forked from espressif/arduino-esp32
IDF master 3e370c4296
* Fix build compilation due to changes in the HW_TIMER's structs * Fix compilation warnings and errors with USB * Update USBCDC.cpp * Update CMakeLists.txt * Update HWCDC.cpp
This commit is contained in:
Me No Dev
GitHub
@ -20,6 +20,9 @@
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/certs.h"
|
||||
#ifdef CONFIG_ESP_TLS_SERVER_SESSION_TICKETS
|
||||
#include "mbedtls/ssl_ticket.h"
|
||||
#endif
|
||||
#elif CONFIG_ESP_TLS_USING_WOLFSSL
|
||||
#include "wolfssl/wolfcrypt/settings.h"
|
||||
#include "wolfssl/ssl.h"
|
||||
@ -54,6 +57,15 @@ typedef struct psk_key_hint {
|
||||
const char* hint; /*!< hint in PSK authentication mode in string format */
|
||||
} psk_hint_key_t;
|
||||
|
||||
/**
|
||||
* @brief esp-tls client session ticket ctx
|
||||
*/
|
||||
#ifdef CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS
|
||||
typedef struct esp_tls_client_session {
|
||||
mbedtls_ssl_session saved_session;
|
||||
} esp_tls_client_session_t;
|
||||
#endif /* CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS */
|
||||
|
||||
/**
|
||||
* @brief Keep alive parameters structure
|
||||
*/
|
||||
@ -168,9 +180,27 @@ typedef struct esp_tls_cfg {
|
||||
directly with esp_tls_plain_tcp_connect() API */
|
||||
|
||||
struct ifreq *if_name; /*!< The name of interface for data to go through. Use the default interface without setting */
|
||||
|
||||
#ifdef CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS
|
||||
esp_tls_client_session_t *client_session; /*! Pointer for the client session ticket context. */
|
||||
#endif /* CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS */
|
||||
} esp_tls_cfg_t;
|
||||
|
||||
#ifdef CONFIG_ESP_TLS_SERVER
|
||||
#if defined(CONFIG_ESP_TLS_SERVER_SESSION_TICKETS)
|
||||
/**
|
||||
* @brief Data structures necessary to support TLS session tickets according to RFC5077
|
||||
*/
|
||||
typedef struct esp_tls_server_session_ticket_ctx {
|
||||
mbedtls_entropy_context entropy; /*!< mbedTLS entropy context structure */
|
||||
|
||||
mbedtls_ctr_drbg_context ctr_drbg; /*!< mbedTLS ctr drbg context structure.
|
||||
CTR_DRBG is deterministic random
|
||||
bit generation based on AES-256 */
|
||||
mbedtls_ssl_ticket_context ticket_ctx; /*!< Session ticket generation context */
|
||||
} esp_tls_server_session_ticket_ctx_t;
|
||||
#endif
|
||||
|
||||
typedef struct esp_tls_cfg_server {
|
||||
const char **alpn_protos; /*!< Application protocols required for HTTP2.
|
||||
If HTTP2/ALPN support is required, a list
|
||||
@ -222,7 +252,39 @@ typedef struct esp_tls_cfg_server {
|
||||
unsigned int serverkey_password_len; /*!< String length of the password pointed to by
|
||||
serverkey_password */
|
||||
|
||||
#if defined(CONFIG_ESP_TLS_SERVER_SESSION_TICKETS)
|
||||
esp_tls_server_session_ticket_ctx_t * ticket_ctx; /*!< Session ticket generation context.
|
||||
You have to call esp_tls_cfg_server_session_tickets_init
|
||||
to use it.
|
||||
Call esp_tls_cfg_server_session_tickets_free
|
||||
to free the data associated with this context. */
|
||||
#endif
|
||||
} esp_tls_cfg_server_t;
|
||||
|
||||
/**
|
||||
* @brief Initialize the server side TLS session ticket context
|
||||
*
|
||||
* This function initializes the server side tls session ticket context
|
||||
* which holds all necessary data structures to enable tls session tickets
|
||||
* according to RFC5077.
