From aa5d1d4fc28e78aaf52a30754347f961f02e9f15 Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Tue, 7 Apr 2020 13:51:35 +0530 Subject: [PATCH 1/7] Update submodule pointers and fix build issues with Make and CMake build system Remove linker flags from toolchain specific files iot_wifi.c: Use esp_netif APIs Fix warnings in WiFi port layer Change smartconfig implementation extras.c: Add stack overflow hook in freertos component Remove secure_sockets layer in ports directory and use AFR secure_socket layer iot_pkcs11_pal.c: Change ESP_LOGx to ESP_EARLY_LOGx in initialize_nvs_partition --- .gitmodules | 5 +- freertos_kernel | 2 +- tools/cmake/toolchains/xtensa-esp32.cmake | 1 - vendors/espressif/boards/esp32/CMakeLists.txt | 185 ++-- .../amazon-freertos-common/component.mk | 1 + .../esp32/aws_demos/application_code/main.c | 4 +- .../aws_demos/config_files/FreeRTOSConfig.h | 23 +- .../boards/esp32/aws_demos/sdkconfig.defaults | 3 + .../amazon-freertos-tests/component.mk | 3 + .../esp32/aws_tests/application_code/main.c | 5 +- .../aws_tests/config_files/FreeRTOSConfig.h | 23 +- .../esp32/components/freertos/CMakeLists.txt | 30 +- .../boards/esp32/components/freertos/extra.c | 16 + .../freertos/include/freertos/xtensa_rtos.h | 1 + .../esp32/components/mbedtls/CMakeLists.txt | 11 +- .../esp32/components/mbedtls/port/aes.c | 754 ++++++++++++++++ .../components/mbedtls/port/esp_bignum.c | 5 +- .../components/mbedtls/port/include/aes.h | 353 ++++++++ .../components/mbedtls/port/include/aes_alt.h | 2 +- .../components/mbedtls/port/include/sha.h | 211 +++++ .../esp32/components/mbedtls/port/sha.c | 314 +++++++ .../components/secure_sockets/component.mk | 2 +- .../boards/esp32/ports/ota/aws_esp_ota_ops.c | 6 +- .../esp32/ports/pkcs11/iot_pkcs11_pal.c | 8 +- .../secure_sockets/lwip/iot_secure_sockets.c | 837 ------------------ .../boards/esp32/ports/wifi/iot_wifi.c | 225 ++--- vendors/espressif/esp-idf | 2 +- 27 files changed, 1987 insertions(+), 1045 deletions(-) create mode 100644 vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_rtos.h create mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/aes.c create mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h create mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h create mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/sha.c delete mode 100644 vendors/espressif/boards/esp32/ports/secure_sockets/lwip/iot_secure_sockets.c diff --git a/.gitmodules b/.gitmodules index fd7bfc8cc47..cdc14f480da 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,7 +8,8 @@ branch = v2.4.3 [submodule "freertos_kernel"] path = freertos_kernel - url = https://github.com/FreeRTOS/FreeRTOS-Kernel.git + url = https://github.com/shubhamkulkarni97/FreeRTOS-Kernel.git + branch = bugfix/upleveling_changes [submodule "pkcs11"] path = libraries/3rdparty/pkcs11 url = https://github.com/amazon-freertos/pkcs11.git @@ -22,7 +23,7 @@ [submodule "vendors/espressif/esp-idf"] path = vendors/espressif/esp-idf url = https://github.com/espressif/esp-afr-sdk.git - branch = release/v3.3 + branch = release/v4.2 [submodule "mbedtls"] path = libraries/3rdparty/mbedtls url = https://github.com/ARMmbed/mbedtls.git diff --git a/freertos_kernel b/freertos_kernel index 82fdc1c3ee4..2795450d203 160000 --- a/freertos_kernel +++ b/freertos_kernel @@ -1 +1 @@ -Subproject commit 82fdc1c3ee4c5e8a1f10e2a2370c81088506e905 +Subproject commit 2795450d203718afaf217f92dba77fadb7221764 diff --git a/tools/cmake/toolchains/xtensa-esp32.cmake b/tools/cmake/toolchains/xtensa-esp32.cmake index c42ce9a3197..b877706c8a7 100644 --- a/tools/cmake/toolchains/xtensa-esp32.cmake +++ b/tools/cmake/toolchains/xtensa-esp32.cmake @@ -27,6 +27,5 @@ set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY) set(AFR_COMPILER_NO_WARNINGS "-w" CACHE INTERNAL "") # Global compiler flags. -set(CMAKE_EXE_LINKER_FLAGS "-nostdlib" CACHE STRING "Linker Base Flags") set(CMAKE_C_FLAGS "-mlongcalls" CACHE STRING "C Compiler Base Flags") set(CMAKE_CXX_FLAGS "-mlongcalls" CACHE STRING "C++ Compiler Base Flags") diff --git a/vendors/espressif/boards/esp32/CMakeLists.txt b/vendors/espressif/boards/esp32/CMakeLists.txt index 6d3327f4673..fb34a7f2583 100644 --- a/vendors/espressif/boards/esp32/CMakeLists.txt +++ b/vendors/espressif/boards/esp32/CMakeLists.txt @@ -1,4 +1,3 @@ -set(CMAKE_EXECUTABLE_SUFFIX ".elf") # ------------------------------------------------------------------------------------------------- # FreeRTOS Console metadata @@ -36,9 +35,9 @@ endif() set(esp_idf_dir "${AFR_VENDORS_DIR}/espressif/esp-idf") # Provides idf_import_components and idf_link_components -include(${esp_idf_dir}/tools/cmake/idf_functions.cmake) +include(${esp_idf_dir}/tools/cmake/idf.cmake) +include(${esp_idf_dir}/tools/cmake/project_utils.cmake) -idf_set_global_compile_options() if(AFR_IS_TESTING) set(exe_target aws_tests) @@ -50,37 +49,12 @@ afr_mcu_port(compiler) set(linker_flags "-Wl,--gc-sections" "-Wl,--cref" "-Wl,--Map=${exe_target}.map" "-Wl,--undefined=uxTopUsedPriority") -# Compiler flags -target_compile_options( - AFR::compiler::mcu_port - INTERFACE - ${IDF_COMPILE_OPTIONS} - $<$:${IDF_C_COMPILE_OPTIONS}> - $<$:${IDF_CXX_COMPILE_OPTIONS}> -) - -# Compiler definitions/macros -target_compile_definitions( - AFR::compiler::mcu_port - INTERFACE - ${IDF_COMPILE_DEFINITIONS} -) - -if(NOT AFR_ESP_FREERTOS_TCP) -target_compile_definitions( - AFR::compiler::mcu_port - INTERFACE $<$:${compiler_defined_symbols}> - -DAFR_ESP_LWIP -) -endif() - # Linker flags target_link_options( AFR::compiler::mcu_port INTERFACE ${linker_flags} ) -set(CMAKE_EXECUTABLE_SUFFIX ".elf") # ------------------------------------------------------------------------------------------------- # FreeRTOS portable layers @@ -115,14 +89,20 @@ set( "${esp_idf_dir}/components/log/include" "${esp_idf_dir}/components/nvs_flash/include" "${esp_idf_dir}/components/pthread/include" - "${esp_idf_dir}/components/newlib/include" "${esp_idf_dir}/components/newlib/platform_include" - "${esp_idf_dir}/components/soc/esp32/include" + "${esp_idf_dir}/components/soc/soc/esp32/include" "${esp_idf_dir}/components/soc/include" "${esp_idf_dir}/components/spi_flash/include" "${esp_idf_dir}/components/vfs/include" "${extra_components_dir}/freertos/include" "${extra_components_dir}/mbedtls/port/include" + "${esp_idf_dir}/components/xtensa/esp32/include/xtensa" + "${esp_idf_dir}/components/xtensa/esp32/include" + "${esp_idf_dir}/components/xtensa/include" + "${esp_idf_dir}/components/esp_rom/include" + "${esp_idf_dir}/components/esp_timer/include" + "${esp_idf_dir}/components/esp_common/include" + "${esp_idf_dir}/components/esp_system/include" ) if(AFR_ESP_FREERTOS_TCP) @@ -131,6 +111,10 @@ if(AFR_ESP_FREERTOS_TCP) "${extra_components_dir}/freertos_tcpip/smartconfig_ack/include" "${extra_components_dir}/freertos_tcpip/tcpip_adapter/include" "${AFR_MODULES_FREERTOS_PLUS_DIR}/standard/freertos_plus_tcp/source/portable/Compiler/GCC" + "${esp_idf_dir}/components/xtensa" + "${esp_idf_dir}/components/esp_wifi/include" + "${esp_idf_dir}/components/esp_netif/include" + "${esp_idf_dir}/components/esp_eth/include" ) else() list(APPEND kernel_inc_dirs @@ -179,7 +163,10 @@ target_include_directories( "${esp_idf_dir}/components/lwip/lwip/src/include" "${esp_idf_dir}/components/lwip/port/esp32/include" "${esp_idf_dir}/components/lwip/port/esp32/include/arch" - "${esp_idf_dir}/components/lwip/include_compat" + "${esp_idf_dir}/components/esp_wifi/include" + "${esp_idf_dir}/components/esp_netif/include" + "${esp_idf_dir}/components/esp_eth/include" + "${esp_idf_dir}/components/soc/soc/include" ) endif() @@ -214,31 +201,37 @@ target_sources( target_include_directories( AFR::ble_hal::mcu_port INTERFACE - "${esp_idf_dir}/components/bt/bluedroid/api/include/api" + "${esp_idf_dir}/components/bt/host/bluedroid/api/include/api" "${esp_idf_dir}/components/bt/include" - "${esp_idf_dir}/components/nimble/nimble/porting/nimble/include" - "${esp_idf_dir}/components/nimble/port/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/ans/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/bas/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/gap/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/gatt/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/ias/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/lls/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/services/tps/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/util/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/store/ram/include" - "${esp_idf_dir}/components/nimble/nimble/nimble/host/store/config/include" - "${esp_idf_dir}/components/nimble/nimble/porting/npl/freertos/include" - "${esp_idf_dir}/components/nimble/nimble/ext/tinycrypt/include" - "${esp_idf_dir}/components/nimble/esp-hci/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/porting/nimble/include" + "${esp_idf_dir}/components/bt/host/nimble/port/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/ans/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/bas/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/gap/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/gatt/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/ias/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/lls/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/services/tps/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/util/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/store/ram/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/nimble/host/store/config/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/porting/npl/freertos/include" + "${esp_idf_dir}/components/bt/host/nimble/nimble/ext/tinycrypt/include" + "${esp_idf_dir}/components/bt/host/nimble/esp-hci/include" "${afr_ports_dir}/ble" "${afr_ports_dir}/ble/bluedroid" "${afr_ports_dir}/ble/nimble" ) +target_link_libraries( + AFR::ble_hal::mcu_port + INTERFACE + idf::bt +) + # PKCS11 if(ECC608_IN_USE) afr_mcu_port(pkcs11_implementation DEPENDS AFR::pkcs11_ecc608a) @@ -276,6 +269,12 @@ else() ) endif() +target_include_directories( + AFR::pkcs11_implementation::mcu_port + INTERFACE + "${esp_idf_dir}/components/soc/soc/include" +) + if(AFR_ESP_FREERTOS_TCP) # FreeRTOS Plus TCP afr_mcu_port(freertos_plus_tcp) @@ -300,7 +299,7 @@ afr_mcu_port(secure_sockets) target_sources( AFR::secure_sockets::mcu_port INTERFACE - "${afr_ports_dir}/secure_sockets/lwip/iot_secure_sockets.c" + "${AFR_MODULES_ABSTRACTIONS_DIR}/secure_sockets/lwip/iot_secure_sockets.c" ) target_include_directories( @@ -309,10 +308,9 @@ target_include_directories( "${esp_idf_dir}/components/lwip/include/apps" "${esp_idf_dir}/components/lwip/include/apps/sntp" "${esp_idf_dir}/components/lwip/lwip/src/include" - "${esp_idf_dir}/components/lwip/lwip/src/include/lwip" "${esp_idf_dir}/components/lwip/port/esp32/include" "${esp_idf_dir}/components/lwip/port/esp32/include/arch" - "${esp_idf_dir}/components/lwip/include_compat" + "${esp_idf_dir}/components/lwip/include" ) target_link_libraries( @@ -342,6 +340,11 @@ target_sources( "${afr_ports_dir}/ota/aws_esp_ota_ops.c" "${afr_ports_dir}/ota/aws_esp_ota_ops.h" ) +target_include_directories( + AFR::ota::mcu_port + INTERFACE + "${esp_idf_dir}/components/soc/soc/include" +) target_link_libraries( AFR::ota::mcu_port INTERFACE @@ -363,11 +366,15 @@ if(AFR_ENABLE_DEMOS OR AFR_ENABLE_TESTS) "${board_dir}/application_code/main.c" ${extra_exe_sources} ) + idf_build_set_property(PROJECT_DIR ${AFR_ROOT_DIR}) + idf_build_executable(${exe_target}) target_include_directories( ${exe_target} PUBLIC + "${esp_idf_dir}/components/esp_ringbuf/include" $ $ + $ ) target_link_libraries( ${exe_target} @@ -461,17 +468,17 @@ set_property(GLOBAL PROPERTY IDF_PROJECT_EXECUTABLE ${IDF_PROJECT_EXECUTABLE}) get_filename_component( ABS_EXTRA_COMPONENT_DIRS - "${board_dir}/application_code/espressif_code" ABSOLUTE + "${extra_components_dir}/freertos" ABSOLUTE ) -list(APPEND IDF_EXTRA_COMPONENT_DIRS ${ABS_EXTRA_COMPONENT_DIRS}) +idf_build_component(${ABS_EXTRA_COMPONENT_DIRS}) get_filename_component( ABS_EXTRA_COMPONENT_DIRS - "${extra_components_dir}" ABSOLUTE + "${extra_components_dir}/mbedtls" ABSOLUTE ) -list(APPEND IDF_EXTRA_COMPONENT_DIRS ${ABS_EXTRA_COMPONENT_DIRS}) +idf_build_component(${ABS_EXTRA_COMPONENT_DIRS}) if(AFR_ESP_FREERTOS_TCP) get_filename_component( @@ -479,9 +486,55 @@ get_filename_component( "${extra_components_dir}/freertos_tcpip" ABSOLUTE ) -list(APPEND IDF_EXTRA_COMPONENT_DIRS ${ABS_NW_EXTRA_COMPONENT_DIRS}) +idf_build_component(${ABS_EXTRA_COMPONENT_DIRS}) endif() +idf_build_process(esp32 + SDKCONFIG ${CMAKE_BINARY_DIR}/sdkconfig + SDKCONFIG_DEFAULTS ${CMAKE_BINARY_DIR}/sdkconfig.defaults + BUILD_DIR ${CMAKE_BINARY_DIR}) + +idf_build_get_property(idf_compile_options "COMPILE_OPTIONS") +idf_build_get_property(idf_c_compile_options "C_COMPILE_OPTIONS") +idf_build_get_property(idf_cxx_compile_options "CXX_COMPILE_OPTIONS") +idf_build_get_property(idf_compile_definitions "COMPILE_DEFINITIONS") + +# Compiler flags +target_compile_options( + AFR::compiler::mcu_port + INTERFACE + $<$:${idf_c_compile_options}> + $<$:${idf_cxx_compile_options}> + -Wno-stringop-overflow + -Wno-bool-operation + -Wno-sizeof-pointer-div + -Wno-nonnull +) + +# Compiler definitions/macros +target_compile_definitions( + AFR::compiler::mcu_port + INTERFACE + ${idf_compile_definitions} + -DESP_PLATFORM +) + +if(NOT AFR_ESP_FREERTOS_TCP) +target_compile_definitions( + AFR::compiler::mcu_port + INTERFACE $<$:${compiler_defined_symbols}> + -DAFR_ESP_LWIP +) +endif() + +target_compile_options( + AFR::compiler::mcu_port + INTERFACE + ${idf_compile_options} +) + +idf_project_generate_description_file(${CMAKE_BINARY_DIR}/project_description.json) + # This is a hack to have IDF build system use PRIVATE keyword when # calling target_link_libraries() on aws_demos target. This is necessary # as CMake doesn't allow mixing target_link_libraries() call signature @@ -497,21 +550,3 @@ endfunction() # Override IDF's native toolchain file set(IDF_TOOLCHAIN_FILE ${CMAKE_TOOLCHAIN_FILE}) - -# Wraps add_subdirectory() to create library targets for components, and then `return` them using the given variable. -# In this case the variable is named `component` -idf_import_components(components ${esp_idf_dir} esp-idf) - -# Wraps target_link_libraries() to link processed components by idf_import_components to target -idf_link_components(${IDF_PROJECT_EXECUTABLE} "${components}") - -# Monitor target for running idf_monitor.py -add_custom_target(monitor - DEPENDS "${IDF_PROJECT_EXECUTABLE}" - COMMAND ${CMAKE_COMMAND} - -D IDF_PATH="${esp_idf_dir}" - -D PROJECT_ELF="${IDF_PROJECT_EXECUTABLE}" - -D ELF_DIR="${CMAKE_BINARY_DIR}" - -P run_idf_monitor.cmake - WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR} - ) diff --git a/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk b/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk index a5f93402144..b2a6cfa2732 100644 --- a/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk +++ b/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk @@ -93,6 +93,7 @@ COMPONENT_PRIV_INCLUDEDIRS := $(AMAZON_FREERTOS_ABSTRACTIONS_DIR)/pkcs11 \ lib/greengrass/aws_greengrass_discovery.o: CFLAGS+=-Wno-format lib/common/aws_logging_task_dynamic_buffers.o: CFLAGS+=-Wno-format -Wno-uninitialized libraries/c_sdk/aws/defender/src/aws_iot_defender_api.o: CFLAGS+=-Wno-unused-but-set-variable +vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gatt_server.o: CFLAGS+=-Wno-stringop-overflow ifdef AMAZON_FREERTOS_ENABLE_UNIT_TEST COMPONENT_SRCDIRS += ../.. \ diff --git a/vendors/espressif/boards/esp32/aws_demos/application_code/main.c b/vendors/espressif/boards/esp32/aws_demos/application_code/main.c index 6c09ac596ac..cb27379cbc5 100644 --- a/vendors/espressif/boards/esp32/aws_demos/application_code/main.c +++ b/vendors/espressif/boards/esp32/aws_demos/application_code/main.c @@ -58,7 +58,7 @@ #include "driver/uart.h" #include "aws_application_version.h" -#include "tcpip_adapter.h" +#include "esp_netif.h" #include "iot_network_manager_private.h" @@ -172,7 +172,7 @@ static void prvMiscInitialization( void ) #if AFR_ESP_LWIP configPRINTF( ("Initializing lwIP TCP stack\r\n") ); - tcpip_adapter_init(); + esp_netif_init(); #else configPRINTF( ("Initializing FreeRTOS TCP stack\r\n") ); vApplicationIPInit(); diff --git a/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h b/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h index 98e3852340b..1af1c8b70b5 100644 --- a/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h +++ b/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h @@ -37,8 +37,10 @@ #ifndef __ASSEMBLER__ #include /* for abort() */ - #include "rom/ets_sys.h" + #include "esp32/rom/ets_sys.h" #include + #include "soc/cpu.h" + #include "esp_attr.h" #if CONFIG_SYSVIEW_ENABLE #include "SEGGER_SYSVIEW_FreeRTOS.h" @@ -46,6 +48,8 @@ #endif #endif /* def __ASSEMBLER__ */ +#define pdTICKS_TO_MS( xTicks ) ( ( uint32_t ) ( xTicks ) * 1000 / configTICK_RATE_HZ ) + /*----------------------------------------------------------- * Application specific definitions. * @@ -323,6 +327,23 @@ void * const pxCreatedTask, const int xCoreID ); + static inline bool IRAM_ATTR xPortCanYield(void) + { + uint32_t ps_reg = 0; + + //Get the current value of PS (processor status) register + RSR(PS, ps_reg); + + /* + * intlevel = (ps_reg & 0xf); + * excm = (ps_reg >> 4) & 0x1; + * CINTLEVEL is max(excm * EXCMLEVEL, INTLEVEL), where EXCMLEVEL is 3. + * However, just return true, only intlevel is zero. + */ + + return ((ps_reg & PS_INTLEVEL_MASK) == 0); + } + #define xTaskGetIdleTaskHandleForCPU(i) xTaskGetIdleTaskHandle() #define xTaskGetCurrentTaskHandleForCPU(i) xTaskGetCurrentTaskHandle() diff --git a/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults b/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults index 2ac2a808f78..8712792e5be 100644 --- a/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults +++ b/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults @@ -45,3 +45,6 @@ CONFIG_NIMBLE_HCI_EVT_LO_BUF_COUNT=8 CONFIG_NIMBLE_MESH= CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y CONFIG_ESPTOOLPY_BAUD_921600B=y +CONFIG_BOOTLOADER_WDT_DISABLE_SKIP_FIRST_BOOT=y +CONFIG_BOOTLOADER_WDT_TIME_MS=90000 +CONFIG_BOOTLOADER_APP_ROLLBACK_ENABLE=y diff --git a/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk b/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk index c9ccb8c1003..3b874cf2ad9 100644 --- a/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk +++ b/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk @@ -152,6 +152,9 @@ CFLAGS += -DESP32 tests/common/wifi/aws_test_wifi.o: CFLAGS+=-Wno-uninitialized tests/common/ota/aws_test_ota_pal.o: CFLAGS+=-Wno-pointer-sign -Wno-sizeof-pointer-memaccess tests/common/ota/aws_test_ota_agent.o: CFLAGS+=-Wno-pointer-sign +libraries/c_sdk/standard/mqtt/test/unit/iot_tests_mqtt_metrics.o: CFLAGS+=-Wno-nonnull +libraries/freertos_plus/standard/tls/test/iot_test_tls.o: CFLAGS+=-Wno-nonnull +vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gatt_server.o: CFLAGS+=-Wno-stringop-overflow else COMPONENT_SRCDIRS += ../.. \ diff --git a/vendors/espressif/boards/esp32/aws_tests/application_code/main.c b/vendors/espressif/boards/esp32/aws_tests/application_code/main.c index 867a54222e5..5d3048d9ab1 100644 --- a/vendors/espressif/boards/esp32/aws_tests/application_code/main.c +++ b/vendors/espressif/boards/esp32/aws_tests/application_code/main.c @@ -27,6 +27,7 @@ /* FreeRTOS includes. */ #include "FreeRTOS.h" #include "task.h" +#include "string.h" /* Test includes */ #include "aws_test_runner.h" @@ -42,7 +43,7 @@ #include "FreeRTOS_IP.h" #include "FreeRTOS_Sockets.h" #endif -#include "tcpip_adapter.h" +#include "esp_netif.h" #include "aws_test_utils.h" #include "esp_bt.h" #include "esp_system.h" @@ -156,7 +157,7 @@ int app_main( void ) #if AFR_ESP_LWIP configPRINTF( ("Initializing lwIP TCP stack\r\n") ); - tcpip_adapter_init(); + esp_netif_init(); #else /* AFR_ESP_LWIP */ configPRINTF( ("Initializing FreeRTOS TCP stack\r\n") ); FreeRTOS_IPInit( ucIPAddress, diff --git a/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h b/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h index 97c1b7d7788..1570cc1c6aa 100644 --- a/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h +++ b/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h @@ -37,8 +37,10 @@ #ifndef __ASSEMBLER__ #include /* for abort() */ - #include "rom/ets_sys.h" + #include "esp32/rom/ets_sys.h" #include + #include "soc/cpu.h" + #include "esp_attr.h" #if CONFIG_SYSVIEW_ENABLE #include "SEGGER_SYSVIEW_FreeRTOS.h" @@ -49,6 +51,8 @@ #include "unity_internals.h" #endif /* def __ASSEMBLER__ */ +#define pdTICKS_TO_MS( xTicks ) ( ( uint32_t ) ( xTicks ) * 1000 / configTICK_RATE_HZ ) + /*----------------------------------------------------------- * Application specific definitions. * @@ -313,6 +317,23 @@ void * const pxCreatedTask, const int xCoreID ); + static inline bool IRAM_ATTR xPortCanYield(void) + { + uint32_t ps_reg = 0; + + //Get the current value of PS (processor status) register + RSR(PS, ps_reg); + + /* + * intlevel = (ps_reg & 0xf); + * excm = (ps_reg >> 4) & 0x1; + * CINTLEVEL is max(excm * EXCMLEVEL, INTLEVEL), where EXCMLEVEL is 3. + * However, just return true, only intlevel is zero. + */ + + return ((ps_reg & PS_INTLEVEL_MASK) == 0); + } + #define xTaskGetIdleTaskHandleForCPU(i) xTaskGetIdleTaskHandle() #define xTaskGetCurrentTaskHandleForCPU(i) xTaskGetCurrentTaskHandle() diff --git a/vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt b/vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt index bf82beea296..888d0f8c7e3 100644 --- a/vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt +++ b/vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt @@ -20,14 +20,30 @@ else() "${CMAKE_CURRENT_LIST_DIR}/../../aws_demos/config_files") endif() -set(COMPONENT_ADD_INCLUDEDIRS "${include_dirs}") - # Edit following two lines to set component requirements (see docs) set(COMPONENT_REQUIRES ) set(COMPONENT_PRIV_REQUIRES ) -set(COMPONENT_SRCDIRS . ${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32 ${AMAZON_FREERTOS_KERNEL_DIR}) - -set(COMPONENT_ADD_LDFRAGMENTS linker.lf) - -register_component() +idf_component_register(SRCS "extra.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/FreeRTOS-openocd.