Merge branch 'feat/configurable_mbedtls_sha1_v5.3' into 'release/v5.3'

feat(mbedtls): Make mbedtls SHA1 support configurable (v5.3)

See merge request espressif/esp-idf!37981

components/esp-tls/esp-tls-crypto/esp_tls_crypto.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -7,10 +7,12 @@
 #include "esp_tls_crypto.h"
 #include "esp_log.h"
 #include "esp_err.h"
-static const char *TAG = "esp_crypto";
+#include "sdkconfig.h"
+__attribute__((unused)) static const char *TAG = "esp_crypto";
 #ifdef CONFIG_ESP_TLS_USING_MBEDTLS
 #include "mbedtls/sha1.h"
 #include "mbedtls/base64.h"
+#include "mbedtls/error.h"
 #define _esp_crypto_sha1 esp_crypto_sha1_mbedtls
 #define _esp_crypto_base64_encode esp_crypto_bas64_encode_mbedtls
 #elif  CONFIG_ESP_TLS_USING_WOLFSSL
@@ -25,11 +27,34 @@ static int esp_crypto_sha1_mbedtls( const unsigned char *input,
                                     size_t ilen,
                                     unsigned char output[20])
 {
-    int ret = mbedtls_sha1(input, ilen, output);
+#if CONFIG_MBEDTLS_SHA1_C || CONFIG_MBEDTLS_HARDWARE_SHA
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_sha1_context ctx;
+
+    mbedtls_sha1_init(&ctx);
+
+    if ((ret = mbedtls_sha1_starts(&ctx)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha1_update(&ctx, input, ilen)) != 0) {
+        goto exit;
+    }
+
+    if ((ret = mbedtls_sha1_finish(&ctx, output)) != 0) {
+        goto exit;
+    }
+
+exit:
+    mbedtls_sha1_free(&ctx);
     if (ret != 0) {
         ESP_LOGE(TAG, "Error in calculating sha1 sum , Returned 0x%02X", ret);
     }
     return ret;
+#else
+    ESP_LOGE(TAG, "Please enable CONFIG_MBEDTLS_SHA1_C or CONFIG_MBEDTLS_HARDWARE_SHA to support SHA1 operations");
+    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
+#endif /*  CONFIG_MBEDTLS_SHA1_C || CONFIG_MBEDTLS_HARDWARE_SHA*/
 }
 
 static int esp_crypto_bas64_encode_mbedtls( unsigned char *dst, size_t dlen,

components/esp_http_server/src/httpd_ws.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -13,10 +13,12 @@
 #include <esp_err.h>
 #include <mbedtls/sha1.h>
 #include <mbedtls/base64.h>
+#include <mbedtls/error.h>
 
 #include <esp_http_server.h>
 #include "esp_httpd_priv.h"
 #include "freertos/event_groups.h"
+#include "sdkconfig.h"
 
 #ifdef CONFIG_HTTPD_WS_SUPPORT
 
@@ -51,23 +53,23 @@ static const char *TAG="httpd_ws";
  */
 static const char ws_magic_uuid[] = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
 
-/* Checks if any subprotocols from the comma seperated list matches the supported one
+/* Checks if any subprotocols from the comma separated list matches the supported one
  *
  * Returns true if the response should contain a protocol field
 */
 
 /**
- * @brief Checks if any subprotocols from the comma seperated list matches the supported one
+ * @brief Checks if any subprotocols from the comma separated list matches the supported one
  *
  * @param supported_subprotocol[in] The subprotocol supported by the URI
- * @param subprotocol[in],  [in]: A comma seperate list of subprotocols requested
+ * @param subprotocol[in],  [in]: A comma separate list of subprotocols requested
  * @param buf_len Length of the buffer
  * @return true: found a matching subprotocol
  * @return false
  */
 static bool httpd_ws_get_response_subprotocol(const char *supported_subprotocol, char *subprotocol, size_t buf_len)
 {
-    /* Request didnt contain any subprotocols */
+    /* Request didn't contain any subprotocols */
     if (strnlen(subprotocol, buf_len) == 0) {
         return false;
     }
@@ -77,7 +79,7 @@ static bool httpd_ws_get_response_subprotocol(const char *supported_subprotocol,
         return false;
     }
 
-    /* Get first subprotocol from comma seperated list */
+    /* Get first subprotocol from comma separated list */
     char *rest = NULL;
     char *s = strtok_r(subprotocol, ", ", &rest);
     do {
@@ -143,7 +145,34 @@ esp_err_t httpd_ws_respond_server_handshake(httpd_req_t *req, const char *suppor
 
