Skip to content

Develop rel 1 5 10 #83

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 10, 2021
Merged

Develop rel 1 5 10 #83

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
54f6f9c
Merge pull request #534 from STDK/develop_rel_1_5_9
jy0209-kim Feb 24, 2021
ecd3349
patch: esp32: mbedtls: add support MBEDTLS_SSL_ASYNC_PRIVATE
sangheedotkim Feb 2, 2021
66d8fd8
patch: esp8266: mbedtls: add support MBEDTLS_SSL_ASYNC_PRIVATE
sangheedotkim Feb 2, 2021
17b19d0
Sync-up with iot-core 1.5.10
stdk-scm Mar 10, 2021
41d9705
Merge remote-tracking branch 'internal/develop_rel_1_5_10' into develop
stdk-scm Mar 10, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion iot-core
Open in desktop
Submodule iot-core updated 7 files
+5 −0 src/easysetup/http/tls/iot_easysetup_http_tls.c
+1 −1 src/include/st_dev_version.h
+13 −8 src/iot_api.c
+124 −0 src/port/net/mbedtls/iot_net_mbedtls.c
+15 −12 src/port/os/posix/iot_os_util_posix.c
+3 −3 tools/keygen/README.md
+54 −34 tools/keygen/stdk-keygen.py
37 changes: 37 additions & 0 deletions patches/esp32/1001-mbedtls-esp_config-add-MBEDTLS_SSL_ASYNC_PRIVATE.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
From e38e879f7e71d417a96337dd0c56c2ce35cf79a8 Mon Sep 17 00:00:00 2001
From: Sanghee Kim <sh0130.kim@samsung.com>
Date: Tue, 2 Feb 2021 18:07:14 +0900
Subject: [PATCH] mbedtls: esp_config: add MBEDTLS_SSL_ASYNC_PRIVATE

It has been added from v2.11.0.
---
.../mbedtls/port/include/mbedtls/esp_config.h | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h
index 9c6323276..1bea5f1c4 100644
--- a/components/mbedtls/port/include/mbedtls/esp_config.h
+++ b/components/mbedtls/port/include/mbedtls/esp_config.h
@@ -786,6 +786,19 @@
*/
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES

+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+#ifdef CONFIG_MBEDTLS_SSL_ASYNC_PRIVATE
+#define MBEDTLS_SSL_ASYNC_PRIVATE
+#endif
+
/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
*
* Enable support for Encrypt-then-MAC, RFC 7366.
--
2.17.1

32 changes: 32 additions & 0 deletions patches/esp32/1002-mbedtls-Kconfig-add-option-for-MBEDTLS_SSL_ASYNC_PRI.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
From 8cd8a0f16683160791fa4b426c70ed1d9f009f26 Mon Sep 17 00:00:00 2001
From: Sanghee Kim <sh0130.kim@samsung.com>
Date: Tue, 2 Feb 2021 19:20:41 +0900
Subject: [PATCH] mbedtls: Kconfig: add option for MBEDTLS_SSL_ASYNC_PRIVATE

For certificate-based onboarding
---
components/mbedtls/Kconfig | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig
index 7514d7621..68b5902fe 100644
--- a/components/mbedtls/Kconfig
+++ b/components/mbedtls/Kconfig
@@ -462,6 +462,14 @@ menu "mbedTLS"
help
Enable the RIPEMD-160 hash algorithm.

+ config MBEDTLS_SSL_ASYNC_PRIVATE
+ bool "Enable asynchronous external private key"
+ default n
+ help
+ This allows you to configure an SSL connection to call
+ an external cryptographic module to perform private key operations
+ instead of performing the operation inside the library.
+
menu "Certificates"

config MBEDTLS_PEM_PARSE_C
--
2.17.1

37 changes: 37 additions & 0 deletions patches/esp32_v3.3/1001-mbedtls-esp_config-add-MBEDTLS_SSL_ASYNC_PRIVATE.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
From e38e879f7e71d417a96337dd0c56c2ce35cf79a8 Mon Sep 17 00:00:00 2001
From: Sanghee Kim <sh0130.kim@samsung.com>
Date: Tue, 2 Feb 2021 18:07:14 +0900
Subject: [PATCH] mbedtls: esp_config: add MBEDTLS_SSL_ASYNC_PRIVATE