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/port.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/portasm.S" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_context.S" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_init.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_intr.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_intr_asm.S" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_loadstore_handler.S" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_overlay_os_hook.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_vector_defaults.S" + "${AMAZON_FREERTOS_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/xtensa_vectors.S" + "${AMAZON_FREERTOS_KERNEL_DIR}/croutine.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/event_groups.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/list.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/queue.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/stream_buffer.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/tasks.c" + "${AMAZON_FREERTOS_KERNEL_DIR}/timers.c" + INCLUDE_DIRS "${include_dirs}" + LDFRAGMENTS linker.lf + REQUIRES app_trace esp_timer + PRIV_REQUIRES soc) diff --git a/vendors/espressif/boards/esp32/components/freertos/extra.c b/vendors/espressif/boards/esp32/components/freertos/extra.c index 1feba7e2bbd..1f50ab73540 100644 --- a/vendors/espressif/boards/esp32/components/freertos/extra.c +++ b/vendors/espressif/boards/esp32/components/freertos/extra.c @@ -16,6 +16,7 @@ #include "esp_err.h" #include "queue.h" #include "task.h" +#include "string.h" extern void pthread_local_storage_cleanup(TaskHandle_t task); @@ -40,3 +41,18 @@ void vPortCleanUpTCB ( void *pxTCB ) { pthread_local_storage_cleanup(pxTCB); } + +void __attribute__((weak)) vApplicationStackOverflowHook( TaskHandle_t xTask, char *pcTaskName ) +{ + #define ERR_STR1 "***ERROR*** A stack overflow in task " + #define ERR_STR2 " has been detected." + const char *str[] = {ERR_STR1, pcTaskName, ERR_STR2}; + + char buf[sizeof(ERR_STR1) + CONFIG_FREERTOS_MAX_TASK_NAME_LEN + sizeof(ERR_STR2) + 1 /* null char */] = { 0 }; + + char *dest = buf; + for (int i = 0 ; i < sizeof(str)/ sizeof(str[0]); i++) { + dest = strcat(dest, str[i]); + } + esp_system_abort(buf); +} diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_rtos.h b/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_rtos.h new file mode 100644 index 00000000000..4596313c68c --- /dev/null +++ b/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_rtos.h @@ -0,0 +1 @@ +#include diff --git a/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt b/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt index c7e6d4705c0..9488f0bf2da 100644 --- a/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt +++ b/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt @@ -1,4 +1,6 @@ -register_component() +idf_component_register() + +set(FREERTOS_COMPONENT_DIR "${CMAKE_CURRENT_LIST_DIR}/../freertos") target_compile_options( afr_3rdparty_mbedtls @@ -14,9 +16,14 @@ target_include_directories( BEFORE PRIVATE "${AFR_VENDORS_DIR}/espressif/esp-idf/components/vfs/include" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/soc/include/soc" + ${FREERTOS_COMPONENT_DIR}/include PUBLIC ${IDF_INCLUDE_DIRECTORIES} ${CMAKE_CURRENT_LIST_DIR}/port/include + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/xtensa/include" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/soc/include" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/src/esp32/include" ) target_sources( @@ -29,6 +36,8 @@ target_sources( "${CMAKE_CURRENT_LIST_DIR}/port/esp_sha1.c" "${CMAKE_CURRENT_LIST_DIR}/port/esp_sha512.c" "${CMAKE_CURRENT_LIST_DIR}/port/mbedtls_debug.c" + "${CMAKE_CURRENT_LIST_DIR}/port/aes.c" + "${CMAKE_CURRENT_LIST_DIR}/port/sha.c" ) target_compile_definitions( diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/aes.c b/vendors/espressif/boards/esp32/components/mbedtls/port/aes.c new file mode 100644 index 00000000000..3ac78397c86 --- /dev/null +++ b/vendors/espressif/boards/esp32/components/mbedtls/port/aes.c @@ -0,0 +1,754 @@ +/** + * \brief AES block cipher, ESP32 hardware accelerated version + * Based on mbedTLS FIPS-197 compliant version. + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Additions Copyright (C) 2016-2017, Espressif Systems (Shanghai) PTE Ltd + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +/* + * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. + * + * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf + * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf + */ +#include +#include "mbedtls/aes.h" +#include "mbedtls/platform_util.h" +#include "aes.h" +#include "soc/hwcrypto_periph.h" +#include + +#include + +#include "soc/cpu.h" +#include +#include "driver/periph_ctrl.h" + + +/* AES uses a spinlock mux not a lock as the underlying block operation + only takes 208 cycles (to write key & compute block), +600 cycles + for DPORT protection but +3400 cycles again if you use a full sized lock. + + For CBC, CFB, etc. this may mean that interrupts are disabled for a longer + period of time for bigger lengths. However at the moment this has to happen + anyway due to DPORT protection... +*/ +static portMUX_TYPE aes_spinlock = portMUX_INITIALIZER_UNLOCKED; + +static inline bool valid_key_length(const esp_aes_context *ctx) +{ + return ctx->key_bytes == 128/8 || ctx->key_bytes == 192/8 || ctx->key_bytes == 256/8; +} + +void esp_aes_acquire_hardware( void ) +{ + portENTER_CRITICAL(&aes_spinlock); + + /* Enable AES hardware */ + periph_module_enable(PERIPH_AES_MODULE); +} + +void esp_aes_release_hardware( void ) +{ + /* Disable AES hardware */ + periph_module_disable(PERIPH_AES_MODULE); + + portEXIT_CRITICAL(&aes_spinlock); +} + +void esp_aes_init( esp_aes_context *ctx ) +{ + bzero( ctx, sizeof( esp_aes_context ) ); +} + +void esp_aes_free( esp_aes_context *ctx ) +{ + if ( ctx == NULL ) { + return; + } + + bzero( ctx, sizeof( esp_aes_context ) ); +} + + + +/* + * AES key schedule (same for encryption or decryption, as hardware handles schedule) + * + */ +int esp_aes_setkey( esp_aes_context *ctx, const unsigned char *key, + unsigned int keybits ) +{ + if (keybits != 128 && keybits != 192 && keybits != 256) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + ctx->key_bytes = keybits / 8; + memcpy(ctx->key, key, ctx->key_bytes); + ctx->key_in_hardware = 0; + return 0; +} + +/* + * Helper function to copy key from esp_aes_context buffer + * to hardware key registers. + * + * Call only while holding esp_aes_acquire_hardware(). + */ +static void esp_aes_setkey_hardware(esp_aes_context *ctx, int mode) +{ + const uint32_t MODE_DECRYPT_BIT = 4; + unsigned mode_reg_base = (mode == ESP_AES_ENCRYPT) ? 0 : MODE_DECRYPT_BIT; + + ctx->key_in_hardware = 0; + + for (int i = 0; i < ctx->key_bytes/4; ++i) { + DPORT_REG_WRITE(AES_KEY_BASE + i * 4, *(((uint32_t *)ctx->key) + i)); + ctx->key_in_hardware += 4; + } + + DPORT_REG_WRITE(AES_MODE_REG, mode_reg_base + ((ctx->key_bytes / 8) - 2)); + + /* Fault injection check: all words of key data should have been written to hardware */ + if (ctx->key_in_hardware < 16 + || ctx->key_in_hardware != ctx->key_bytes) { + abort(); + } +} + +/* Run a single 16 byte block of AES, using the hardware engine. + * + * Call only while holding esp_aes_acquire_hardware(). + */ +static int esp_aes_block(esp_aes_context *ctx, const void *input, void *output) +{ + const uint32_t *input_words = (const uint32_t *)input; + uint32_t i0, i1, i2, i3; + uint32_t *output_words = (uint32_t *)output; + + /* If no key is written to hardware yet, either the user hasn't called + mbedtls_aes_setkey_enc/mbedtls_aes_setkey_dec - meaning we also don't + know which mode to use - or a fault skipped the + key write to hardware. Treat this as a fatal error and zero the output block. + */ + if (ctx->key_in_hardware != ctx->key_bytes) { + bzero(output, 16); + return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } + + /* Storing i0,i1,i2,i3 in registers not an array + helps a lot with optimisations at -Os level */ + i0 = input_words[0]; + DPORT_REG_WRITE(AES_TEXT_BASE, i0); + + i1 = input_words[1]; + DPORT_REG_WRITE(AES_TEXT_BASE + 4, i1); + + i2 = input_words[2]; + DPORT_REG_WRITE(AES_TEXT_BASE + 8, i2); + + i3 = input_words[3]; + DPORT_REG_WRITE(AES_TEXT_BASE + 12, i3); + + DPORT_REG_WRITE(AES_START_REG, 1); + + while (DPORT_REG_READ(AES_IDLE_REG) != 1) { } + + esp_dport_access_read_buffer(output_words, AES_TEXT_BASE, 4); + + /* Physical security check: Verify the AES accelerator actually ran, and wasn't + skipped due to external fault injection while starting the peripheral. + + Note that i0,i1,i2,i3 are copied from input buffer in case input==output. + + Bypassing this check requires at least one additional fault. + */ + if(i0 == output_words[0] && i1 == output_words[1] && i2 == output_words[2] && i3 == output_words[3]) { + // calling zeroing functions to narrow the + // window for a double-fault of the abort step, here + memset(output, 0, 16); + mbedtls_platform_zeroize(output, 16); + abort(); + } + + return 0; +} + +/* + * AES-ECB block encryption + */ +int esp_internal_aes_encrypt( esp_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ) +{ + int r; + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); + r = esp_aes_block(ctx, input, output); + esp_aes_release_hardware(); + return r; +} + +/* + * AES-ECB block decryption + */ + +int esp_internal_aes_decrypt( esp_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ) +{ + int r; + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + esp_aes_setkey_hardware(ctx, ESP_AES_DECRYPT); + r = esp_aes_block(ctx, input, output); + esp_aes_release_hardware(); + return r; +} + +/* + * AES-ECB block encryption/decryption + */ +int esp_aes_crypt_ecb( esp_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ) +{ + int r; + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + esp_aes_setkey_hardware(ctx, mode); + r = esp_aes_block(ctx, input, output); + esp_aes_release_hardware(); + + return r; +} + + +/* + * AES-CBC buffer encryption/decryption + */ +int esp_aes_crypt_cbc( esp_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int i; + uint32_t *output_words = (uint32_t *)output; + const uint32_t *input_words = (const uint32_t *)input; + uint32_t *iv_words = (uint32_t *)iv; + unsigned char temp[16]; + + if ( length % 16 ) { + return ( ERR_ESP_AES_INVALID_INPUT_LENGTH ); + } + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + + esp_aes_setkey_hardware(ctx, mode); + + if ( mode == ESP_AES_DECRYPT ) { + while ( length > 0 ) { + memcpy(temp, input_words, 16); + esp_aes_block(ctx, input_words, output_words); + + for ( i = 0; i < 4; i++ ) { + output_words[i] = output_words[i] ^ iv_words[i]; + } + + memcpy( iv_words, temp, 16 ); + + input_words += 4; + output_words += 4; + length -= 16; + } + } else { // ESP_AES_ENCRYPT + while ( length > 0 ) { + + for ( i = 0; i < 4; i++ ) { + output_words[i] = input_words[i] ^ iv_words[i]; + } + + esp_aes_block(ctx, output_words, output_words); + memcpy( iv_words, output_words, 16 ); + + input_words += 4; + output_words += 4; + length -= 16; + } + } + + esp_aes_release_hardware(); + + return 