     /* Generate SHA-1 first and then encode to Base64 */
     size_t key_len = strlen(server_raw_text);
-    mbedtls_sha1((uint8_t *)server_raw_text, key_len, server_key_hash);
+
+#if CONFIG_MBEDTLS_SHA1_C || CONFIG_MBEDTLS_HARDWARE_SHA
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_sha1_context ctx;
+    mbedtls_sha1_init(&ctx);
+
+    if ((ret = mbedtls_sha1_starts(&ctx)) != 0) {
+        goto sha_end;
+    }
+
+    if ((ret = mbedtls_sha1_update(&ctx, (uint8_t *)server_raw_text, key_len)) != 0) {
+        goto sha_end;
+    }
+
+    if ((ret = mbedtls_sha1_finish(&ctx, server_key_hash)) != 0) {
+        goto sha_end;
+    }
+
+sha_end:
+    mbedtls_sha1_free(&ctx);
+    if (ret != 0) {
+        ESP_LOGE(TAG, "Error in calculating SHA1 sum , returned 0x%02X", ret);
+        return ESP_FAIL;
+    }
+#else
+    ESP_LOGE(TAG, "Please enable CONFIG_MBEDTLS_SHA1_C or CONFIG_MBEDTLS_HARDWARE_SHA to support SHA1 operations");
+    return ESP_FAIL;
+#endif /* CONFIG_MBEDTLS_SHA1_C || CONFIG_MBEDTLS_HARDWARE_SHA */
 
     size_t encoded_len = 0;
     mbedtls_base64_encode((uint8_t *)server_key_encoded, sizeof(server_key_encoded), &encoded_len,
@@ -153,7 +182,7 @@ esp_err_t httpd_ws_respond_server_handshake(httpd_req_t *req, const char *suppor
 
     char subprotocol[50] = { '\0' };
     if (httpd_req_get_hdr_value_str(req, "Sec-WebSocket-Protocol", subprotocol, sizeof(subprotocol) - 1) == ESP_ERR_HTTPD_RESULT_TRUNC) {
-        ESP_LOGW(TAG, "Sec-WebSocket-Protocol length exceeded buffer size of %"NEWLIB_NANO_COMPAT_FORMAT", was trunctated", NEWLIB_NANO_COMPAT_CAST(sizeof(subprotocol)));
+        ESP_LOGW(TAG, "Sec-WebSocket-Protocol length exceeded buffer size of %"NEWLIB_NANO_COMPAT_FORMAT", was truncated", NEWLIB_NANO_COMPAT_CAST(sizeof(subprotocol)));
     }
 
 

components/mbedtls/Kconfig

@@ -698,6 +698,21 @@ menu "mbedTLS"
             Standard ECDSA is "fragile" in the sense that lack of entropy when signing
             may result in a compromise of the long-term signing key.
 
+    config MBEDTLS_SHA1_C
+        bool "Enable the SHA-1 cryptographic hash algorithm"
+        default y
+        help
+            Enabling MBEDTLS_SHA1_C adds support for SHA-1.
+            SHA-1 is considered a weak message digest and its use constitutes
+            a security risk.
+            Disabling this configuration option could impact TLS 1.2 / Wi-Fi Enterprise compatibility
+            with certain older certificates that rely on SHA-1 for digital signatures.
+            Before proceeding, ensure that all your certificates are using stronger hash algorithms,
+            such as SHA-256 (part of the SHA-2 family).
+            If you're using older certificates or if you're unsure about the impact on your product,
+            please consider testing the changes in a controlled environment for individual features
+            like OTA updates, cloud connectivity, secure local control, etc.
+
     config MBEDTLS_SHA512_C
         bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms"
         default y

components/mbedtls/port/include/mbedtls/esp_config.h

@@ -2490,8 +2490,11 @@
  *            on it, and considering stronger message digests instead.
  *
  */
+#if CONFIG_MBEDTLS_SHA1_C
 #define MBEDTLS_SHA1_C
-
+#else
+#undef MBEDTLS_SHA1_C
+#endif
 /**
  * \def MBEDTLS_SHA224_C
  *

components/mbedtls/port/mbedtls_rom/mbedtls_rom_osi.h

@@ -38,6 +38,7 @@
 #include "mbedtls/ssl.h"
 #include "mbedtls/x509_crt.h"
 #include "mbedtls/x509.h"
+#include "soc/soc_caps.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -676,9 +677,7 @@ STRUCT_OFFSET_CHECK(mbedtls_sha1_context, first_block, 92);
 STRUCT_OFFSET_CHECK(mbedtls_sha1_context, mode, 96);
 STRUCT_OFFSET_CHECK(mbedtls_sha1_context, sha_state, 100);
 STRUCT_SIZE_CHECK(mbedtls_sha1_context, 104);
-#if (!defined(MBEDTLS_SHA1_C)) || \
+#if !(defined(MBEDTLS_SHA1_C) || (defined(MBEDTLS_SHA1_ALT) && SOC_SHA_SUPPORT_SHA1))
-    (!defined(MBEDTLS_SHA1_ALT)) || \
-    (defined(MBEDTLS_SHA1_PROCESS_ALT))
 #error "MBEDTLS_SHA1_C"
 #endif
 
