espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-29 11:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
49,603 Commits 24 Branches 183 Tags
70da170f248ae617297b4e2835254f33bb0238ed
Commit Graph

163 Commits

Author SHA1 Message Date
morris 512b499e1b refactor: remove gdma_trigger_peripheral_t 2026-01-12 13:47:54 +08:00
Ashish Sharma 3d5775e22b feat: adds PSA MD5 driver support 2026-01-07 10:41:33 +08:00
harshal.patil e91d50ed1e fix(mbedtls): Support partial hardware AES-GCM and s/w fallback for non-AES ciphers 
- Support software-fallback for unsupported hardware AES lengths
 2026-01-03 12:17:50 +05:30
Ashish Sharma cbd925837e feat: migrates mbedtls port layer to PSA APIs 2025-12-30 09:31:49 +05:30
nilesh.kale fcb7e77e48 feat(mbedtls): add ECC P-384 mbedtls support and test_cases 2025-12-02 11:02:01 +05:30
morris bc064a353a refactor(hal_dma): move bitscrambler from hal component 
because bitscrambler can't live without DMA, it's highly binded with the
GDMA peripheral.
 2025-11-21 16:10:16 +08:00
harshal.patil dac0bbfcc2 change(mbedtls): Generalize key source union for the hardware ECDSA context 2025-11-17 12:34:09 +05:30
Ashish Sharma acf89924c8 feat(esp_http): migrate esp_http to PSA API 2025-10-26 10:13:14 +08:00
harshal.patil c36aef9c19 change(mbedtls/port): Wrap headers with relevant soc_caps 
- Needed to fix builds for the targets that are yet to supported
 2025-09-20 10:55:07 +05:30
harshal.patil 8992f08bef feat(mbedtls/aes): Add config to support AES block and DMA modes during runtime 
- Dynamically switch the AES operation modes based on the buffer operating length
- Shorter AES and SHA operations can now run faster and concurrently as well

Closes https://github.com/espressif/esp-idf/issues/15914
 2025-09-20 10:55:07 +05:30
Laukik Hase c152663408 feat(esp_tee): Added support for PBKDF2-based (HMAC) ECDSA signing 2025-09-19 12:06:02 +05:30
Kapil Gupta 88d71da23f fix(mbedtls): Addressed comments on PR15679 2025-09-16 22:10:53 +05:30
Deomid rojer Ryabkov aa581523c9 feat(mbedtls): Add mbedtls_esp_random() 
Suitable for passing as f_rng to various Mbed-TLS APIs that require it
 2025-09-15 11:09:21 +08:00
Mahavir Jain 42914e01ee feat: remove some deprecated APIs from 6.0 release 2025-08-20 14:20:37 +05:30
nilesh.kale dedc9889de feat: added config member to store block number for hign part of ecdsa key 2025-08-11 16:01:10 +05:30
nilesh.kale 68f06a94bd feat: add ecdsa-p384 testcases and relative support for ESP32C5 ECO2 
This commit adds testcases in crypto/hal and mbedtls testapps.
 2025-08-11 16:01:01 +05:30
Ashish Sharma f7be43c83d feat(mbedtls): adds more configuration options 2025-07-30 17:47:54 +08:00
Ashish Sharma 466a365a02 feat(mbedtls): adds support for RSA decryption with DS peripheral 2025-07-07 13:32:06 +08:00
Ashish Sharma 9c546002cb feat(mbedtls): update to version 3.6.4 2025-07-03 11:23:34 +08:00
Mahavir Jain a8bf745f23 Merge branch 'feat/adding_different_strategy_to_perform_tls_using_dynamic_feature' into 'master' 
Add configuration to control dynamic buffer strategy in mbedtls

Closes IDF-12591

See merge request espressif/esp-idf!39469
 2025-06-12 09:52:35 +05:30
harshal.patil 85ec4df4db change(mbedlts/port): Remove deprecated header files 2025-06-06 14:52:03 +05:30
harshal.patil fe78370ec9 feat(mbedtls/sha): New API for setting SHA mode 2025-06-06 14:51:44 +05:30
hrushikesh.bhosale 5928a87aa7 feat(mbedtls): Add configuration to control dynamic buffer strategy in mbedtls 
Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.

Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
 2025-06-05 12:43:47 +05:30
Laukik Hase d116567a66 refactor(esp_tee): Update TEE secure storage interface APIs 2025-05-04 18:03:29 +05:30
Laukik Hase 3fd107aa04 feat(mbedtls): Add support for ECDSA signing with TEE secure storage 2025-04-03 15:35:15 +05:30
Ashish Sharma b126ebb596 feat(mbedtls): new config to allow weak cert verification 2025-03-28 15:46:48 +08:00
harshal.patil e442f11320 feat(mbedtls): Make mbedtls SHA1 support configurable 2025-03-19 14:28:40 +05:30
harshal.patil 7d8211bf87 feat(mbedtls): Support both SHA block and DMA modes during runtime 
Dynamically switch the SHA operation modes based on the buffer operating length
 2025-02-04 16:49:30 +05:30
harshal.patil 4cdfdac18c fix(mbedtls): Fix the increase in build size of mbedtls when upgrading to v3.x 2024-10-24 14:45:57 +05:30
Aditya Patwardhan 1b770c3931 fix(mbedtls): Fix the MBEDTLS_FS_IO dependency on vfs 
By default MBEDTLS_FS_IO option in mbedtls uses the filesystem supported
added by vfs component.
If the vfs support is disabled by user then mbedtls raises a warning
that the filesystem realted operation shall always fail
This commit fixes the behaviour by enabling respective depedency check for the
MBEDTLS_FS_IO option