|
||||
* Use esp_tls_cfg_server_session_tickets_free to free the data.
|
||||
*
|
||||
* @param[in] cfg server configuration as esp_tls_cfg_server_t
|
||||
* @return
|
||||
* ESP_OK if setup succeeded
|
||||
* ESP_ERR_INVALID_ARG if context is already initialized
|
||||
* ESP_ERR_NO_MEM if memory allocation failed
|
||||
* ESP_ERR_NOT_SUPPORTED if session tickets are not available due to build configuration
|
||||
* ESP_FAIL if setup failed
|
||||
*/
|
||||
esp_err_t esp_tls_cfg_server_session_tickets_init(esp_tls_cfg_server_t *cfg);
|
||||
|
||||
/**
|
||||
* @brief Free the server side TLS session ticket context
|
||||
*
|
||||
* @param cfg server configuration as esp_tls_cfg_server_t
|
||||
*/
|
||||
void esp_tls_cfg_server_session_tickets_free(esp_tls_cfg_server_t *cfg);
|
||||
#endif /* ! CONFIG_ESP_TLS_SERVER */
|
||||
|
||||
/**
|
||||
@ -404,6 +466,10 @@ int esp_tls_conn_http_new_async(const char *url, const esp_tls_cfg_t *cfg, esp_t
|
||||
* of bytes actually written to the TLS/SSL connection.
|
||||
* - <0 if write operation was not successful, because either an
|
||||
* error occured or an action must be taken by the calling process.
|
||||
* - ESP_TLS_ERR_SSL_WANT_READ/
|
||||
* ESP_TLS_ERR_SSL_WANT_WRITE.
|
||||
* if the handshake is incomplete and waiting for data to be available for reading.
|
||||
* In this case this functions needs to be called again when the underlying transport is ready for operation.
|
||||
*/
|
||||
static inline ssize_t esp_tls_conn_write(esp_tls_t *tls, const void *data, size_t datalen)
|
||||
{
|
||||
@ -609,6 +675,20 @@ void esp_tls_server_session_delete(esp_tls_t *tls);
|
||||
*/
|
||||
esp_err_t esp_tls_plain_tcp_connect(const char *host, int hostlen, int port, const esp_tls_cfg_t *cfg, esp_tls_error_handle_t error_handle, int *sockfd);
|
||||
|
||||
#ifdef CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS
|
||||
/**
|
||||
* @brief Obtain the client session ticket
|
||||
*
|
||||
* This function should be called when the TLS connection is already established.
|
||||
* This can be passed again in the esp_tls_cfg_t structure, to appropriate tls session create (e.g. esp_tls_conn_http_new) API for session resumption.
|
||||
*
|
||||
* @param[in] esp_tls context as esp_tls_t
|
||||
* @return
|
||||
* Pointer to the saved client session.