@@ -690,11 +689,8 @@ STRUCT_OFFSET_CHECK(mbedtls_sha256_context, first_block, 104);
 STRUCT_OFFSET_CHECK(mbedtls_sha256_context, mode, 108);
 STRUCT_OFFSET_CHECK(mbedtls_sha256_context, sha_state, 112);
 STRUCT_SIZE_CHECK(mbedtls_sha256_context, 116);
-#if (!defined(MBEDTLS_SHA256_C)) || \
+#if !(defined(MBEDTLS_SHA256_C) || (defined(MBEDTLS_SHA256_ALT) && SOC_SHA_SUPPORT_SHA256))
-    (!defined(MBEDTLS_SHA256_ALT)) || \
+#error "MBEDTLS_SHA256_C"
-    (defined(MBEDTLS_SHA256_PROCESS_ALT)) || \
-    (defined(MBEDTLS_SHA256_SMALLER))
-#error "!MBEDTLS_SHA256_C"
 #endif
 
 /* sha512.c */
@@ -703,10 +699,8 @@ STRUCT_OFFSET_CHECK(mbedtls_sha512_context, MBEDTLS_PRIVATE(state), 16);
 STRUCT_OFFSET_CHECK(mbedtls_sha512_context, MBEDTLS_PRIVATE(buffer), 80);
 STRUCT_OFFSET_CHECK(mbedtls_sha512_context, MBEDTLS_PRIVATE(is384), 208);
 STRUCT_SIZE_CHECK(mbedtls_sha512_context, 216);
-#if (!defined(MBEDTLS_SHA512_C)) || \
+#if !(defined(MBEDTLS_SHA512_C) || (defined(MBEDTLS_SHA512_ALT) && SOC_SHA_SUPPORT_SHA512))
-    (defined(MBEDTLS_SHA512_ALT)) || \
+#error "MBEDTLS_SHA512_C"
-    (defined(MBEDTLS_SHA512_PROCESS_ALT))
-#error "MBEDTLS_SHA256_C"
 #endif
 
 /* aes.c */

components/mbedtls/port/sha/block/esp_sha1.c

@@ -15,7 +15,7 @@
 
 #include <mbedtls/build_info.h>
 
-#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_SHA1_ALT)
+#if defined(MBEDTLS_SHA1_ALT)
 
 #include "mbedtls/sha1.h"
 
@@ -217,4 +217,4 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
     return ret;
 }
 
-#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */
+#endif /* MBEDTLS_SHA1_ALT */

components/mbedtls/port/sha/dma/esp_sha1.c

@@ -15,7 +15,7 @@
 
 #include <mbedtls/build_info.h>
 
-#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_SHA1_ALT)
+#if defined(MBEDTLS_SHA1_ALT)
 
 #include "mbedtls/sha1.h"
 
@@ -217,4 +217,4 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
     return ret;
 }
 
-#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */
+#endif /* MBEDTLS_SHA1_ALT */

components/mbedtls/port/sha/parallel_engine/esp_sha1.c

@@ -17,7 +17,7 @@
 
 #include <mbedtls/build_info.h>
 
-#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_SHA1_ALT)
+#if defined(MBEDTLS_SHA1_ALT)
 
 #include "mbedtls/sha1.h"
 
@@ -420,4 +420,4 @@ out:
     return ret;
 }
 
-#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */
+#endif /* MBEDTLS_SHA1_ALT */

components/mbedtls/test_apps/main/test_mbedtls_sha.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -27,9 +27,13 @@
 TEST_CASE("mbedtls SHA self-tests", "[mbedtls]")
 {
     start_apb_access_loop();
+#if CONFIG_MBEDTLS_SHA1_C
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha1_self_test(1), "SHA1 self-tests should pass.");
+#endif
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha256_self_test(1), "SHA256 self-tests should pass.");
+#if CONFIG_MBEDTLS_SHA512_C
     TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha512_self_test(1), "SHA512 self-tests should pass.");
+#endif
     verify_apb_access_loop();
 }
 