0; +} + +/* + * AES-CFB128 buffer encryption/decryption + */ +int esp_aes_crypt_cfb128( esp_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int c; + size_t n = *iv_off; + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + + esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); + + if ( mode == ESP_AES_DECRYPT ) { + while ( length-- ) { + if ( n == 0 ) { + esp_aes_block(ctx, iv, iv); + } + + c = *input++; + *output++ = (unsigned char)( c ^ iv[n] ); + iv[n] = (unsigned char) c; + + n = ( n + 1 ) & 0x0F; + } + } else { + while ( length-- ) { + if ( n == 0 ) { + esp_aes_block(ctx, iv, iv); + } + + iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + + n = ( n + 1 ) & 0x0F; + } + } + + *iv_off = n; + + esp_aes_release_hardware(); + + return 0; +} + +/* + * AES-CFB8 buffer encryption/decryption + */ +int esp_aes_crypt_cfb8( esp_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + unsigned char c; + unsigned char ov[17]; + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + + esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); + + while ( length-- ) { + memcpy( ov, iv, 16 ); + esp_aes_block(ctx, iv, iv); + + if ( mode == ESP_AES_DECRYPT ) { + ov[16] = *input; + } + + c = *output++ = (unsigned char)( iv[0] ^ *input++ ); + + if ( mode == ESP_AES_ENCRYPT ) { + ov[16] = c; + } + + memcpy( iv, ov + 1, 16 ); + } + + esp_aes_release_hardware(); + + return 0; +} + +/* + * AES-CTR buffer encryption/decryption + */ +int esp_aes_crypt_ctr( esp_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ) +{ + int c, i; + size_t n = *nc_off; + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + ctx->key_in_hardware = 0; + + esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); + + while ( length-- ) { + if ( n == 0 ) { + esp_aes_block(ctx, nonce_counter, stream_block); + + for ( i = 16; i > 0; i-- ) + if ( ++nonce_counter[i - 1] != 0 ) { + break; + } + } + c = *input++; + *output++ = (unsigned char)( c ^ stream_block[n] ); + + n = ( n + 1 ) & 0x0F; + } + + *nc_off = n; + + esp_aes_release_hardware(); + + return 0; +} + +/* + * AES-OFB (Output Feedback Mode) buffer encryption/decryption + */ +int esp_aes_crypt_ofb( esp_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int ret = 0; + size_t n; + + if ( ctx == NULL || iv_off == NULL || iv == NULL || + input == NULL || output == NULL ) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } + + n = *iv_off; + + if( n > 15 ) { + return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + } + + if (!valid_key_length(ctx)) { + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + esp_aes_acquire_hardware(); + + esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); + + while( length-- ) { + if( n == 0 ) { + esp_aes_block(ctx, iv, iv); + } + *output++ = *input++ ^ iv[n]; + + n = ( n + 1 ) & 0x0F; + } + + *iv_off = n; + + esp_aes_release_hardware(); + + return( ret ); +} + +/* Below XTS implementation is copied aes.c of mbedtls library. + * When MBEDTLS_AES_ALT is defined mbedtls expects alternate + * definition of XTS functions to be available. Even if this + * could have been avoided, it is done for consistency reason. + */ + +void esp_aes_xts_init( esp_aes_xts_context *ctx ) +{ + esp_aes_init( &ctx->crypt ); + esp_aes_init( &ctx->tweak ); +} + +void esp_aes_xts_free( esp_aes_xts_context *ctx ) +{ + esp_aes_free( &ctx->crypt ); + esp_aes_free( &ctx->tweak ); +} + +static int esp_aes_xts_decode_keys( const unsigned char *key, + unsigned int keybits, + const unsigned char **key1, + unsigned int *key1bits, + const unsigned char **key2, + unsigned int *key2bits ) +{ + const unsigned int half_keybits = keybits / 2; + const unsigned int half_keybytes = half_keybits / 8; + + switch( keybits ) + { + case 256: break; + case 512: break; + default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + } + + *key1bits = half_keybits; + *key2bits = half_keybits; + *key1 = &key[0]; + *key2 = &key[half_keybytes]; + + return 0; +} + +int esp_aes_xts_setkey_enc( esp_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits) +{ + int ret; + const unsigned char *key1, *key2; + unsigned int key1bits, key2bits; + + ret = esp_aes_xts_decode_keys( key, keybits, &key1, &key1bits, + &key2, &key2bits ); + if( ret != 0 ) + return( ret ); + + /* Set the tweak key. Always set tweak key for the encryption mode. */ + ret = esp_aes_setkey( &ctx->tweak, key2, key2bits ); + if( ret != 0 ) + return( ret ); + + /* Set crypt key for encryption. */ + return esp_aes_setkey( &ctx->crypt, key1, key1bits ); +} + +int esp_aes_xts_setkey_dec( esp_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits) +{ + int ret; + const unsigned char *key1, *key2; + unsigned int key1bits, key2bits; + + ret = esp_aes_xts_decode_keys( key, keybits, &key1, &key1bits, + &key2, &key2bits ); + if( ret != 0 ) + return( ret ); + + /* Set the tweak key. Always set tweak key for encryption. */ + ret = esp_aes_setkey( &ctx->tweak, key2, key2bits ); + if( ret != 0 ) + return( ret ); + + /* Set crypt key for decryption. */ + return esp_aes_setkey( &ctx->crypt, key1, key1bits ); +} + +/* Endianess with 64 bits values */ +#ifndef GET_UINT64_LE +#define GET_UINT64_LE(n,b,i) \ +{ \ + (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \ + | ( (uint64_t) (b)[(i) + 6] << 48 ) \ + | ( (uint64_t) (b)[(i) + 5] << 40 ) \ + | ( (uint64_t) (b)[(i) + 4] << 32 ) \ + | ( (uint64_t) (b)[(i) + 3] << 24 ) \ + | ( (uint64_t) (b)[(i) + 2] << 16 ) \ + | ( (uint64_t) (b)[(i) + 1] << 8 ) \ + | ( (uint64_t) (b)[(i) ] ); \ +} +#endif + +#ifndef PUT_UINT64_LE +#define PUT_UINT64_LE(n,b,i) \ +{ \ + (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \ + (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \ + (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \ + (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) ] = (unsigned char) ( (n) ); \ +} +#endif + +typedef unsigned char esp_be128[16]; + +/* + * GF(2^128) multiplication function + * + * This function multiplies a field element by x in the polynomial field + * representation. It uses 64-bit word operations to gain speed but compensates + * for machine endianess and hence works correctly on both big and little + * endian machines. + */ +static void esp_gf128mul_x_ble( unsigned char r[16], + const unsigned char x[16] ) +{ + uint64_t a, b, ra, rb; + + GET_UINT64_LE( a, x, 0 ); + GET_UINT64_LE( b, x, 8 ); + + ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); + rb = ( a >> 63 ) | ( b << 1 ); + + PUT_UINT64_LE( ra, r, 0 ); + PUT_UINT64_LE( rb, r, 8 ); +} + +/* + * AES-XTS buffer encryption/decryption + */ +int esp_aes_crypt_xts( esp_aes_xts_context *ctx, + int mode, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output ) +{ + int ret; + size_t blocks = length / 16; + size_t leftover = length % 16; + unsigned char tweak[16]; + unsigned char prev_tweak[16]; + unsigned char tmp[16]; + + /* Sectors must be at least 16 bytes. */ + if( length < 16 ) + return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + + /* NIST SP 80-38E disallows data units larger than 2**20 blocks. */ + if( length > ( 1 << 20 ) * 16 ) + return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + + /* Compute the tweak. */ + ret = esp_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, + data_unit, tweak ); + if( ret != 0 ) + return( ret ); + + while( blocks-- ) + { + size_t i; + + if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 ) + { + /* We are on the last block in a decrypt operation that has + * leftover bytes, so we need to use the next tweak for this block, + * and this tweak for the lefover bytes. Save the current tweak for + * the leftovers and then update the current tweak for use on this, + * the last full block. */ + memcpy( prev_tweak, tweak, sizeof( tweak ) ); + esp_gf128mul_x_ble( tweak, tweak ); + } + + for( i = 0; i < 16; i++ ) + tmp[i] = input[i] ^ tweak[i]; + + ret = esp_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); + if( ret != 0 ) + return( ret ); + + for( i = 0; i < 16; i++ ) + output[i] = tmp[i] ^ tweak[i]; + + /* Update the tweak for the next block. */ + esp_gf128mul_x_ble( tweak, tweak ); + + output += 16; + input += 16; + } + + if( leftover ) + { + /* If we are on the leftover bytes in a decrypt operation, we need to + * use the previous tweak for these bytes (as saved in prev_tweak). */ + unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak; + + /* We are now on the final part of the data unit, which doesn't divide + * evenly by 16. It's time for ciphertext stealing. */ + size_t i; + unsigned char *prev_output = output - 16; + + /* Copy ciphertext bytes from the previous block to our output for each + * byte of cyphertext we won't steal. At the same time, copy the + * remainder of the input for this final round (since the loop bounds + * are the same). */ + for( i = 0; i < leftover; i++ ) + { + output[i] = prev_output[i]; + tmp[i] = input[i] ^ t[i]; + } + + /* Copy ciphertext bytes from the previous block for input in this + * round. */ + for( ; i < 16; i++ ) + tmp[i] = prev_output[i] ^ t[i]; + + ret = esp_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); + if( ret != 0 ) + return ret; + + /* Write the result back to the previous block, overriding the previous + * output we copied. */ + for( i = 0; i < 16; i++ ) + prev_output[i] = tmp[i] ^ t[i]; + } + + return( 0 ); +} diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c index 275adad6dcf..40032de8e56 100644 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c +++ b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c @@ -27,11 +27,10 @@ #include #include #include -#include "rom/bigint.h" -#include "soc/hwcrypto_reg.h" +#include "esp32/rom/bigint.h" +#include "soc/hwcrypto_periph.h" #include "esp_system.h" #include "esp_log.h" -#include "esp_intr.h" #include "esp_intr_alloc.h" #include "esp_attr.h" diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h new file mode 100644 index 00000000000..f423b8a7ff4 --- /dev/null +++ b/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h @@ -0,0 +1,353 @@ +/** + * \brief AES block cipher, ESP32 hardware accelerated version + * Based on mbedTLS FIPS-197 compliant version. + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * + */ + +#ifndef ESP_AES_H +#define ESP_AES_H + +#include "esp_types.h" +#include "esp32/rom/aes.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* padlock.c and aesni.c rely on these values! */ +#define ESP_AES_ENCRYPT 1 +#define ESP_AES_DECRYPT 0 + +#define ERR_ESP_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ +#define ERR_ESP_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ + +/** + * \brief AES context structure + * + */ +typedef struct { + uint8_t key_bytes; + volatile uint8_t key_in_hardware; /* This variable is used for fault injection checks, so marked volatile to avoid optimisation */ + uint8_t key[32]; +} esp_aes_context; + +/** + * \brief The AES XTS context-type definition. + */ +typedef struct +{ + esp_aes_context crypt; /*!< The AES context to use for AES block + encryption or decryption. */ + esp_aes_context tweak; /*!