Closes https://github.com/espressif/esp-idf/issues/14409
 2024-09-30 13:43:29 +05:30
harshal.patil c94986d793 fix(mbedtls): Fix https_request example build failure for mbedtls_config 
- This was caused due to some mbedtls confisg being defined but their all prerequisites were not
 2024-08-27 14:09:21 +05:30
Laukik Hase e8477fb894 feat(mbedtls): Extend the esp_sha API to support SHA224 operations 2024-08-07 10:03:11 +05:30
Mahavir Jain 64fd14e787 feat(mbedtls): add kconfig option for MBEDTLS_ERROR_C 
Disabling this config can reduce footprint for the cases where
mbedtls_strerror() is used and hence the debug strings are getting
pulled into the application image.
 2024-04-04 09:20:28 +05:30
harshal.patil e383616503 fix(mbedtls/aes): Fix incorrect dma alignment size 2024-04-02 14:30:14 +08:00
Aditya Patwardhan d0a23799e8 feat(mbedtls): Added support for using ECDSA key through key manager 2024-04-01 14:37:12 +05:30
harshal.patil 211a2a5477 feat(mbedtls/sha): Support SHA-DMA operations by satisfying L1 cache alignment requirements 
- Use block mode as default SHA operation mode instead of DMA
 2024-03-27 11:23:29 +05:30
harshal.patil d737625215 feat(mbedtls/sha): Support in AXI-DMA SHA driver layer 2024-03-27 11:23:29 +05:30
harshal.patil 2abb656ba2 feat(mbedtls/aes): Support AES-DMA operations by satisfying L1 cache alignment requirements 
- Use DMA RX done interrupt status bit while waiting for DMA rx transfer
 2024-03-13 15:22:07 +05:30
harshal.patil 83dd60307f feat(mbedtls/esp_crypto_shared_gdma): support AXI-DMA in the crypto shared gdma layer 
- In case of AXI-DMA, the DMA descriptors need to be 8 bytes aligned
lldesc_t do not satify this condition thus we need to replace it with
dma_descriptor_t (align(4) and align(8)) in esp_crypto_shared_gdma.

- Added new shared gdma start API that supports the dma_descriptor_t
DMA descriptor.

- Added some generic dma descriptor macros and helper functions

- replace lldesc_t with dma_descriptor_t
 2024-03-13 15:22:06 +05:30
harshal.patil 2c570ed53b change(mbedtls/aes): moved esp_aes_internal.h to be a private header 
- Also enable AES-GCM test in the hal crypto test app for all targets
 2024-03-13 15:22:06 +05:30
harshal.patil 8977be856d fix(mbedtls/gcm): Add support for software fallback for non-AES ciphers in a GCM operation 
- Even if the config MBEDTLS_HARDWARE_AES is enabled, we now support fallback
to software implementation of GCM operations when non-AES ciphers are used.
 2024-02-23 10:47:30 +05:30
nilesh.kale aab3f604ec feat(hal/testapps): Added AES and SHA testcases with DMA support 2024-02-09 14:23:06 +05:30
Aditya Patwardhan 4dc2ace0b7 fix(esp_hw_support): Update key manager support 
1) Added new Key Manager APIs
    2) Added crypto locking layer for Key Manager
    3) Remove support for deploying known key
    4) Format key manager support
    5) Fix build header error
    6) Updated the key_mgr_types.h file
    7) Added key manager tests
 2024-01-23 10:24:39 +05:30
Mahavir Jain fec7fc30f1 fix(api-docs): include in the ECDSA APIs for doxygen build 2023-11-15 09:42:27 +05:30
Mahavir Jain 7bb29086df docs: add ECDSA peripheral chapter for H2/P4 
- Add ECDSA peripheral chapter and instructions to program efuse key block
- Update security guide for ECDSA peripheral mention for device identity
- Link with ESP-TLS guide about using ECDSA peripheral in TLS connection
 2023-11-15 09:42:26 +05:30
Mahavir Jain 804ed172dd fix(mbedtls): allow to use built in entropy implementation for linux target 2023-10-26 15:12:42 +05:30
Mahavir Jain 0c3ed4f540 fix(mbedtls): remove deprecated MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION 
This config has been removed in the upstream mbedTLS starting 3.0
release. Please see mbedTLS changelog for more details.
 2023-10-11 09:32:32 +00:00
Mahavir Jain 9ca8f3d45b feat(mbedtls): update to 3.5.0 release 
Changelog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0
 2023-10-11 09:32:32 +00:00
Kapil Gupta c82a792bc3 change(esp_wifi): Port fast_pbkdf2 implementation for mbedlts 
Add changes to use fast_pbkdf2 as default for PMK calculations.
fast_pbkdf2 is significantly faster than current implementations
for esp chips.

Also removes unnecessary code for pbkdf-sha256 and pbkdf-sha512.
 2023-09-11 19:33:17 +05:30
Aditya Patwardhan a57c8dc938 Merge branch 'contrib/github_pr_12177' into 'master' 
mbedtls: define MBEDTLS_SSL_CID_TLS1_3_PAD_GRANULARITY for CID padding (GitHub PR)

See merge request espressif/esp-idf!25826
 2023-09-09 12:27:56 +08:00