@@ -158,17 +162,19 @@ TEST_CASE("mbedtls SHA multithreading", "[mbedtls]")
 void tskRunSHASelftests(void *param)
 {
     for (int i = 0; i < 5; i++) {
+#if CONFIG_MBEDTLS_SHA1_C
         if (mbedtls_sha1_self_test(1)) {
             printf("SHA1 self-tests failed.\n");
             while (1) {}
         }
+#endif
 
         if (mbedtls_sha256_self_test(1)) {
             printf("SHA256 self-tests failed.\n");
             while (1) {}
         }
 
-#if SOC_SHA_SUPPORT_SHA512
+#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
         if (mbedtls_sha512_self_test(1)) {
             printf("SHA512 self-tests failed.\n");
             while (1) {}
@@ -178,7 +184,7 @@ void tskRunSHASelftests(void *param)
             printf("SHA512 self-tests failed.\n");
             while (1) {}
         }
-#endif //SOC_SHA_SUPPORT_SHA512
+#endif //SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
     }
     xSemaphoreGive(done_sem);
     vTaskDelete(NULL);
@@ -249,7 +255,7 @@ TEST_CASE("mbedtls SHA384 clone", "[mbedtls]")
         TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&ctx, one_hundred_bs, 100));
         TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&clone, one_hundred_bs, 100));
     }
-/* intended warning supression: is384 == true */
+/* intended warning suppression: is384 == true */
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wstringop-overflow"
     TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&ctx, sha384));

components/mbedtls/test_apps/main/test_rsa.c

@@ -3,7 +3,7 @@
  * Focus on testing functionality where we use ESP32 hardware
  * accelerated crypto features
  *
- * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -88,25 +88,33 @@ static const char *rsa3072_cert = "-----BEGIN CERTIFICATE-----\n"\
 /* Root cert from openssl s_client -connect google.com:443 -showcerts
  */
 static const char *rsa2048_cert = "-----BEGIN CERTIFICATE-----\n"\
-    "MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT\n"\
+    "MIIFCzCCAvOgAwIBAgIQf/AFoHxM3tEArZ1mpRB7mDANBgkqhkiG9w0BAQsFADBH\n"\
-    "MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0\n"\
+    "MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\n"\
-    "aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw\n"\
+    "QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIw\n"\
-    "WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE\n"\
+    "MTQwMDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNl\n"\
-    "AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"\
+    "cnZpY2VzMQwwCgYDVQQDEwNXUjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"\
-    "CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m\n"\
+    "AoIBAQCp/5x/RR5wqFOfytnlDd5GV1d9vI+aWqxG8YSau5HbyfsvAfuSCQAWXqAc\n"\
-    "OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu\n"\
+    "+MGr+XgvSszYhaLYWTwO0xj7sfUkDSbutltkdnwUxy96zqhMt/TZCPzfhyM1IKji\n"\
-    "T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c\n"\
+    "aeKMTj+xWfpgoh6zySBTGYLKNlNtYE3pAJH8do1cCA8Kwtzxc2vFE24KT3rC8gIc\n"\
-    "JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR\n"\
+    "LrRjg9ox9i11MLL7q8Ju26nADrn5Z9TDJVd06wW06Y613ijNzHoU5HEDy01hLmFX\n"\
-    "Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz\n"\
+    "xRmpC5iEGuh5KdmyjS//V2pm4M6rlagplmNwEmceOuHbsCFx13ye/aoXbv4r+zgX\n"\
-    "PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm\n"\
+    "FNFmp6+atXDMyGOBOozAKql2N87jAgMBAAGjgf4wgfswDgYDVR0PAQH/BAQDAgGG\n"\
-    "aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM\n"\
+    "MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/\n"\
-    "TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g\n"\
+    "AgEAMB0GA1UdDgQWBBTeGx7teRXUPjckwyG77DQ5bUKyMDAfBgNVHSMEGDAWgBTk\n"\
-    "LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO\n"\
+    "rysmcRorSCeFL1JmLO/wiRNxPjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAKG\n"\
-    "BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv\n"\
+    "GGh0dHA6Ly9pLnBraS5nb29nL3IxLmNydDArBgNVHR8EJDAiMCCgHqAchhpodHRw\n"\
-    "dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB\n"\
+    "Oi8vYy5wa2kuZ29vZy9yL3IxLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATANBgkq\n"\
-    "AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL\n"\
+    "hkiG9w0BAQsFAAOCAgEARXWL5R87RBOWGqtY8TXJbz3S0DNKhjO6V1FP7sQ02hYS\n"\
-    "NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W\n"\
+    "TL8Tnw3UVOlIecAwPJQl8hr0ujKUtjNyC4XuCRElNJThb0Lbgpt7fyqaqf9/qdLe\n"\
-    "b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S\n"\
+    "SiDLs/sDA7j4BwXaWZIvGEaYzq9yviQmsR4ATb0IrZNBRAq7x9UBhb+TV+PfdBJT\n"\
+    "DhEl05vc3ssnbrPCuTNiOcLgNeFbpwkuGcuRKnZc8d/KI4RApW//mkHgte8y0YWu\n"\
+    "ryUJ8GLFbsLIbjL9uNrizkqRSvOFVU6xddZIMy9vhNkSXJ/UcZhjJY1pXAprffJB\n"\
+    "vei7j+Qi151lRehMCofa6WBmiA4fx+FOVsV2/7R6V2nyAiIJJkEd2nSi5SnzxJrl\n"\
+    "Xdaqev3htytmOPvoKWa676ATL/hzfvDaQBEcXd2Ppvy+275W+DKcH0FBbX62xevG\n"\
+    "iza3F4ydzxl6NJ8hk8R+dDXSqv1MbRT1ybB5W0k8878XSOjvmiYTDIfyc9acxVJr\n"\
+    "Y/cykHipa+te1pOhv7wYPYtZ9orGBV5SGOJm4NrB3K1aJar0RfzxC3ikr7Dyc6Qw\n"\
+    "qDTBU39CluVIQeuQRgwG3MuSxl7zRERDRilGoKb8uY45JzmxWuKxrfwT/478JuHU\n"\
+    "/oTxUFqOl2stKnn7QGTq8z29W+GgBLCXSBxC9epaHM0myFH/FJlniXJfHeytWt0=\n"\
     "-----END CERTIFICATE-----\n";
 