|
||||
* NULL on Failure
|
||||
*/
|
||||
esp_tls_client_session_t *esp_tls_get_client_session(esp_tls_t *tls);
|
||||
#endif /* CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS */
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -14,35 +14,42 @@ extern "C" {
|
||||
#endif
|
||||
|
||||
#define ESP_ERR_ESP_TLS_BASE 0x8000 /*!< Starting number of ESP-TLS error codes */
|
||||
|
||||
/* generic esp-tls error codes */
|
||||
#define ESP_ERR_ESP_TLS_CANNOT_RESOLVE_HOSTNAME (ESP_ERR_ESP_TLS_BASE + 0x01) /*!< Error if hostname couldn't be resolved upon tls connection */
|
||||
#define ESP_ERR_ESP_TLS_CANNOT_CREATE_SOCKET (ESP_ERR_ESP_TLS_BASE + 0x02) /*!< Failed to create socket */
|
||||
#define ESP_ERR_ESP_TLS_UNSUPPORTED_PROTOCOL_FAMILY (ESP_ERR_ESP_TLS_BASE + 0x03) /*!< Unsupported protocol family */
|
||||
#define ESP_ERR_ESP_TLS_FAILED_CONNECT_TO_HOST (ESP_ERR_ESP_TLS_BASE + 0x04) /*!< Failed to connect to host */
|
||||
#define ESP_ERR_ESP_TLS_SOCKET_SETOPT_FAILED (ESP_ERR_ESP_TLS_BASE + 0x05) /*!< failed to set/get socket option */
|
||||
#define ESP_ERR_MBEDTLS_CERT_PARTLY_OK (ESP_ERR_ESP_TLS_BASE + 0x06) /*!< mbedtls parse certificates was partly successful */
|
||||
#define ESP_ERR_MBEDTLS_CTR_DRBG_SEED_FAILED (ESP_ERR_ESP_TLS_BASE + 0x07) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_SET_HOSTNAME_FAILED (ESP_ERR_ESP_TLS_BASE + 0x08) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED (ESP_ERR_ESP_TLS_BASE + 0x09) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED (ESP_ERR_ESP_TLS_BASE + 0x0A) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_X509_CRT_PARSE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x0B) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONF_OWN_CERT_FAILED (ESP_ERR_ESP_TLS_BASE + 0x0C) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x0D) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_WRITE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x0E) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_PK_PARSE_KEY_FAILED (ESP_ERR_ESP_TLS_BASE + 0x0F) /*!< mbedtls api returned failed */
|
||||
#define ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x10) /*!< mbedtls api returned failed */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONF_PSK_FAILED (ESP_ERR_ESP_TLS_BASE + 0x11) /*!< mbedtls api returned failed */
|
||||
#define ESP_ERR_ESP_TLS_CONNECTION_TIMEOUT (ESP_ERR_ESP_TLS_BASE + 0x12) /*!< new connection in esp_tls_low_level_conn connection timeouted */
|
||||
#define ESP_ERR_WOLFSSL_SSL_SET_HOSTNAME_FAILED (ESP_ERR_ESP_TLS_BASE + 0x13) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_SSL_CONF_ALPN_PROTOCOLS_FAILED (ESP_ERR_ESP_TLS_BASE + 0x14) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_CERT_VERIFY_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x15) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_KEY_VERIFY_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x16) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_SSL_HANDSHAKE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x17) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_WOLFSSL_CTX_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x18) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_WOLFSSL_SSL_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x19) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_WOLFSSL_SSL_WRITE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x1A) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_ESP_TLS_CONNECTION_TIMEOUT (ESP_ERR_ESP_TLS_BASE + 0x06) /*!< new connection in esp_tls_low_level_conn connection timeouted */
|
||||
#define ESP_ERR_ESP_TLS_SE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x07) /*< esp-tls use Secure Element returned failed */
|
||||
#define ESP_ERR_ESP_TLS_TCP_CLOSED_FIN (ESP_ERR_ESP_TLS_BASE + 0x08) /*< esp-tls's TPC transport connection has benn closed (in a clean way) */
|
||||
|
||||
/* mbedtls specific error codes */
|
||||
#define ESP_ERR_MBEDTLS_CERT_PARTLY_OK (ESP_ERR_ESP_TLS_BASE + 0x10) /*!< mbedtls parse certificates was partly successful */
|
||||
