app_update. mbedtls and FE tests for esp32p4 2026-02-06 15:34:19 +05:30
Ashish Sharma b3e1c03d97 fix(mbedtls): revert struct member name change esp_rsa_ds_data to esp_ds_data 2026-02-06 17:33:17 +08:00
Ashish Sharma 6f5b078ed6 feat: adds DS Sign capabilities for ESP32S2 2026-02-05 10:12:25 +08:00
Ashish Sharma e06a7dd791 feat: adds new Kconfig variable for DS peripheral 2026-02-05 10:12:25 +08:00
Ashish Sharma 1d185a6548 feat: adds PSA DS driver support 2026-02-05 10:12:25 +08:00
Mahavir Jain f2635f98d9 Merge branch 'fix/externsive_mbedtls_aes_sha_tests' into 'master' 
Re-introduce the extensive mbedtls AES and SHA tests

Closes SHA-512

See merge request espressif/esp-idf!45489
 2026-02-04 18:33:57 +05:30
Ashish Sharma 470964ffdd fix: make the PSA compile definitions public 2026-02-03 14:55:44 +08:00