 
@@ -211,38 +219,38 @@ static const uint8_t pki_rsa3072_output[] = {
 };
 
 static const uint8_t pki_rsa2048_output[] = {
-    0x47, 0x0b, 0xe5, 0x8a, 0xcd, 0x2f, 0x78, 0x07,
+    0x3c, 0xd6, 0xc2, 0xbf, 0x01, 0x4a, 0x00, 0x95,
-    0x69, 0x69, 0x70, 0xff, 0x81, 0xdf, 0x96, 0xf0,
+    0x2c, 0x32, 0x11, 0xc0, 0xc9, 0x7e, 0x8f, 0x0a,
-    0xed, 0x82, 0x3a, 0x3d, 0x46, 0xab, 0xe9, 0xc3,
+    0x15, 0xee, 0xfb, 0x34, 0x1d, 0xaa, 0xae, 0x15,
-    0xb5, 0xd9, 0xca, 0xa2, 0x05, 0xa9, 0xf6, 0x6e,
+    0x11, 0x6d, 0x99, 0x2b, 0x09, 0xeb, 0x3f, 0x89,
-    0xad, 0x6c, 0xe0, 0xd1, 0xa2, 0xb4, 0xf2, 0x78,
+    0x46, 0x98, 0x08, 0x2f, 0x10, 0x13, 0xa1, 0x17,
-    0x4a, 0x93, 0xfc, 0x45, 0xe1, 0x9b, 0xdd, 0x62,
+    0xc7, 0xec, 0x67, 0x3a, 0x34, 0x4f, 0x40, 0xcd,
-    0xf9, 0x66, 0x2a, 0x14, 0x38, 0x12, 0xb6, 0x50,
+    0xe2, 0xc0, 0xbe, 0x99, 0xc7, 0xe7, 0xff, 0xea,
-    0x0b, 0xe3, 0x53, 0x9c, 0x12, 0x56, 0xf1, 0xb7,
+    0xd0, 0x82, 0xd2, 0x62, 0x73, 0xde, 0x56, 0xe8,
-    0x83, 0xd5, 0xf3, 0x24, 0x81, 0xcc, 0x5a, 0xeb,
+    0xb6, 0xa7, 0xe7, 0xe1, 0x64, 0x90, 0x00, 0x56,
-    0xec, 0xac, 0x68, 0xa8, 0x0c, 0xd7, 0x84, 0x7a,
+    0x1d, 0x2c, 0x1c, 0xc5, 0xec, 0x7f, 0xb1, 0x87,
-    0xbb, 0x77, 0x7b, 0xd5, 0x5b, 0xcf, 0x7b, 0x25,
+    0x59, 0xb1, 0xd6, 0x44, 0x0f, 0x67, 0x35, 0xb4,
-    0xd0, 0x75, 0x80, 0x21, 0x12, 0x97, 0x6b, 0xe1,
+    0x91, 0x49, 0xed, 0x10, 0x4c, 0xef, 0xe5, 0xc8,
-    0xb6, 0x51, 0x12, 0x52, 0x6e, 0x01, 0x92, 0xb7,
+    0xea, 0x0d, 0xbd, 0xaf, 0xb9, 0xad, 0x12, 0x41,
-    0xcc, 0x70, 0x4b, 0x46, 0x11, 0x98, 0x5a, 0x84,
+    0xaa, 0xf4, 0x68, 0x54, 0x08, 0xec, 0x70, 0x8c,
-    0x1c, 0x90, 0x45, 0x0f, 0x15, 0x77, 0xdb, 0x79,
+    0xac, 0x6b, 0x57, 0xcf, 0x0a, 0x0c, 0x08, 0x34,
-    0xe8, 0xff, 0x1f, 0xaa, 0x58, 0x95, 0xce, 0x3c,
+    0x28, 0x29, 0x27, 0xa4, 0x71, 0x80, 0x43, 0x59,