It has been added from v2.11.0.
---
.../mbedtls/port/include/mbedtls/esp_config.h | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h
index 9c6323276..1bea5f1c4 100644
--- a/components/mbedtls/port/include/mbedtls/esp_config.h
+++ b/components/mbedtls/port/include/mbedtls/esp_config.h
@@ -786,6 +786,19 @@
*/
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES

+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+#ifdef CONFIG_MBEDTLS_SSL_ASYNC_PRIVATE
+#define MBEDTLS_SSL_ASYNC_PRIVATE
+#endif
+
/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
*
* Enable support for Encrypt-then-MAC, RFC 7366.
--
2.17.1

32 changes: 32 additions & 0 deletions patches/esp32_v3.3/1002-mbedtls-Kconfig-add-option-for-MBEDTLS_SSL_ASYNC_PRI.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
From a5b1fe8d9ab7063432bc647fef9e84b1d0be0457 Mon Sep 17 00:00:00 2001
From: Sanghee Kim <sh0130.kim@samsung.com>
Date: Wed, 3 Feb 2021 10:19:39 +0900
Subject: [PATCH] mbedtls: Kconfig: add option for MBEDTLS_SSL_ASYNC_PRIVATE

For certificate-based onboarding
---
components/mbedtls/Kconfig | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig
index 1d9f93d21..4e69e42a1 100644
--- a/components/mbedtls/Kconfig
+++ b/components/mbedtls/Kconfig
@@ -426,6 +426,14 @@ menu "mbedTLS"
help
Enable the RIPEMD-160 hash algorithm.

+ config MBEDTLS_SSL_ASYNC_PRIVATE
+ bool "Enable asynchronous external private key"
+ default n
+ help
+ This allows you to configure an SSL connection to call
+ an external cryptographic module to perform private key operations
+ instead of performing the operation inside the library.
+
menu "Certificates"

config MBEDTLS_PEM_PARSE_C
--
2.17.1

37 changes: 37 additions & 0 deletions patches/esp8266/1005-mbedtls-esp-add-MBEDTLS_SSL_ASYNC_PRIVATE-in-configu.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
From 23bfbd1ba6ff0e4f845c6279242b743e6b3a1e40 Mon Sep 17 00:00:00 2001
From: Sanghee Kim <sh0130.kim@samsung.com>
Date: Tue, 2 Feb 2021 17:58:02 +0900
Subject: [PATCH] mbedtls: esp: add MBEDTLS_SSL_ASYNC_PRIVATE in configuration

It has been added from v2.11.0.
---
.../mbedtls/port/include/mbedtls/esp_config.h | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/components/mbedtls/port/include/mbedtls/esp_config.h b/components/mbedtls/port/include/mbedtls/esp_config.h
index 7cc51003..617670cc 100644
--- a/components/mbedtls/port/include/mbedtls/esp_config.h
+++ b/components/mbedtls/port/include/mbedtls/esp_config.h
@@ -726,6 +726,19 @@
*/
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES

+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+#ifdef CONFIG_MBEDTLS_SSL_ASYNC_PRIVATE
+#define MBEDTLS_SSL_ASYNC_PRIVATE
+#endif
+
/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
*
* Enable support for Encrypt-then-MAC, RFC 7366.
--
2.17.1

32 changes: 32 additions & 0 deletions patches/esp8266/1006-mbedtls-Kconfig-add-option-for-MBEDTLS_SSL_ASYNC_PRI.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
From e8cce8de38737d55c140ebb1be260834373ca665 Mon Sep 17 00:00:00 2001
From: Sanghee Kim <sh0130.kim@samsung.com>
Date: Wed, 3 Feb 2021 10:38:22 +0900
Subject: [PATCH] mbedtls: Kconfig: add option for MBEDTLS_SSL_ASYNC_PRIVATE

For certificate-based onboarding
---
components/mbedtls/Kconfig | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/components/mbedtls/Kconfig b/components/mbedtls/Kconfig
index 10949c96..b1920b85 100644
--- a/components/mbedtls/Kconfig
+++ b/components/mbedtls/Kconfig
@@ -439,6 +439,14 @@ menu "mbedTLS"
help
Enable the RIPEMD-160 hash algorithm.

+ config MBEDTLS_SSL_ASYNC_PRIVATE
+ bool "Enable asynchronous external private key"
+ default n
+ help
+ This allows you to configure an SSL connection to call
+ an external cryptographic module to perform private key operations
+ instead of performing the operation inside the library.
+
menu "Certificates"

config MBEDTLS_PEM_PARSE_C
--
2.17.1