espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-16 00:35:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
47,284 Commits 22 Branches 170 Tags
master
Commit Graph

79 Commits

Author SHA1 Message Date
Ashish Sharma
62f852a93b feat(esp_tls): supports setting tls version and ciphersuite in server config 
Closes https://github.com/espressif/esp-idf/issues/17660
 2025-10-03 15:19:41 +08:00
Ashish Sharma
9cb348789c fix(esp_tls): limit ret code from esp_mbedtls_handshake 2025-09-24 09:36:38 +08:00
nilesh.kale
54d97fdac1 fix(esp-tls): removed unncessary log for certificate verification 
This commit removed unnecessary and confusing log for
certificate verify if there is another issue during tls connection.
 2025-09-17 13:04:16 +08:00
nilesh.kale
421b9abd0d fix(esp-tls): added missing event tracker capture during mbedtls read operation 
This commit fixed missing event tracker capture and
added new error code ESP_ERR_MBEDTLS_SSL_READ_FAILED.

Closes https://github.com/espressif/esp-idf/issues/16239
 2025-09-17 13:04:16 +08:00
hrushikesh.bhosale
bf7dc18bd6 fix(esp_tls): Fixed build failure for sbv2 ecdsa 
Made ESP_TLS_ECDSA_CURVE_SECP384R1 under SOC CAP.
 2025-09-09 16:01:04 +05:30
Alexey Lapshin
28ced4efad fix(config): actualize newlib Kconfig options 2025-08-28 12:25:09 +08:00
nilesh.kale
dedc9889de feat: added config member to store block number for hign part of ecdsa key 2025-08-11 16:01:10 +05:30
nilesh.kale
08e781c876 feat: added new config member to provide ecdsa curve type 2025-08-11 16:01:09 +05:30
nilesh.kale
68f06a94bd feat: add ecdsa-p384 testcases and relative support for ESP32C5 ECO2 
This commit adds testcases in crypto/hal and mbedtls testapps.
 2025-08-11 16:01:01 +05:30
Ashish Sharma
466a365a02 feat(mbedtls): adds support for RSA decryption with DS peripheral 2025-07-07 13:32:06 +08:00
Mahavir Jain
a8bf745f23 Merge branch 'feat/adding_different_strategy_to_perform_tls_using_dynamic_feature' into 'master' 
Add configuration to control dynamic buffer strategy in mbedtls

Closes IDF-12591

See merge request espressif/esp-idf!39469
 2025-06-12 09:52:35 +05:30
hrushikesh.bhosale
5928a87aa7 feat(mbedtls): Add configuration to control dynamic buffer strategy in mbedtls 
Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.

Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
 2025-06-05 12:43:47 +05:30
Ashish Sharma
2ef09a7952 fix(esp_tls): fix failing build with TLS1.3 only and dynamic buffer 2025-06-02 09:14:03 +08:00
Ashish Sharma
415e0f3c86 feat(mbedtls): add support for dynamic buffer for TLS1.3 
Closes https://github.com/espressif/esp-idf/issues/15448
 2025-04-24 12:05:36 +08:00
Ashish Sharma
0291bee0ff feat(mbedtls): update to version 3.6.3 2025-03-28 13:03:12 +08:00
Aditya Patwardhan
d31654da96 fix(esp-tls): Fixed the server session create API 
Added the option to define tls_handshake_timeout value
    for the esp_tls_server_session_create API.
    At the moment, the API gets stuck infinitely if
    the handshake is blocked on recieving more data
    and the peer connection has closed due to some issue.

    Closes https://github.com/espressif/esp-idf/issues/14999
 2025-02-18 14:46:33 +05:30
Aditya Patwardhan
f9d64d4db8 feat(esp-tls): Update support for asynchronous server session create 
Closes https://github.com/espressif/esp-idf/pull/14493
 2024-11-29 17:04:31 +05:30
thetek42
d97e435af9 fix: make esp_tls_server_session_create async compatible 2024-11-29 17:04:31 +05:30
David Cermak
7801d118d4 fix(esp_tls): PSK available in headers only if enabled in Kconfig 2024-11-21 11:36:16 +01:00
David Cermak
7ef2379549 feat(esp_tls): Add support for PSK authentication on server side 2024-11-18 13:47:29 +01:00
Harshit Malpani
aece182482 fix: Fix error logging formatting bug for nano formatting 
Closes https://github.com/espressif/esp-idf/issues/13604
 2024-04-23 00:02:46 +05:30
Harshit Malpani
9274e3e620 fix(esp-tls): capture errors in error handle 2024-02-14 14:36:14 +05:30
Aditya Patwardhan
e2d5b323ca fix(esp_tls): Fixed client key parsing for ECC key 
Client key parsing for ECC keys was failing as the
    RNG supplied to the key parsing API was uninitialized.
    This commit fixes that behaviour
 2024-01-23 13:40:57 +08:00
Aditya Patwardhan
5ce93aa257 fix(esp_tls): Refactor esp-tls to remove ESP_TLS_SERVER config option 2023-10-26 09:30:13 +00:00
Harshit Malpani
27681a5073 fix(esp-tls): Use TLS 1.2 and TLS 1.3 simultaneously 
This commit fixes the issue with TLS 1.2 connection when TLS 1.3 is
enabled in config.
 2023-10-23 16:23:10 +05:30
Harshit Malpani
692e1a9e61 feat: ECDSA peripheral while performing http connection with mutual auth 2023-09-08 12:22:41 +05:30
Mahavir Jain
200cf10373 Merge branch 'bugfix/fix_error_while_ota_over_tls_1_3_connection' into 'master' 
fix: fix error while performing OTA over TLS 1.3 connection