-    0x65, 0x0c, 0x66, 0x29, 0xe1, 0x9c, 0x41, 0xbb,
+    0xd9, 0x35, 0x88, 0x28, 0x1d, 0xfa, 0x0b, 0x72,
-    0xde, 0x65, 0xb8, 0x29, 0x36, 0x94, 0xbd, 0x87,
+    0xa0, 0xe1, 0x03, 0x65, 0x7a, 0xf8, 0x1c, 0x76,
-    0x93, 0x39, 0xc5, 0xeb, 0x49, 0x21, 0xc1, 0xeb,
+    0x9a, 0xad, 0x21, 0x23, 0x11, 0x2f, 0x45, 0x40,
-    0x48, 0xbd, 0x19, 0x13, 0x4d, 0x40, 0x90, 0x88,
+    0x72, 0x05, 0x69, 0x1b, 0x2a, 0x74, 0x9f, 0x95,
-    0xc6, 0x12, 0xd9, 0xf7, 0xdd, 0xc8, 0x4f, 0x89,
+    0x44, 0x60, 0x05, 0x6a, 0x17, 0x80, 0x4a, 0xa0,
-    0xc0, 0x91, 0xf8, 0xeb, 0xcf, 0xe3, 0x12, 0x17,
+    0xed, 0x23, 0xa6, 0xef, 0x79, 0x5d, 0x83, 0xd8,
-    0x88, 0x9c, 0x88, 0xf4, 0xf5, 0xae, 0xf4, 0x15,
+    0x8d, 0xd8, 0xe1, 0x4c, 0x5e, 0xf8, 0xfa, 0x11,
-    0xfe, 0x17, 0xf6, 0xa4, 0x74, 0x49, 0x02, 0x05,
+    0x57, 0xbe, 0xca, 0x22, 0x93, 0x5b, 0xe6, 0x8b,
-    0x11, 0x3b, 0x92, 0x25, 0x39, 0x2c, 0x4b, 0x08,
+    0xe1, 0x31, 0xde, 0x70, 0x80, 0x4a, 0xa2, 0xd3,
-    0x19, 0x76, 0x13, 0x8d, 0xf9, 0xda, 0xae, 0xdf,
+    0x91, 0xe8, 0xde, 0x88, 0xa2, 0x98, 0x73, 0x49,
-    0x30, 0xda, 0xcc, 0xbb, 0x3f, 0xb9, 0xb0, 0xd6,
+    0x0d, 0x26, 0xe1, 0x42, 0xd7, 0xb9, 0x5e, 0xf6,
-    0x5c, 0x78, 0x4b, 0x2b, 0x35, 0x51, 0x17, 0x48,
+    0x05, 0x09, 0x27, 0xc6, 0x8c, 0xc2, 0xb1, 0x53,
-    0xf5, 0xd4, 0x39, 0x7e, 0x05, 0x83, 0x68, 0x86,
+    0x5f, 0x19, 0xaf, 0x2b, 0xfe, 0xac, 0x6a, 0x27,
-    0x44, 0x5f, 0x56, 0x1d, 0x2c, 0x53, 0xd3, 0x64,
+    0xde, 0x89, 0xbc, 0x72, 0x3e, 0xd5, 0x9f, 0x36,
-    0x3a, 0xb2, 0x0c, 0x4a, 0x85, 0xd6, 0x5b, 0x7e,
+    0xc2, 0x91, 0x68, 0x30, 0xe7, 0x76, 0x96, 0x56,
-    0xf9, 0xe9, 0x50, 0x29, 0x5d, 0x4f, 0xcc, 0xc9,
+    0x8f, 0x01, 0xc4, 0x5b, 0xb7, 0xb3, 0x90, 0x7f,
 };
 
 #ifdef CONFIG_MBEDTLS_HARDWARE_MPI
@@ -573,7 +581,7 @@ TEST_CASE("mbedtls RSA Generate Key", "[mbedtls][timeout=60]")
     const int exponent = 65537;
 