< The AES context used for tweak + computation. */ +} esp_aes_xts_context; + + +/** + * \brief Lock access to AES hardware unit + * + * AES hardware unit can only be used by one + * consumer at a time. + * + * esp_aes_xxx API calls automatically manage locking & unlocking of + * hardware, this function is only needed if you want to call + * ets_aes_xxx functions directly. + */ +void esp_aes_acquire_hardware( void ); + +/** + * \brief Unlock access to AES hardware unit + * + * esp_aes_xxx API calls automatically manage locking & unlocking of + * hardware, this function is only needed if you want to call + * ets_aes_xxx functions directly. + */ +void esp_aes_release_hardware( void ); + +/** + * \brief Initialize AES context + * + * \param ctx AES context to be initialized + */ +void esp_aes_init( esp_aes_context *ctx ); + +/** + * \brief Clear AES context + * + * \param ctx AES context to be cleared + */ +void esp_aes_free( esp_aes_context *ctx ); + +/** + * \brief This function initializes the specified AES XTS context. + * + * It must be the first API called before using + * the context. + * + * \param ctx The AES XTS context to initialize. + */ +void esp_aes_xts_init( esp_aes_xts_context *ctx ); + +/** + * \brief This function releases and clears the specified AES XTS context. + * + * \param ctx The AES XTS context to clear. + */ +void esp_aes_xts_free( esp_aes_xts_context *ctx ); + +/** + * \brief AES set key schedule (encryption or decryption) + * + * \param ctx AES context to be initialized + * \param key encryption key + * \param keybits must be 128, 192 or 256 + * + * \return 0 if successful, or ERR_AES_INVALID_KEY_LENGTH + */ +int esp_aes_setkey( esp_aes_context *ctx, const unsigned char *key, unsigned int keybits ); + +/** + * \brief AES-ECB block encryption/decryption + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param input 16-byte input block + * \param output 16-byte output block + * + * \return 0 if successful + */ +int esp_aes_crypt_ecb( esp_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ); + +/** + * \brief AES-CBC buffer encryption/decryption + * Length should be a multiple of the block + * size (16 bytes) + * + * \note Upon exit, the content of the IV is updated so that you can + * call the function same function again on the following + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If on the other hand you need to retain the contents of the + * IV, you should either save it manually or use the cipher + * module instead. + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or ERR_AES_INVALID_INPUT_LENGTH + */ +int esp_aes_crypt_cbc( esp_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + + +/** + * \brief AES-CFB128 buffer encryption/decryption. + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * esp_aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * + * \note Upon exit, the content of the IV is updated so that you can + * call the function same function again on the following + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If on the other hand you need to retain the contents of the + * IV, you should either save it manually or use the cipher + * module instead. + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv_off offset in IV (updated after use) + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int esp_aes_crypt_cfb128( esp_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief AES-CFB8 buffer encryption/decryption. + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * esp_aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * + * \note Upon exit, the content of the IV is updated so that you can + * call the function same function again on the following + * block(s) of data and get the same result as if it was + * encrypted in one call. This allows a "streaming" usage. + * If on the other hand you need to retain the contents of the + * IV, you should either save it manually or use the cipher + * module instead. + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int esp_aes_crypt_cfb8( esp_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief AES-CTR buffer encryption/decryption + * + * Warning: You have to keep the maximum use of your counter in mind! + * + * Note: Due to the nature of CTR you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * esp_aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * + * \param ctx AES context + * \param length The length of the data + * \param nc_off The offset in the current stream_block (for resuming + * within current cipher stream). The offset pointer to + * should be 0 at the start of a stream. + * \param nonce_counter The 128-bit nonce and counter. + * \param stream_block The saved stream-block for resuming. Is overwritten + * by the function. + * \param input The input data stream + * \param output The output data stream + * + * \return 0 if successful + */ +int esp_aes_crypt_ctr( esp_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief This function prepares an XTS context for encryption and + * sets the encryption key. + * + * \param ctx The AES XTS context to which the key should be bound. + * \param key The encryption key. This is comprised of the XTS key1 + * concatenated with the XTS key2. + * \param keybits The size of \p key passed in bits. Valid options are: + *
  • 256 bits (each of key1 and key2 is a 128-bit key)
    • + *
  • 512 bits (each of key1 and key2 is a 256-bit key)
+ * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. + */ +int esp_aes_xts_setkey_enc( esp_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits ); + +/** + * \brief This function performs an AES-OFB (Output Feedback Mode) + * encryption or decryption operation. + * + * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. + * \param length The length of the input data. + * \param iv_off The offset in IV (updated after use). + * It must point to a valid \c size_t. + * \param iv The initialization vector (updated after use). + * It must be a readable and writeable buffer of \c 16 Bytes. + * \param input The buffer holding the input data. + * It must be readable and of size \p length Bytes. + * \param output The buffer holding the output data. + * It must be writeable and of size \p length Bytes. + * + * \return \c 0 on success. + */ +int esp_aes_crypt_ofb( esp_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief This function prepares an XTS context for decryption and + * sets the decryption key. + * + * \param ctx The AES XTS context to which the key should be bound. + * \param key The decryption key. This is comprised of the XTS key1 + * concatenated with the XTS key2. + * \param keybits The size of \p key passed in bits. Valid options are: + *
  • 256 bits (each of key1 and key2 is a 128-bit key)
    • + *
  • 512 bits (each of key1 and key2 is a 256-bit key)
+ * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. + */ +int esp_aes_xts_setkey_dec( esp_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits ); + + +/** + * \brief Internal AES block encryption function + * (Only exposed to allow overriding it, + * see AES_ENCRYPT_ALT) + * + * \param ctx AES context + * \param input Plaintext block + * \param output Output (ciphertext) block + */ +int esp_internal_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); + +/** + * \brief Internal AES block decryption function + * (Only exposed to allow overriding it, + * see AES_DECRYPT_ALT) + * + * \param ctx AES context + * \param input Ciphertext block + * \param output Output (plaintext) block + */ +int esp_internal_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); + +/** AES-XTS buffer encryption/decryption */ +int esp_aes_crypt_xts( esp_aes_xts_context *ctx, int mode, size_t length, const unsigned char data_unit[16], const unsigned char *input, unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#endif /* aes.h */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h index cf87ea5c152..9e38fccf2d9 100644 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h +++ b/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h @@ -28,7 +28,7 @@ extern "C" { #endif #if defined(MBEDTLS_AES_ALT) -#include "hwcrypto/aes.h" +#include "aes.h" typedef esp_aes_context mbedtls_aes_context; diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h new file mode 100644 index 00000000000..2009d198180 --- /dev/null +++ b/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h @@ -0,0 +1,211 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +#ifndef _ESP_SHA_H_ +#define _ESP_SHA_H_ + +#include "esp32/rom/sha.h" +#include "esp_types.h" + +/** @brief Low-level support functions for the hardware SHA engine + * + * @note If you're looking for a SHA API to use, try mbedtls component + * mbedtls/shaXX.h. That API supports hardware acceleration. + * + * The API in this header provides some building blocks for implementing a + * full SHA API such as the one in mbedtls, and also a basic SHA function esp_sha(). + * + * Some technical details about the hardware SHA engine: + * + * - SHA accelerator engine calculates one digest at a time, per SHA + * algorithm type. It initialises and maintains the digest state + * internally. It is possible to read out an in-progress SHA digest + * state, but it is not possible to restore a SHA digest state + * into the engine. + * + * - The memory block SHA_TEXT_BASE is shared between all SHA digest + * engines, so all engines must be idle before this memory block is + * modified. + * + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* Defined in esp32/rom/sha.h */ +typedef enum SHA_TYPE esp_sha_type; + +/** @brief Calculate SHA1 or SHA2 sum of some data, using hardware SHA engine + * + * @note For more versatile SHA calculations, where data doesn't need + * to be passed all at once, try the mbedTLS mbedtls/shaX.h APIs. The + * hardware-accelerated mbedTLS implementation is also faster when + * hashing large amounts of data. + * + * @note It is not necessary to lock any SHA hardware before calling + * this function, thread safety is managed internally. + * + * @note If a TLS connection is open then this function may block + * indefinitely waiting for a SHA engine to become available. Use the + * mbedTLS SHA API to avoid this problem. + * + * @param sha_type SHA algorithm to use. + * + * @param input Input data buffer. + * + * @param ilen Length of input data in bytes. + * + * @param output Buffer for output SHA digest. Output is 20 bytes for + * sha_type SHA1, 32 bytes for sha_type SHA2_256, 48 bytes for + * sha_type SHA2_384, 64 bytes for sha_type SHA2_512. + */ +void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output); + +/* @brief Begin to execute a single SHA block operation + * + * @note This is a piece of a SHA algorithm, rather than an entire SHA + * algorithm. + * + * @note Call esp_sha_try_lock_engine() before calling this + * function. Do not call esp_sha_lock_memory_block() beforehand, this + * is done inside the function. + * + * @param sha_type SHA algorithm to use. + * + * @param data_block Pointer to block of data. Block size is + * determined by algorithm (SHA1/SHA2_256 = 64 bytes, + * SHA2_384/SHA2_512 = 128 bytes) + * + * @param is_first_block If this parameter is true, the SHA state will + * be initialised (with the initial state of the given SHA algorithm) + * before the block is