Closes IDFGH-10451

See merge request espressif/esp-idf!24847
 2023-08-16 20:28:19 +08:00
Mahavir Jain
29a4b05cba Merge branch 'contrib/github_pr_11923' into 'master' 
fix(esp-tls): fix pointer cast and condition for CONFIG_ATECC608A_TCUSTOM (GitHub PR)

Closes IDFGH-10697

See merge request espressif/esp-idf!25348
 2023-08-16 14:19:46 +08:00
Harshit Malpani
11715c5caf fix(esp-tls): Retry reads if using session tickets with TLS 1.3 
Fixed the error that occurred while performing OTA upgrades over
TLS 1.3 connection. After handshake is completed, post-handshake message
is received and internal state is changed. While performing mbedtls_ssl_read(),
it checks handshake state and if it is not MBEDTLS_SSL_HANDSHAKE_OVER,
mbedtls_ssl_handshake is called again.
 2023-08-16 11:26:58 +05:30
Alex
6704566476 fix(esp-tls): fix pointer cast and condition for CONFIG_ATECC608A_TCUSTOM 
Closes https://github.com/espressif/esp-idf/pull/11923
 2023-08-14 16:20:20 +05:30
Mahavir Jain
ea3bb21cf7 fix(esp-tls): fix the certificate check failure logging for cert bundle case 
For ESP certificate bundle case, the certificate failure error from
underlying TLS stack was not being tracked. Added the fix and also
updated example code showcasing how to retrieve it.

Closes https://github.com/espressif/esp-idf/issues/12034
 2023-08-11 17:27:01 +05:30
KonstantinKondrashov
e72061695e all: Removes unnecessary newline character in logs 
Closes https://github.com/espressif/esp-idf/issues/11465
 2023-06-09 03:31:21 +08:00
Mahavir Jain
b5055b9bfa Merge branch 'feature/add_mbedtls_ciphersuites_set_get_api' into 'master' 
esp-tls: Add config and api to set and get ciphersuites list

Closes IDF-7183

See merge request espressif/esp-idf!23320
 2023-04-28 13:01:59 +08:00
yuanjianmin
f74447103f esp-tls: Add config and api to set and get ciphersuites list 2023-04-27 19:22:27 +08:00
Mahavir Jain
7fd1378fbb esp_tls: add initial support for TLS 1.3 connection 2023-04-25 17:40:01 +05:30
boarchuz
0c85f7407e fix preprocessor log condition in esp_tls_mbedtls 2023-03-30 14:08:57 +11:00
Harshit Malpani
43e4383bb7 esp-tls: fix build error without -Wno-format compile flag when building for Linux target 2023-01-04 11:17:27 +05:30
Nathan Phillips
057f5cb120 Distinguish 4 identical log messages 
Say which certificate couldn't be parsed in each one.
 2022-12-08 10:31:28 +00:00
Aditya Patwardhan
8ad4de7991 esp-tls: Add changes to the Cert selection callback PR. 2022-11-03 07:17:05 +00:00
Akos Vandra
e9e3dc7904 esp-tls: Add support for the CERTIFICATE SELECTION HOOK. The hook has access to required information so that the application can make a more informed decision on which certificate to serve (such as alpn value, server certificate type, etc.) 
Closes https://github.com/espressif/esp-idf/pull/9833

Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
 2022-11-03 07:17:05 +00:00
yuanjianmin
ddbe6aa42a esp-tls: Fix memory leak in mbedtls ds peripheral when MBEDTLS_THREADING_C enabled 2022-10-13 14:17:42 +08:00
Yuan Jian Min
9a97cfbffc esp-tls: socket will be set to -1 and will not be closed 
Closes https://github.com/espressif/esp-idf/issues/9847
 2022-09-26 19:15:04 +08:00
Laukik Hase
6319970ab7 esp_tls/wpa_supplicant: Updated deprecated mbedtls APIs 2022-08-24 11:59:34 +05:30
Aditya Patwardhan
2ea419db22 esp_tls_mbedtls.c: Fix esp-idf integration of esp-cryptoauthlib 
menuconfig option
 2022-06-03 23:12:11 +05:30
Li Jingyi
6d58008119 esp-tls: add api to free client session 
Free session with mbedtls api to avoid mem-leak
 2022-05-23 16:28:40 +08:00
Aditya Patwardhan
788c9ddf8d esp_tls: Added getter function for esp_tls ssl ctx. 2022-05-11 07:09:34 +00:00
Aditya Patwardhan
434e74ff73 esp_tls: Make esp_tls_t as private structure. 2022-05-11 07:09:34 +00:00
Laukik Hase
d7090b4d52 https_server: Add config option to min. cert. auth mode 
- Added a config option to set the minimum Certificate Verification
  mode to Optional
- When this option is enabled, the peer (the client) certificate
  is checked by the server, however the handshake continues even if
  verification failed.
- By default, the peer certificate is not checked and ignored by the server.

Closes https://github.com/espressif/esp-idf/issues/8664
 2022-03-29 08:57:36 +00:00
Aditya Patwardhan
4c58685c00 esp_https_server: Enable secure element support. 
Closes https://github.com/espressif/esp-idf/issues/8286
 2022-03-27 14:35:25 +05:30
Laukik Hase
f5feb7813e mbedtls: Fix build errors related to TLS 1.3 
- Kconfig: Enabled MBEDTLS_HKDF_C by default when TLS 1.3 support is enabled
- esp-tls (mbedtls): Forced client to use TLS 1.3 when TLS 1.3 support is enabled
 2022-03-03 01:37:10 +05:30