 #if CONFIG_MBEDTLS_MPI_USE_INTERRUPT && CONFIG_ESP_TASK_WDT_EN && !CONFIG_ESP_TASK_WDT_INIT
-    /* Check that generating keys doesnt starve the watchdog if interrupt-based driver is used */
+    /* Check that generating keys doesn't starve the watchdog if interrupt-based driver is used */
     esp_task_wdt_config_t twdt_config = {
         .timeout_ms = 1000,
         .idle_core_mask = (1 << 0), // Watch core 0 idle

components/mbedtls/test_apps/main/test_sha.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -94,14 +94,17 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]")
 
 TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
 {
+    int r = -1;
     const void* ptr;
     spi_flash_mmap_handle_t handle;
+#if CONFIG_MBEDTLS_SHA1_C
     uint8_t sha1_espsha[20] = { 0 };
     uint8_t sha1_mbedtls[20] = { 0 };
+#endif
     uint8_t sha256_espsha[32] = { 0 };
     uint8_t sha256_mbedtls[32] = { 0 };
 
-#if SOC_SHA_SUPPORT_SHA512
+#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
     uint8_t sha512_espsha[64] = { 0 };
     uint8_t sha512_mbedtls[64] = { 0 };
 #endif
@@ -115,16 +118,17 @@ TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
     TEST_ASSERT_NOT_NULL(ptr);
 
     /* Compare esp_sha() result to the mbedTLS result, should always be the same */
-
+#if CONFIG_MBEDTLS_SHA1_C
     esp_sha(SHA1, ptr, LEN, sha1_espsha);
-    int r = mbedtls_sha1(ptr, LEN, sha1_mbedtls);
+    r = mbedtls_sha1(ptr, LEN, sha1_mbedtls);
     TEST_ASSERT_EQUAL(0, r);
+#endif
 
     esp_sha(SHA2_256, ptr, LEN, sha256_espsha);
     r = mbedtls_sha256(ptr, LEN, sha256_mbedtls, 0);
     TEST_ASSERT_EQUAL(0, r);
 
-#if SOC_SHA_SUPPORT_SHA512
+#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
     esp_sha(SHA2_512, ptr, LEN, sha512_espsha);
     r = mbedtls_sha512(ptr, LEN, sha512_mbedtls, 0);
     TEST_ASSERT_EQUAL(0, r);
@@ -133,11 +137,13 @@ TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
     /* munmap() 1MB of flash when the usge of memory-mapped ptr is over */
     spi_flash_munmap(handle);
 
+#if CONFIG_MBEDTLS_SHA1_C
     TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match");
+#endif
 
     TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match");
 
-#if SOC_SHA_SUPPORT_SHA512
+#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
     TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match");
 #endif
 }

components/wpa_supplicant/CMakeLists.txt

@@ -114,7 +114,6 @@ endif()
 
 if(CONFIG_ESP_WIFI_MBEDTLS_CRYPTO)
     set(crypto_src
-    "esp_supplicant/src/crypto/fastpbkdf2.c"
     "esp_supplicant/src/crypto/crypto_mbedtls.c"
     "esp_supplicant/src/crypto/crypto_mbedtls-bignum.c"
     "esp_supplicant/src/crypto/crypto_mbedtls-rsa.c"
@@ -127,6 +126,16 @@ if(CONFIG_ESP_WIFI_MBEDTLS_CRYPTO)
     if(NOT CONFIG_MBEDTLS_DES_C)
         set(crypto_src ${crypto_src} "src/crypto/des-internal.c")
     endif()
+    if(NOT CONFIG_MBEDTLS_SHA1_C AND NOT CONFIG_MBEDTLS_HARDWARE_SHA)
+        set(crypto_src ${crypto_src} "src/crypto/sha1-pbkdf2.c"
+                       ${crypto_src} "src/crypto/sha1.c"
+                       ${crypto_src} "src/crypto/sha1-internal.c")
+    else()
+        set(crypto_src ${crypto_src} "esp_supplicant/src/crypto/fastpbkdf2.c")
+    endif()
+    if(NOT CONFIG_MBEDTLS_SHA1_C AND CONFIG_MBEDTLS_HARDWARE_SHA)
+        set(crypto_src ${crypto_src} "src/crypto/sha1.c")
+    endif()
     # Enabling this only for WiFi is probably not a good idea since MbedTLS
     # uses generic crypto init/update functions for this. That causes
     # binary size increment since all the other enabled module
@@ -257,9 +266,12 @@ target_compile_definitions(${COMPONENT_LIB} PRIVATE
     CONFIG_IEEE80211W
     CONFIG_SHA256
     CONFIG_NO_RADIUS
-    CONFIG_FAST_PBKDF2
     )
 