calculated. If false, the existing state of the + * SHA engine will be used. + * + * @return As a performance optimisation, this function returns before + * the SHA block operation is complete. Both this function and + * esp_sha_read_state() will automatically wait for any previous + * operation to complete before they begin. If using the SHA registers + * directly in another way, call esp_sha_wait_idle() after calling this + * function but before accessing the SHA registers. + */ +void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block); + +/** @brief Read out the current state of the SHA digest loaded in the engine. + * + * @note This is a piece of a SHA algorithm, rather than an entire SHA algorithm. + * + * @note Call esp_sha_try_lock_engine() before calling this + * function. Do not call esp_sha_lock_memory_block() beforehand, this + * is done inside the function. + * + * If the SHA suffix padding block has been executed already, the + * value that is read is the SHA digest (in big endian + * format). Otherwise, the value that is read is an interim SHA state. + * + * @note If sha_type is SHA2_384, only 48 bytes of state will be read. + * This is enough for the final SHA2_384 digest, but if you want the + * interim SHA-384 state (to continue digesting) then pass SHA2_512 instead. + * + * @param sha_type SHA algorithm in use. + * + * @param state Pointer to a memory buffer to hold the SHA state. Size + * is 20 bytes (SHA1), 32 bytes (SHA2_256), 48 bytes (SHA2_384) or 64 bytes (SHA2_512). + * + */ +void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state); + +/** + * @brief Obtain exclusive access to a particular SHA engine + * + * @param sha_type Type of SHA engine to use. + * + * Blocks until engine is available. Note: Can block indefinitely + * while a TLS connection is open, suggest using + * esp_sha_try_lock_engine() and failing over to software SHA. + */ +void esp_sha_lock_engine(esp_sha_type sha_type); + +/** + * @brief Try and obtain exclusive access to a particular SHA engine + * + * @param sha_type Type of SHA engine to use. + * + * @return Returns true if the SHA engine is locked for exclusive + * use. Call esp_sha_unlock_sha_engine() when done. Returns false if + * the SHA engine is already in use, caller should use software SHA + * algorithm for this digest. + */ +bool esp_sha_try_lock_engine(esp_sha_type sha_type); + +/** + * @brief Unlock an engine previously locked with esp_sha_lock_engine() or esp_sha_try_lock_engine() + * + * @param sha_type Type of engine to release. + */ +void esp_sha_unlock_engine(esp_sha_type sha_type); + +/** + * @brief Acquire exclusive access to the SHA shared memory block at SHA_TEXT_BASE + * + * This memory block is shared across all the SHA algorithm types. + * + * Caller should have already locked a SHA engine before calling this function. + * + * Note that it is possible to obtain exclusive access to the memory block even + * while it is in use by the SHA engine. Caller should use esp_sha_wait_idle() + * to ensure the SHA engine is not reading from the memory block in hardware. + * + * @note This function enters a critical section. Do not block while holding this lock. + * + * @note You do not need to lock the memory block before calling esp_sha_block() or esp_sha_read_digest_state(), these functions handle memory block locking internally. + * + * Call esp_sha_unlock_memory_block() when done. + */ +void esp_sha_lock_memory_block(void); + +/** + * @brief Release exclusive access to the SHA register memory block at SHA_TEXT_BASE + * + * Caller should have already locked a SHA engine before calling this function. + * + * This function releases the critical section entered by esp_sha_lock_memory_block(). + * + * Call following esp_sha_lock_memory_block(). + */ +void esp_sha_unlock_memory_block(void); + +/** @brief Wait for the SHA engine to finish any current operation + * + * @note This function does not ensure exclusive access to any SHA + * engine. Caller should use esp_sha_try_lock_engine() and + * esp_sha_lock_memory_block() as required. + * + * @note Functions declared in this header file wait for SHA engine + * completion automatically, so you don't need to use this API for + * these. However if accessing SHA registers directly, you will need + * to call this before accessing SHA registers if using the + * esp_sha_block() function. + * + * @note This function busy-waits, so wastes CPU resources. + * Best to delay calling until you are about to need it. + * + */ +void esp_sha_wait_idle(void); + +#ifdef __cplusplus +} +#endif + +#endif + diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/sha.c b/vendors/espressif/boards/esp32/components/mbedtls/port/sha.c new file mode 100644 index 00000000000..ba1e6009390 --- /dev/null +++ b/vendors/espressif/boards/esp32/components/mbedtls/port/sha.c @@ -0,0 +1,314 @@ +/* + * ESP32 hardware accelerated SHA1/256/512 implementation + * based on mbedTLS FIPS-197 compliant version. + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +/* + * The SHA-1 standard was published by NIST in 1993. + * + * http://www.itl.nist.gov/fipspubs/fip180-1.htm + */ + +#include +#include +#include +#include + +#include "freertos/FreeRTOS.h" +#include "freertos/semphr.h" + +#include "sha.h" +#include "esp32/rom/ets_sys.h" +#include "soc/hwcrypto_periph.h" +#include "driver/periph_ctrl.h" + +inline static uint32_t SHA_LOAD_REG(esp_sha_type sha_type) { + return SHA_1_LOAD_REG + sha_type * 0x10; +} + +inline static uint32_t SHA_BUSY_REG(esp_sha_type sha_type) { + return SHA_1_BUSY_REG + sha_type * 0x10; +} + +inline static uint32_t SHA_START_REG(esp_sha_type sha_type) { + return SHA_1_START_REG + sha_type * 0x10; +} + +inline static uint32_t SHA_CONTINUE_REG(esp_sha_type sha_type) { + return SHA_1_CONTINUE_REG + sha_type * 0x10; +} + +/* Single spinlock for SHA engine memory block +*/ +static portMUX_TYPE memory_block_lock = portMUX_INITIALIZER_UNLOCKED; + + +/* Binary semaphore managing the state of each concurrent SHA engine. + + Available = noone is using this SHA engine + Taken = a SHA session is running on this SHA engine + + Indexes: + 0 = SHA1 + 1 = SHA2_256 + 2 = SHA2_384 or SHA2_512 +*/ +static SemaphoreHandle_t engine_states[3]; + +static uint8_t engines_in_use; + +/* Spinlock for engines_in_use counter +*/ +static portMUX_TYPE engines_in_use_lock = portMUX_INITIALIZER_UNLOCKED; + +/* Index into the engine_states array */ +inline static size_t sha_engine_index(esp_sha_type type) { + switch(type) { + case SHA1: + return 0; + case SHA2_256: + return 1; + default: + return 2; + } +} + +/* Return digest length (in bytes) for a given SHA type */ +inline static size_t sha_length(esp_sha_type type) { + switch(type) { + case SHA1: + return 20; + case SHA2_256: + return 32; + case SHA2_384: + return 48; + case SHA2_512: + return 64; + default: + return 0; + } +} + +/* Return block size (in bytes) for a given SHA type */ +inline static size_t block_length(esp_sha_type type) { + switch(type) { + case SHA1: + case SHA2_256: + return 64; + case SHA2_384: + case SHA2_512: + return 128; + default: + return 0; + } +} + +void esp_sha_lock_memory_block(void) +{ + portENTER_CRITICAL(&memory_block_lock); +} + +void esp_sha_unlock_memory_block(void) +{ + portEXIT_CRITICAL(&memory_block_lock); +} + +static SemaphoreHandle_t sha_get_engine_state(esp_sha_type sha_type) +{ + unsigned idx = sha_engine_index(sha_type); + volatile SemaphoreHandle_t *engine = &engine_states[idx]; + SemaphoreHandle_t result = *engine; + uint32_t set_engine = 0; + + if (result == NULL) { + // Create a new semaphore for 'in use' flag + SemaphoreHandle_t new_engine = xSemaphoreCreateBinary(); + assert(new_engine != NULL); + xSemaphoreGive(new_engine); // start available + + // try to atomically set the previously NULL *engine to new_engine + set_engine = (uint32_t)new_engine; + uxPortCompareSet((volatile uint32_t *)engine, 0, &set_engine); + + if (set_engine != 0) { // we lost a race setting *engine + vSemaphoreDelete(new_engine); + } + result = *engine; + } + return result; +} + +static bool esp_sha_lock_engine_common(esp_sha_type sha_type, TickType_t ticks_to_wait); + +bool esp_sha_try_lock_engine(esp_sha_type sha_type) +{ + return esp_sha_lock_engine_common(sha_type, 0); +} + +void esp_sha_lock_engine(esp_sha_type sha_type) +{ + esp_sha_lock_engine_common(sha_type, portMAX_DELAY); +} + +static bool esp_sha_lock_engine_common(esp_sha_type sha_type, TickType_t ticks_to_wait) +{ + SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); + BaseType_t result = xSemaphoreTake(engine_state, ticks_to_wait); + + if (result == pdFALSE) { + // failed to take semaphore + return false; + } + + portENTER_CRITICAL(&engines_in_use_lock); + + if (engines_in_use == 0) { + /* Just locked first engine, + so enable SHA hardware */ + periph_module_enable(PERIPH_SHA_MODULE); + } + + engines_in_use++; + assert(engines_in_use <= 3); + + portEXIT_CRITICAL(&engines_in_use_lock); + + return true; +} + + +void esp_sha_unlock_engine(esp_sha_type sha_type) +{ + SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); + + portENTER_CRITICAL(&engines_in_use_lock); + + engines_in_use--; + + if (engines_in_use == 0) { + /* About to release last engine, so + disable SHA hardware */ + periph_module_disable(PERIPH_SHA_MODULE); + } + + portEXIT_CRITICAL(&engines_in_use_lock); + + xSemaphoreGive(engine_state); +} + +void esp_sha_wait_idle(void) +{ + while(1) { + if(DPORT_REG_READ(SHA_1_BUSY_REG) == 0 + && DPORT_REG_READ(SHA_256_BUSY_REG) == 0 + && DPORT_REG_READ(SHA_384_BUSY_REG) == 0 + && DPORT_REG_READ(SHA_512_BUSY_REG) == 0) { + break; + } + } +} + +void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state) +{ + uint32_t *digest_state_words = NULL; + uint32_t *reg_addr_buf = NULL; + uint32_t word_len = sha_length(sha_type)/4; +#ifndef NDEBUG + { + SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); + assert(uxSemaphoreGetCount(engine_state) == 0 && + "SHA engine should be locked" ); + } +#endif + + // preemptively do this before entering the critical section, then re-check once in it + esp_sha_wait_idle(); + + esp_sha_lock_memory_block(); + + esp_sha_wait_idle(); + + DPORT_REG_WRITE(SHA_LOAD_REG(sha_type), 1); + while(DPORT_REG_READ(SHA_BUSY_REG(sha_type)) == 1) { } + digest_state_words = (uint32_t *)digest_state; + reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE); + if(sha_type == SHA2_384 || sha_type == SHA2_512) { + /* for these ciphers using 64-bit states, swap each pair of words */ + DPORT_INTERRUPT_DISABLE(); // Disable interrupt only on current CPU. + for(int i = 0; i < word_len; i += 2) { + digest_state_words[i+1] = DPORT_SEQUENCE_REG_READ((uint32_t)®_addr_buf[i]); + digest_state_words[i] = DPORT_SEQUENCE_REG_READ((uint32_t)®_addr_buf[i+1]); + } + DPORT_INTERRUPT_RESTORE(); // restore the previous interrupt level + } else { + esp_dport_access_read_buffer(digest_state_words, (uint32_t)®_addr_buf[0], word_len); + } + esp_sha_unlock_memory_block(); + + /* Fault injection check: verify SHA engine actually ran, + state is not all zeroes. + */ + for (int i = 0; i < word_len; i++) { + if (digest_state_words[i] != 0) { + return; + } + } + abort(); // SHA