b458016805
Merge branch 'feat/adding_different_strategy_to_perform_tls_using_dynamic_feature_v5.5' into 'release/v5.5'
...
Add configuration to control dynamic buffer strategy in mbedtls (v5.5)
See merge request espressif/esp-idf!39919
2025-07-22 14:48:44 +05:30
570ecdc1cc
Merge branch 'feature/support_ds_peripheral_rsa_decryption_v5.5' into 'release/v5.5'
...
feat(mbedtls): Add support for RSA decryption with DS peripheral (v5.5)
See merge request espressif/esp-idf!40449
2025-07-22 11:57:15 +05:30
5c02c6fc1e
Merge branch 'feat/update_mbedtls_3.6.4_v5.5' into 'release/v5.5'
...
feat(mbedtls): update to version 3.6.4 (v5.5)
See merge request espressif/esp-idf!40375
2025-07-22 11:52:29 +05:30
3c39b32195
Chip/support esp32c61 v5.5
2025-07-22 12:21:36 +08:00
163db6a8a5
feat(mbedtls): adds support for RSA decryption with DS peripheral
2025-07-21 09:27:06 +08:00
a3af8972ae
feat(mbedtls): update to version 3.6.4
2025-07-04 17:34:00 +08:00
5210e576d5
feat(mbedtls/sha): New API for setting SHA mode
2025-06-18 16:46:39 +05:30
2bfeb41d90
feat(mbedtls): Add configuration to control dynamic buffer strategy in mbedtls
...
Problem:
1. In low-memory scenarios, the dynamic buffer feature can fail due to memory fragmentation.
2. It requires a contiguous 16KB heap chunk, but continuous allocation and deallocation of
the RX buffer can lead to fragmentation.
3. If another component allocates memory between these operations, it can break up the
available 16KB block, causing allocation failure.
Solution:
1. Introduce configurable strategy for using dynamic buffers in TLS connections.
2. For example, convert RX buffers to static after the TLS handshake.
3. Allow users to select the strategy via a new field in the esp_http_client_cfg_t structure.
4. The strategy can be controlled independently for each TLS session.
2025-06-18 15:01:17 +05:30
e44e7ce2f9
Merge branch 'bugfix/fix_tls1_3_dynamic_buffer_build_v5.5' into 'release/v5.5'
...
fix(mbedtls): Fix failing build with TLS1.3 only and dynamic buffer enabled (v5.5)
See merge request espressif/esp-idf!39879
2025-06-17 15:39:50 +08:00
d5323cfaaa
Merge branch 'feature/enable_support_for_deterministic_mode_and_ecdsa_192_v5.5' into 'release/v5.5'
...
enable support for deterministic mode and ecdsa 192 in ESP32H2 (v5.5)
See merge request espressif/esp-idf!39540
2025-06-16 18:32:43 +05:30
6e82c7a061
Merge branch 'bugfix/fix_tls1_3_server_failing_handshake_v5.5' into 'release/v5.5'
...
fix(mbedtls): Fix failing handshake when running HTTPS Server with TLS1.3 (v5.5)
See merge request espressif/esp-idf!39414
2025-06-16 17:02:10 +05:30
6cf1a6f297
Merge branch 'fix/suppress_cert_bundle_serial_number_warning_v5.5' into 'release/v5.5'
...
fix(mbedtls/esp_crt_bundle): Suppress non-negative serial number warning (v5.5)
See merge request espressif/esp-idf!39401
2025-06-16 15:42:10 +05:30
156ead0cd5
fix(mbedtls): Fixes failing TLS 1.3 server handshake
...
Closes https://github.com/espressif/esp-idf/issues/15984
2025-06-16 11:27:48 +05:30
04f5e591c0
feat: enable support for deterministic mode for esp32h2
2025-06-16 13:13:03 +08:00
2d5d7b819f
feat: enabled ECDSA-P192 support for ESP32H2
2025-06-16 13:13:03 +08:00
08d78dcd7e
fix(esp_tls): fix failing build with TLS1.3 only and dynamic buffer
2025-06-16 09:22:57 +08:00
07ae83249a
fix(mbedtls/esp_crt_bundle): Suppress non-negative serial number warning
...
Co-authored-by: Mahavir Jain <mahavir.jain@espressif.com >
2025-06-04 17:37:47 +05:30
27496e47f0
feat(esp_tee): Support for ESP32-H2 - the rest of the components
2025-05-21 10:06:17 +05:30
1ba8abd8b7
fix(mbedtls): Enable signature verification s/w fallback when ECDSA curve is disabled
2025-05-20 12:18:07 +05:30
d116567a66
refactor(esp_tee): Update TEE secure storage interface APIs
2025-05-04 18:03:29 +05:30
c9f7bcd452
feat(esp_tee): Support the nvs_flash for the ESP-TEE build
2025-05-04 18:03:28 +05:30
97f904b6fb
Merge branch 'docs/fix_some_typos' into 'master'
...
docs: Fix some typos
Closes DOC-10600, DOC-10605, DOC-10606, DOC-10607, DOC-10608, and DOC-10671
See merge request espressif/esp-idf!37977
2025-04-30 18:35:40 +08:00
62d4115e08
docs: Fix some typos
2025-04-30 18:35:39 +08:00
d3e3790fc9
Merge branch 'fix/refactor_source_code_and_comments' into 'master'
...