#define ESP_ERR_MBEDTLS_CTR_DRBG_SEED_FAILED (ESP_ERR_ESP_TLS_BASE + 0x11) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_SET_HOSTNAME_FAILED (ESP_ERR_ESP_TLS_BASE + 0x12) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONFIG_DEFAULTS_FAILED (ESP_ERR_ESP_TLS_BASE + 0x13) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONF_ALPN_PROTOCOLS_FAILED (ESP_ERR_ESP_TLS_BASE + 0x14) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_X509_CRT_PARSE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x15) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONF_OWN_CERT_FAILED (ESP_ERR_ESP_TLS_BASE + 0x16) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x17) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_SSL_WRITE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x18) /*!< mbedtls api returned error */
|
||||
#define ESP_ERR_MBEDTLS_PK_PARSE_KEY_FAILED (ESP_ERR_ESP_TLS_BASE + 0x19) /*!< mbedtls api returned failed */
|
||||
#define ESP_ERR_MBEDTLS_SSL_HANDSHAKE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x1A) /*!< mbedtls api returned failed */
|
||||
#define ESP_ERR_MBEDTLS_SSL_CONF_PSK_FAILED (ESP_ERR_ESP_TLS_BASE + 0x1B) /*!< mbedtls api returned failed */
|
||||
#define ESP_ERR_MBEDTLS_SSL_TICKET_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x1C) /*!< mbedtls api returned failed */
|
||||
|
||||
/* wolfssl specific error codes */
|
||||
#define ESP_ERR_WOLFSSL_SSL_SET_HOSTNAME_FAILED (ESP_ERR_ESP_TLS_BASE + 0x31) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_SSL_CONF_ALPN_PROTOCOLS_FAILED (ESP_ERR_ESP_TLS_BASE + 0x32) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_CERT_VERIFY_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x33) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_KEY_VERIFY_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x34) /*!< wolfSSL api returned error */
|
||||
#define ESP_ERR_WOLFSSL_SSL_HANDSHAKE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x35) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_WOLFSSL_CTX_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x36) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_WOLFSSL_SSL_SETUP_FAILED (ESP_ERR_ESP_TLS_BASE + 0x37) /*!< wolfSSL api returned failed */
|
||||
#define ESP_ERR_WOLFSSL_SSL_WRITE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x38) /*!< wolfSSL api returned failed */
|
||||
|
||||
#define ESP_ERR_ESP_TLS_SE_FAILED (ESP_ERR_ESP_TLS_BASE + 0x1B) /*< esp-tls use Secure Element returned failed */
|
||||
#define ESP_ERR_ESP_TLS_TCP_CLOSED_FIN (ESP_ERR_ESP_TLS_BASE + 0x1C) /*< esp-tls's TPC transport connection has benn closed (in a clean way) */
|
||||
|
||||
/**
|
||||
* Definition of errors reported from IO API (potentially non-blocking) in case of error:
|
||||
|
||||
@ -76,6 +76,22 @@ int esp_mbedtls_server_session_create(esp_tls_cfg_server_t *cfg, int sockfd, esp
|
||||
* /note :- The function can only be used with mbedtls ssl library
|
||||
*/
|
||||
void esp_mbedtls_server_session_delete(esp_tls_t *tls);
|
||||
|
||||
#ifdef CONFIG_ESP_TLS_SERVER_SESSION_TICKETS
|
||||
/**
|
||||
* Internal function to setup server side session ticket context
|
||||
*
|
||||
* /note :- The function can only be used with mbedtls ssl library
|
||||
*/
|
||||
esp_err_t esp_mbedtls_server_session_ticket_ctx_init(esp_tls_server_session_ticket_ctx_t *cfg);
|
||||
|
||||
/**
|
||||
* Internal function to free server side session ticket context
|
||||
*
|
||||
* /note :- The function can only be used with mbedtls ssl library
|
||||
*/
|
||||
void esp_mbedtls_server_session_ticket_ctx_free(esp_tls_server_session_ticket_ctx_t *cfg);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/**
|
||||
@ -83,6 +99,13 @@ void esp_mbedtls_server_session_delete(esp_tls_t *tls);
|
||||
*/
|
||||
esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t *cfg, esp_tls_t *tls);
|
||||
|
||||
#ifdef CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS
|
||||
/**
|
||||
* Internal Callback for mbedtls_get_client_session
|
||||
*/
|
||||
esp_tls_client_session_t *esp_mbedtls_get_client_session(esp_tls_t *tls);
|
||||
#endif
|
||||
|
||||
/**
|
||||
* Internal Callback for mbedtls_init_global_ca_store
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user