+if(CONFIG_MBEDTLS_SHA1_C OR CONFIG_MBEDTLS_HARDWARE_SHA)
+    target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_FAST_PBKDF2)
+endif()
+
 if(CONFIG_ESP_WIFI_ENABLE_WPA3_SAE)
     target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_WPA3_SAE)
 endif()
@@ -311,7 +323,8 @@ if(NOT CONFIG_ESP_WIFI_MBEDTLS_TLS_CLIENT)
 endif()
 if(CONFIG_ESP_WIFI_MBEDTLS_CRYPTO)
     target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_CRYPTO_MBEDTLS)
-else()
+endif()
+if(NOT CONFIG_MBEDTLS_SHA1_C AND NOT CONFIG_MBEDTLS_HARDWARE_SHA)
     target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_CRYPTO_INTERNAL)
 endif()
 if(CONFIG_ESP_WIFI_WPS_SOFTAP_REGISTRAR)

components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c

@@ -7,6 +7,7 @@
 #include "esp_system.h"
 #endif
 
+#include <errno.h>
 #include "utils/includes.h"
 #include "utils/common.h"
 #include "crypto.h"
@@ -35,6 +36,7 @@
 #include "aes_wrap.h"
 #include "crypto.h"
 #include "mbedtls/esp_config.h"
+#include "mbedtls/sha1.h"
 
 #ifdef CONFIG_FAST_PBKDF2
 #include "fastpbkdf2.h"
@@ -103,10 +105,33 @@ int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len,
     return digest_vector(MBEDTLS_MD_SHA512, num_elem, addr, len, mac);
 }
 
+#if CONFIG_MBEDTLS_SHA1_C || CONFIG_MBEDTLS_HARDWARE_SHA
 int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 {
+#if defined(MBEDTLS_SHA1_C)
     return digest_vector(MBEDTLS_MD_SHA1, num_elem, addr, len, mac);
+#elif defined(MBEDTLS_SHA1_ALT)
+    mbedtls_sha1_context ctx;
+    size_t i;
+    int ret;
+
+    mbedtls_sha1_init(&ctx);
+    for (i = 0; i < num_elem; i++) {
+        ret = mbedtls_sha1_update(&ctx, addr[i], len[i]);
+        if (ret != 0) {
+            goto exit;
+        }
+    }
+    ret = mbedtls_sha1_finish(&ctx, mac);
+
+exit:
+    mbedtls_sha1_free(&ctx);
+    return ret;
+#else
+    return -ENOTSUP;
+#endif
 }
+#endif
 
 int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
 {
@@ -363,6 +388,7 @@ int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len,
     return hmac_md5_vector(key, key_len, 1, &data, &data_len, mac);
 }
 
+#ifdef MBEDTLS_SHA1_C
 int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem,
                      const u8 *addr[], const size_t *len, u8 *mac)
 {
@@ -375,6 +401,7 @@ int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len,
 {
     return hmac_sha1_vector(key, key_len, 1, &data, &data_len, mac);
 }
+#endif
 
 static void *aes_crypt_init(int mode, const u8 *key, size_t len)
 {
@@ -748,6 +775,7 @@ cleanup:
     return ret;
 }
 
+#if defined(CONFIG_MBEDTLS_SHA1_C) || defined(CONFIG_MBEDTLS_HARDWARE_SHA)
 int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len,
                 int iterations, u8 *buf, size_t buflen)
 {
@@ -775,6 +803,7 @@ cleanup:
     return ret;
 #endif
 }
+#endif /* defined(CONFIG_MBEDTLS_SHA1_C) || defined(CONFIG_MBEDTLS_HARDWARE_SHA) */
 
 #ifdef MBEDTLS_DES_C
 int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)

components/wpa_supplicant/test_apps/main/test_fast_pbkdf2.c

@@ -22,6 +22,7 @@ void fastpbkdf2_hmac_sha1(const uint8_t *pw, size_t npw,
 
 int64_t esp_timer_get_time(void);
 
+#if defined(CONFIG_MBEDTLS_SHA1_C) || defined(CONFIG_MBEDTLS_HARDWARE_SHA)
 TEST_CASE("Test pbkdf2", "[crypto-pbkdf2]")
 {
     set_leak_threshold(130);
@@ -105,3 +106,4 @@ TEST_CASE("Test pbkdf2", "[crypto-pbkdf2]")
     ESP_LOGI("Timing", "Average time for fast_pbkdf2_sha1: %lld microseconds", avg_time_fast);
     ESP_LOGI("Timing", "Average time for mbedtls_pkcs5_pbkdf2_hmac_ext: %lld microseconds", avg_time_mbedtls);
 }
+#endif