fix(hal): updated API description and added comments
Closes IDF-12618
See merge request espressif/esp-idf!38415
2025-04-30 18:26:57 +08:00
ff555428d1
Merge branch 'feat/dynamic_buffer_tls1.3' into 'master'
...
feat(mbedtls): add support for dynamic buffer for TLS1.3
Closes IDFGH-14708, IDF-12469, IDF-9178, and IDF-1725
See merge request espressif/esp-idf!38258
2025-04-30 17:52:43 +08:00
f19e8e6970
fix: re-enabled ecdsa support for esp32c5-eco2
2025-04-28 20:58:09 +05:30
415e0f3c86
feat(mbedtls): add support for dynamic buffer for TLS1.3
...
Closes https://github.com/espressif/esp-idf/issues/15448
2025-04-24 12:05:36 +08:00
8b239ab605
Merge branch 'fix/remove_mbedtls_logical_dead_code' into 'master'
...
fix(mbedtls): remove logical dead code from mbedtls
Closes IDF-12866
See merge request espressif/esp-idf!38498
2025-04-23 12:21:20 +08:00
b0d9ccf6e3
fix(mbedtls): Fix config dependencies when ROM mbedtls is used
2025-04-21 13:38:29 +05:30
0de1429834
fix(mbedtls): remove logical dead code from mbedtls
2025-04-17 13:43:48 +08:00
4a4d63d36e
feat(esp_tee): Protect the ECC peripheral from REE access
2025-04-16 19:19:04 +05:30
1c4969bc47
feat(esp_security): Add a TEE-specific crypto lock layer with stub implementations
2025-04-16 19:19:03 +05:30
c8f790078b
Merge branch 'feature/enable_ecdsa_support_for_esp32h21' into 'master'
...
feat: add ECDSA support for esp32h21
Closes IDF-11496
See merge request espressif/esp-idf!36591
2025-04-16 17:58:52 +08:00
d9f03d7f28
fix(hal): updated API description and added comments
2025-04-15 14:58:53 +05:30
1c6405eb9b
Merge branch 'fix/esp_tee_coverity_bugs' into 'master'
...
fix(security): Fixed coverity warnings related to the `esp_tee` component
Closes IDF-12803, IDF-12804, and IDF-12826
See merge request espressif/esp-idf!38360
2025-04-14 15:05:27 +08:00
aae4bfb6f3
feat: enable ecdsa support for esp32h21
...
This commit enabled suppot for ECDSA peripheral in ESP32H21.
2025-04-14 10:26:46 +05:30
13aff0b216
fix(security): Fixed coverity warnings related to the esp_tee component
...
- Also, disable the SECP192R1 curve (Mbed TLS config) when TEE Secure Storage
does not require it
2025-04-14 10:12:51 +05:30
b62e486247
fix(component/mbedtls): Fix failing cert verification with TLS1.3 and DS peripheral
2025-04-11 18:34:16 +08:00
bd314c2460
refactor(esp_tee): Update the SHA clock configuration service call
2025-04-04 10:31:28 +05:30
3e95020c59
refactor(esp_security): Introduce dedicated APIs for crypto clock configuration
2025-04-04 10:31:27 +05:30
3fd107aa04
feat(mbedtls): Add support for ECDSA signing with TEE secure storage
2025-04-03 15:35:15 +05:30
1e8933d296
feat(esp_tee): Add support for SECP192R1 curve in TEE secure storage
2025-04-03 15:35:14 +05:30
21f59bd030
Merge branch 'feat/update_mbedtls_3.6.3' into 'master'
...
feat(component/mbedtls): update to upstream v3.6.3
Closes IDF-12730
See merge request espressif/esp-idf!38041
2025-04-01 18:38:12 +08:00
b126ebb596
feat(mbedtls): new config to allow weak cert verification
2025-03-28 15:46:48 +08:00
c34b4eb882
feat(esp32h4): enable ESP32H4 ci build
2025-03-28 14:41:28 +08:00
0291bee0ff
feat(mbedtls): update to version 3.6.3
2025-03-28 13:03:12 +08:00
8e4cbdfe36
Merge branch 'feat/configurable_mbedtls_sha1' into 'master'
...
feat(mbedtls): Make mbedtls SHA1 support configurable
See merge request espressif/esp-idf!37795
2025-03-24 17:38:05 +08:00
6b1f4fe46c
fix(esp_tee): Utilize the SHA H/W for hashing operations in the TEE
2025-03-22 10:02:24 +05:30
ce7ec7f19f
Merge branch 'feature/enable_hmac_and_ds_support_for_esp32h21' into 'master'
...
feat: enabled hmac and ds support in esp32h21
Closes IDF-11495 and IDF-11497
See merge request espressif/esp-idf!37085
2025-03-21 17:23:46 +08:00
98e16412a7
refactor(esp_tee): Use the AES-GCM port layer for operations in the TEE
2025-03-19 14:30:52 +05:30
Mahavir Jain