peripheral returned all zero state, probably due to fault injection +} + +void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block) +{ + uint32_t *reg_addr_buf = NULL; + uint32_t *data_words = NULL; +#ifndef NDEBUG + { + SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); + assert(uxSemaphoreGetCount(engine_state) == 0 && + "SHA engine should be locked" ); + } +#endif + + // preemptively do this before entering the critical section, then re-check once in it + esp_sha_wait_idle(); + + esp_sha_lock_memory_block(); + + esp_sha_wait_idle(); + + /* Fill the data block */ + reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE); + data_words = (uint32_t *)data_block; + for (int i = 0; i < block_length(sha_type) / 4; i++) { + reg_addr_buf[i] = __builtin_bswap32(data_words[i]); + } + asm volatile ("memw"); + + if(is_first_block) { + DPORT_REG_WRITE(SHA_START_REG(sha_type), 1); + } else { + DPORT_REG_WRITE(SHA_CONTINUE_REG(sha_type), 1); + } + + esp_sha_unlock_memory_block(); + + /* Note: deliberately not waiting for this operation to complete, + as a performance tweak - delay waiting until the next time we need the SHA + unit, instead. + */ +} diff --git a/vendors/espressif/boards/esp32/components/secure_sockets/component.mk b/vendors/espressif/boards/esp32/components/secure_sockets/component.mk index e8131767e99..904d681b7df 100644 --- a/vendors/espressif/boards/esp32/components/secure_sockets/component.mk +++ b/vendors/espressif/boards/esp32/components/secure_sockets/component.mk @@ -3,7 +3,7 @@ AMAZON_FREERTOS_3RD_PARTY_DIR := ../../../../../../libraries/3rdparty AMAZON_FREERTOS_PORTS_DIR := ../../ports ifndef AFR_ESP_FREERTOS_TCP -COMPONENT_SRCDIRS := $(AMAZON_FREERTOS_PORTS_DIR)/secure_sockets/lwip +COMPONENT_SRCDIRS := $(AMAZON_FREERTOS_ABSTRACTIONS_DIR)/secure_sockets/lwip else COMPONENT_SRCDIRS := $(AMAZON_FREERTOS_ABSTRACTIONS_DIR)/secure_sockets/freertos_plus_tcp endif diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c b/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c index 48a9bc5bdb9..ea48edd50bc 100644 --- a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c +++ b/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c @@ -32,11 +32,11 @@ #include "esp_ota_ops.h" #include "aws_esp_ota_ops.h" -#include "rom/queue.h" -#include "rom/crc.h" +#include "sys/queue.h" +#include "esp32/rom/crc.h" #include "soc/dport_reg.h" #include "esp_log.h" -#include "esp_flash_data_types.h" +#include "esp_flash_partitions.h" #include "esp_efuse.h" #include "bootloader_common.h" diff --git a/vendors/espressif/boards/esp32/ports/pkcs11/iot_pkcs11_pal.c b/vendors/espressif/boards/esp32/ports/pkcs11/iot_pkcs11_pal.c index 45e5bf20bdf..d192b07b575 100644 --- a/vendors/espressif/boards/esp32/ports/pkcs11/iot_pkcs11_pal.c +++ b/vendors/espressif/boards/esp32/ports/pkcs11/iot_pkcs11_pal.c @@ -66,7 +66,7 @@ static void initialize_nvs_partition() return; } - ESP_LOGI(TAG, "Initializing NVS partition: \"%s\"", NVS_PART_NAME); + ESP_EARLY_LOGI(TAG, "Initializing NVS partition: \"%s\"", NVS_PART_NAME); @@ -79,7 +79,7 @@ static void initialize_nvs_partition() nvs_sec_cfg_t cfg; esp_err_t err = nvs_flash_read_security_cfg(key_part, &cfg); if (err == ESP_ERR_NVS_KEYS_NOT_INITIALIZED) { - ESP_LOGI(TAG, "NVS key partition empty, generating keys"); + ESP_EARLY_LOGI(TAG, "NVS key partition empty, generating keys"); nvs_flash_generate_keys(key_part, &cfg); } else { ESP_ERROR_CHECK(err); @@ -87,7 +87,7 @@ static void initialize_nvs_partition() esp_err_t ret = nvs_flash_secure_init_partition(NVS_PART_NAME, &cfg); if (ret == ESP_ERR_NVS_NO_FREE_PAGES || ret == ESP_ERR_NVS_NEW_VERSION_FOUND) { - ESP_LOGW(TAG, "Error initialising the NVS partition [%d]. Erasing the partition.", ret); + ESP_EARLY_LOGW(TAG, "Error initialising the NVS partition [%d]. Erasing the partition.", ret); ESP_ERROR_CHECK(nvs_flash_erase_partition(NVS_PART_NAME)); ret = nvs_flash_secure_init_partition(NVS_PART_NAME, &cfg); } @@ -96,7 +96,7 @@ static void initialize_nvs_partition() #endif // CONFIG_NVS_ENCRYPTION esp_err_t ret = nvs_flash_init_partition(NVS_PART_NAME); if (ret == ESP_ERR_NVS_NO_FREE_PAGES || ret == ESP_ERR_NVS_NEW_VERSION_FOUND) { - ESP_LOGW(TAG, "Error initialising the NVS partition [%d]. Erasing the partition.", ret); + ESP_EARLY_LOGW(TAG, "Error initialising the NVS partition [%d]. Erasing the partition.", ret); ESP_ERROR_CHECK(nvs_flash_erase_partition(NVS_PART_NAME)); ret = nvs_flash_init_partition(NVS_PART_NAME); } diff --git a/vendors/espressif/boards/esp32/ports/secure_sockets/lwip/iot_secure_sockets.c b/vendors/espressif/boards/esp32/ports/secure_sockets/lwip/iot_secure_sockets.c deleted file mode 100644 index 0913aa2ae90..00000000000 --- a/vendors/espressif/boards/esp32/ports/secure_sockets/lwip/iot_secure_sockets.c +++ /dev/null @@ -1,837 +0,0 @@ -/* - * FreeRTOS Secure Sockets V1.1.7 - * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Permission is hereby granted, free of charge, to any person obtaining a copy of - * this software and associated documentation files (the "Software"), to deal in - * the Software without restriction, including without limitation the rights to - * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of - * the Software, and to permit persons to whom the Software is furnished to do so, - * subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in all - * copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS - * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR - * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER - * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - * - * http://aws.amazon.com/freertos - * http://www.FreeRTOS.org - */ - -/** - * @file iot_secure_sockets.c - * @brief WiFi and Secure Socket interface implementation. - */ - -/* Define _SECURE_SOCKETS_WRAPPER_NOT_REDEFINE to prevent secure sockets functions - * from redefining in iot_secure_sockets_wrapper_metrics.h */ -#define _SECURE_SOCKETS_WRAPPER_NOT_REDEFINE - -/* Socket and WiFi interface includes. */ -#include "iot_secure_sockets.h" - - -#include "sockets.h" -#include "netdb.h" - -#include "iot_wifi.h" - -#include "iot_tls.h" - -#include "FreeRTOSConfig.h" - -#include "task.h" - -#include -#include - -#undef _SECURE_SOCKETS_WRAPPER_NOT_REDEFINE - -/*-----------------------------------------------------------*/ - -#define SS_STATUS_CONNECTED ( 1 ) -#define SS_STATUS_SECURED ( 2 ) - -/* - * secure socket context. - */ -typedef enum E_AWS_SOCkET_RX_STATE -{ - SST_RX_IDLE, - SST_RX_READY, - SST_RX_CLOSING, - SST_RX_CLOSED, -} T_AWS_SOCKET_RX_STATE; - -typedef struct _ss_ctx_t -{ - int ip_socket; - - int state; - unsigned int status; - int send_flag; - int recv_flag; - - TaskHandle_t rx_handle; - void ( * rx_callback )( Socket_t pxSocket ); - - bool enforce_tls; - void * tls_ctx; - char * destination; - - char * server_cert; - int server_cert_len; - - char ** ppcAlpnProtocols; - uint32_t ulAlpnProtocolsCount; -} ss_ctx_t; - -/*-----------------------------------------------------------*/ - -/*#define SUPPORTED_DESCRIPTORS (2) */ - -/*-----------------------------------------------------------*/ - -/*static int8_t sockets_allocated = SUPPORTED_DESCRIPTORS; */ -static int8_t sockets_allocated = socketsconfigDEFAULT_MAX_NUM_SECURE_SOCKETS; - - -/*-----------------------------------------------------------*/ - -/* - * convert from system ticks to seconds. - */ -#define TICK_TO_S( _t_ ) ( ( _t_ ) / configTICK_RATE_HZ ) - -/* - * convert from system ticks to micro seconds. - */ -#define TICK_TO_US( _t_ ) ( ( _t_ ) * 1000 / configTICK_RATE_HZ * 1000 ) - -/*-----------------------------------------------------------*/ - -#if AFR_ESP_LWIP -/* For ESP32 platform, it is preferred to go through VFS layer rather than using direct lwIP calls */ -#define lwip_socket socket -#define lwip_send send -#define lwip_recv recv -#define lwip_close close -#define lwip_ioctl ioctl -#define lwip_select select -#define lwip_connect connect -#define lwip_setsockopt setsockopt -#define lwip_shutdown lwip_shutdown_r -#endif /* ESP_LWIP */ - -/* - * @brief Network send callback. - */ -static BaseType_t prvNetworkSend( void * pvContext, - const unsigned char * pucData, - size_t xDataLength ) -{ - ss_ctx_t * ctx = ( ss_ctx_t * ) pvContext; - - int ret = lwip_send( ctx->ip_socket, - pucData, - xDataLength, - ctx->send_flag ); - - return ( BaseType_t ) ret; -} - -/*-----------------------------------------------------------*/ - -/* - * @brief Network receive callback. - */ -static BaseType_t prvNetworkRecv( void * pvContext, - unsigned char * pucReceiveBuffer, - size_t xReceiveLength ) -{ - ss_ctx_t * ctx; - - ctx = ( ss_ctx_t * ) pvContext; - - if( 0 > ctx->ip_socket ) - { - return SOCKETS_SOCKET_ERROR; - } - - int ret = lwip_recv( ctx->ip_socket, - pucReceiveBuffer, - xReceiveLength, - ctx->recv_flag ); - - if( -1 == ret ) - { - /* - * 1. EWOULDBLOCK if the socket is NON-blocking, but there is no data - * when recv is called. - * 2. EAGAIN if the socket would block and have waited long enough but - * packet is not received. - */ - if( ( errno == EWOULDBLOCK ) || ( errno == EAGAIN ) ) - { - return SOCKETS_ERROR_NONE; /* timeout or would block */ - } - - /* - * socket is not connected. - */ - if( errno == EBADF ) - { - return SOCKETS_ECLOSED; - } - } - - if( ( 0 == ret ) && ( errno == ENOTCONN ) ) - { - ret = SOCKETS_ECLOSED; - } - - return ( BaseType_t ) ret; -} - -/*-----------------------------------------------------------*/ - -static void vTaskRxSelect( void * param ) -{ - ss_ctx_t * ctx = ( ss_ctx_t * ) param; - int s = ctx->ip_socket; - - fd_set read_fds; - fd_set write_fds; - fd_set err_fds; - - FD_ZERO( &read_fds ); - FD_ZERO( &write_fds ); - FD_ZERO( &err_fds ); - - FD_SET( s, &read_fds ); - FD_SET( s, &err_fds ); - - ctx->state = SST_RX_READY; - - while( 1 ) - { - if( ctx->state == SST_RX_CLOSING ) - { - ctx->rx_handle = NULL; - ctx->state = SST_RX_CLOSED; - vTaskDelete( NULL ); - } - - if( lwip_select( s + 1, &read_fds, &write_fds, &err_fds, NULL ) == -1 ) - { - /*TaskHandle_t rx_handle = ctx->rx_handle; */ - - /*ctx->rx_handle = NULL; */ - /*ctx->rx_callback = NULL; */ - - /*vTaskDelete( rx_handle ); */ - ctx->rx_handle = NULL; - vTaskDelete( NULL ); - } - - if( FD_ISSET( s, &read_fds ) ) - { - configASSERT( ctx->rx_callback ); - ctx->rx_callback( ( Socket_t ) ctx ); - /*vTaskDelay( 10 ); // delay a little bit to yield time for RX */ - } - } -} - -/*-----------------------------------------------------------*/ - -static void prvRxSelectSet( ss_ctx_t * ctx, - const void * pvOptionValue ) -{ - BaseType_t xReturned; - TaskHandle_t xHandle = NULL; - configSTACK_DEPTH_TYPE xStackDepth = socketsconfigRECEIVE_CALLBACK_TASK_STACK_DEPTH; - - ctx->rx_callback = ( void ( * )( Socket_t ) )pvOptionValue; - - xReturned = xTaskCreate( vTaskRxSelect, /* pvTaskCode */ - "rxs", /* pcName */ - xStackDepth, /* usStackDepth */ - ctx, /* pvParameters */ - 1, /* uxPriority */ - &xHandle ); /* pxCreatedTask */ - - configASSERT( xReturned == pdPASS ); - configASSERT( xHandle != NULL ); - - ctx->rx_handle = xHandle; -} - -/*-----------------------------------------------------------*/ - -static void prvRxSelectClear( ss_ctx_t * ctx ) -{ - /* TODO */ -} - -/*-----------------------------------------------------------*/ - -Socket_t SOCKETS_Socket( int32_t lDomain, - int32_t lType, - int32_t lProtocol ) -{ - ss_ctx_t * ctx; - - configASSERT( lDomain == SOCKETS_AF_INET ); - configASSERT( lType == SOCKETS_SOCK_STREAM ); - configASSERT( lProtocol == SOCKETS_IPPROTO_TCP ); - - if( ( lDomain != SOCKETS_AF_INET ) || - ( lType != SOCKETS_SOCK_STREAM ) || - ( lProtocol != SOCKETS_IPPROTO_TCP ) || - ( sockets_allocated <= 0 ) - ) - { - return SOCKETS_INVALID_SOCKET; - } - - ctx = ( ss_ctx_t * ) pvPortMalloc( sizeof( *ctx ) ); - - if( ctx ) - { - memset( ctx, 0, sizeof( *ctx ) ); - - ctx->ip_socket = lwip_socket( lDomain, lType, lProtocol ); - - if( ctx->ip_socket >= 0 ) - { - sockets_allocated--; - return ( Socket_t ) ctx; - } - - vPortFree( ctx ); - } - - return ( Socket_t ) SOCKETS_INVALID_SOCKET; -} - -/*-----------------------------------------------------------*/ - -int32_t SOCKETS_Connect( Socket_t xSocket, - SocketsSockaddr_t * pxAddress, - Socklen_t xAddressLength ) -{ - ss_ctx_t * ctx; - - if( SOCKETS_INVALID_SOCKET == xSocket ) - { - return SOCKETS_EINVAL; - } - - /* removed because qualification program wants invalid length to go through */ - #if 0 - if( ( NULL == pxAddress ) || ( 0 == xAddressLength ) ) - { - return SOCKETS_EINVAL; - } - #endif - - if( pxAddress == NULL ) - { - return SOCKETS_EINVAL; - } - - /* support only SOCKETS_AF_INET for now */ - pxAddress->ucSocketDomain = SOCKETS_AF_INET; - - ctx = ( ss_ctx_t * ) xSocket; - - if( 0 <= ctx->ip_socket ) - { - struct sockaddr_in sa_addr = { 0 }; - int ret; - - sa_addr.sin_family = pxAddress->ucSocketDomain ? pxAddress->ucSocketDomain : AF_INET; - sa_addr.sin_addr.s_addr = pxAddress->ulAddress; - sa_addr.sin_port = pxAddress->usPort; - - ret = lwip_connect( ctx->ip_socket, - ( struct sockaddr * ) &sa_addr, - sizeof( sa_addr ) ); - - if( 0 == ret ) - { - TLSParams_t tls_params = { 0 }; - BaseType_t status; - - ctx->status |= SS_STATUS_CONNECTED; - - if( !ctx->enforce_tls ) - { - return SOCKETS_ERROR_NONE; - } - - tls_params.ulSize = sizeof( tls_params ); - tls_params.pcDestination = ctx->destination; - tls_params.pcServerCertificate = ctx->server_cert; - tls_params.ulServerCertificateLength = ctx->server_cert_len; - tls_params.pvCallerContext = ctx; - tls_params.pxNetworkRecv = prvNetworkRecv; - tls_params.pxNetworkSend = prvNetworkSend; - tls_params.ppcAlpnProtocols = ( const char ** ) ctx->ppcAlpnProtocols; - tls_params.ulAlpnProtocolsCount = ctx->ulAlpnProtocolsCount; - - status = TLS_Init( &ctx->tls_ctx, &tls_params ); - - if( pdFREERTOS_ERRNO_NONE != status ) - { - configPRINTF( ( "TLS_Init fail\n" ) ); - return SOCKETS_SOCKET_ERROR; - } - - status = TLS_Connect( ctx->tls_ctx ); - - if( pdFREERTOS_ERRNO_NONE == status ) - { - ctx->status |= SS_STATUS_SECURED; - return SOCKETS_ERROR_NONE; - } - else - { - configPRINTF( ( "TLS_Connect fail (0x%x, %s)\n", ( unsigned int ) -status, ctx->destination ? ctx->destination : "NULL" ) ); - } - } - else - { - configPRINTF( ( "LwIP connect fail %d %d\n", ret, errno ) ); - } - } - else - { - configPRINTF( ( "Invalid ip socket\n" ) ); - } - - return SOCKETS_SOCKET_ERROR; -} - -/*-----------------------------------------------------------*/ - -int32_t SOCKETS_Recv( Socket_t xSocket, - void * pvBuffer, - size_t xBufferLength, - uint32_t ulFlags ) -{ - ss_ctx_t * ctx = ( ss_ctx_t * ) xSocket; - - if( SOCKETS_INVALID_SOCKET == xSocket ) - { - return SOCKETS_SOCKET_ERROR; - } - - if( ( ctx->status & SS_STATUS_CONNECTED ) != SS_STATUS_CONNECTED ) - { - return SOCKETS_ENOTCONN; - } - - if( ( NULL == pvBuffer ) || ( 0 == xBufferLength ) ) - { - return SOCKETS_EINVAL; - } - - ctx->recv_flag = ulFlags; - - if( 0 > ctx->ip_socket ) - { - return SOCKETS_SOCKET_ERROR; - } - - if( ctx->enforce_tls ) - { - /* Receive through TLS pipe, if negotiated. */ - return TLS_Recv( ctx->tls_ctx, pvBuffer, xBufferLength ); - } - else - { - return prvNetworkRecv( ( void * ) ctx, pvBuffer, xBufferLength ); - } -} - -/*-----------------------------------------------------------*/ - -int32_t SOCKETS_Send( Socket_t xSocket, - const void * pvBuffer, - size_t xDataLength, - uint32_t ulFlags ) -{ - ss_ctx_t * ctx; - - if( SOCKETS_INVALID_SOCKET == xSocket ) - { - return SOCKETS_SOCKET_ERROR; - } - - if( ( NULL == pvBuffer ) || ( 0 == xDataLength ) ) - { - return SOCKETS_EINVAL; - } - - ctx = ( ss_ctx_t * ) xSocket; - ctx->send_flag = ulFlags; - - if( 0 > ctx->ip_socket ) - { - return SOCKETS_SOCKET_ERROR; - } - - if( ctx->enforce_tls ) - { - /* Send through TLS pipe, if negotiated. */ - return TLS_Send( ctx->tls_ctx, pvBuffer, xDataLength ); - } - else - { - return prvNetworkSend( ( void * ) ctx, pvBuffer, xDataLength ); - } -} - -/*-----------------------------------------------------------*/ - -int32_t SOCKETS_Shutdown( Socket_t xSocket, - uint32_t ulHow ) -{ - ss_ctx_t * ctx; - int ret; - - if( SOCKETS_INVALID_SOCKET == xSocket ) - { - return SOCKETS_EINVAL; - } - - ctx = ( ss_ctx_t * ) xSocket; - - if( 0 > ctx->ip_socket ) - { - return SOCKETS_SOCKET_ERROR; - } - - ret = lwip_shutdown( ctx->ip_socket, ( int ) ulHow ); - - if( 0 > ret ) - { - return SOCKETS_SOCKET_ERROR; - } - - return SOCKETS_ERROR_NONE; -} - -/*-----------------------------------------------------------*/ - -int32_t SOCKETS_Close( Socket_t xSocket ) -{ - ss_ctx_t * ctx; - - uint32_t ulProtocol; - - if( SOCKETS_INVALID_SOCKET == xSocket ) - { - return SOCKETS_EINVAL; - } - - ctx = ( ss_ctx_t * ) xSocket; - - /* Clean-up application protocol array. */ - if( NULL != ctx->ppcAlpnProtocols ) - { - for( ulProtocol = 0; - ulProtocol < ctx->ulAlpnProtocolsCount; - ulProtocol++ ) - { - if( NULL != ctx->ppcAlpnProtocols[ ulProtocol ] ) - { - vPortFree( ctx->ppcAlpnProtocols[ ulProtocol ] ); - } - } - - vPortFree( ctx->ppcAlpnProtocols ); - } - - if( true == ctx->enforce_tls ) - { - TLS_Cleanup( ctx->tls_ctx ); - } - - if( 0 <= ctx->ip_socket ) - { - if( ctx->rx_handle != NULL ) - { - int cnt = 0; - ctx->state = SST_RX_CLOSING; - - while( ( ctx->state != SST_RX_CLOSED ) && ( cnt < 30 ) ) - { - cnt++; - vTaskDelay( 10 ); - } - } - - lwip_close( ctx->ip_socket ); - - sockets_allocated++; - } - - if( ctx->server_cert ) - { - vPortFree( ctx->server_cert ); - } - - if( ctx->destination ) - { - vPortFree( ctx->destination ); - } - - vPortFree( ctx ); - - return SOCKETS_ERROR_NONE; -} - -/*-----------------------------------------------------------*/ - -int32_t SOCKETS_SetSockOpt( Socket_t xSocket, - int32_t lLevel, - int32_t lOptionName, - const void * pvOptionValue, - size_t xOptionLength ) -{ - ss_ctx_t * ctx; - int ret; - char ** ppcAlpnIn = ( char ** ) pvOptionValue; - size_t xLength = 0; - uint32_t ulProtocol; - - if( SOCKETS_INVALID_SOCKET == xSocket ) - { - return SOCKETS_EINVAL; - } - - ctx = ( ss_ctx_t * ) xSocket; - - if( 0 > ctx->ip_socket ) - { - return SOCKETS_SOCKET_ERROR; - } - - switch( lOptionName ) - { - case SOCKETS_SO_RCVTIMEO: - case SOCKETS_SO_SNDTIMEO: - { - TickType_t ticks; - struct timeval tv; - - ticks = *( ( const TickType_t * ) pvOptionValue ); - - tv.tv_sec = TICK_TO_S( ticks ); - tv.tv_usec = TICK_TO_US( ticks % configTICK_RATE_HZ ); - - ret = lwip_setsockopt( ctx->ip_socket, - SOL_SOCKET, - lOptionName == SOCKETS_SO_RCVTIMEO ? SO_RCVTIMEO : SO_SNDTIMEO, - ( struct timeval * ) &tv, - sizeof( tv ) ); - - if( 0 != ret ) - { - return SOCKETS_EINVAL; - } - - break; - } - - case SOCKETS_SO_NONBLOCK: - { - int opt; - - if( ( ctx->status & SS_STATUS_CONNECTED ) != SS_STATUS_CONNECTED ) - { - return SOCKETS_ENOTCONN; - } - - opt = 1; - - ret = lwip_ioctl( ctx->ip_socket, FIONBIO, &opt ); - - if( 0 != ret ) - { - return SOCKETS_EINVAL; - } - - break; - } - - case SOCKETS_SO_REQUIRE_TLS: - - if( ctx->status & SS_STATUS_CONNECTED ) - { - return SOCKETS_EISCONN; - } - - ctx->enforce_tls = true; - break; - - case SOCKETS_SO_TRUSTED_SERVER_CERTIFICATE: - - if( ctx->status & SS_STATUS_CONNECTED ) - { - return SOCKETS_EISCONN; - } - - if( ( NULL == pvOptionValue ) || ( 0 == xOptionLength ) ) - { - return SOCKETS_EINVAL; - } - - if( ctx->server_cert ) - { - vPortFree( ctx->server_cert ); - } - - ctx->server_cert = pvPortMalloc( xOptionLength + 1 ); - - if( NULL == ctx->server_cert ) - { - return SOCKETS_ENOMEM; - } - - memset( ctx->server_cert, 0, xOptionLength + 1 ); - memcpy( ctx->server_cert, pvOptionValue, xOptionLength ); - ctx->server_cert_len = xOptionLength; - - break; - - case SOCKETS_SO_SERVER_NAME_INDICATION: - - if( ctx->status & SS_STATUS_CONNECTED ) - { - return SOCKETS_EISCONN; - } - - if( ( NULL == pvOptionValue ) || ( 0 == xOptionLength ) ) - { - return SOCKETS_EINVAL; - } - - if( ctx->destination ) - { - vPortFree( ctx->destination ); - } - - ctx->destination = pvPortMalloc( xOptionLength + 1 ); - - if( NULL == ctx->destination ) - { - return SOCKETS_ENOMEM; - } - - memcpy( ctx->destination, pvOptionValue, xOptionLength ); - ctx->destination[ xOptionLength ] = '\0'; - - break; - - case SOCKETS_SO_WAKEUP_CALLBACK: - - if( ( xOptionLength == sizeof( void * ) ) && - ( pvOptionValue != NULL ) ) - { - prvRxSelectSet( ctx, pvOptionValue ); - } - else - { - prvRxSelectClear( ctx ); - } - - break; - - case SOCKETS_SO_ALPN_PROTOCOLS: - - /* Do not set the ALPN option if the socket is already connected. */ - if( ctx->status & SS_STATUS_CONNECTED ) - { - return SOCKETS_EISCONN; - } - - /* Allocate a sufficiently long array of pointers. */ - ctx->ulAlpnProtocolsCount = 1 + xOptionLength; - - if( NULL == ( ctx->ppcAlpnProtocols = - ( char ** ) pvPortMalloc( ctx->ulAlpnProtocolsCount * sizeof( char * ) ) ) ) - { - return SOCKETS_ENOMEM; - } - else - { - ctx->ppcAlpnProtocols[ - ctx->ulAlpnProtocolsCount - 1 ] = NULL; - } - - /* Copy each protocol string. */ - for( ulProtocol = 0; ( ulProtocol < ctx->ulAlpnProtocolsCount - 1 ); ulProtocol++ ) - { - xLength = strlen( ppcAlpnIn[ ulProtocol ] ); - - if( NULL == ( ctx->ppcAlpnProtocols[ ulProtocol ] = - ( char * ) pvPortMalloc( 1 + xLength ) ) ) - { - return SOCKETS_ENOMEM; - } - else - { - memcpy( ctx->ppcAlpnProtocols[ ulProtocol ], - ppcAlpnIn[ ulProtocol ], - xLength ); - ctx->ppcAlpnProtocols[ ulProtocol ][ xLength ] = '\0'; - } - } - - break; - - default: - return SOCKETS_ENOPROTOOPT; - } - - return SOCKETS_ERROR_NONE; -} - -/*-----------------------------------------------------------*/ - -uint32_t SOCKETS_GetHostByName( const char * pcHostName ) -{ - uint32_t addr = 0; - - if( strlen( pcHostName ) <= ( size_t ) securesocketsMAX_DNS_NAME_LENGTH ) - { - WIFI_GetHostIP( ( char * ) pcHostName, ( uint8_t * ) &addr ); - } - else - { - addr = 0; - configPRINTF( ( "Host name (%s) too long!", pcHostName ) ); - } - - return addr; -} - -/*-----------------------------------------------------------*/ - -BaseType_t SOCKETS_Init( void ) -{ - BaseType_t xResult = pdPASS; - - return xResult; -} - -/*-----------------------------------------------------------*/ diff --git a/vendors/espressif/boards/esp32/ports/wifi/iot_wifi.c b/vendors/espressif/boards/esp32/ports/wifi/iot_wifi.c index 842f7986ae9..3c57674b663 100644 --- a/vendors/espressif/boards/esp32/ports/wifi/iot_wifi.c +++ b/vendors/espressif/boards/esp32/ports/wifi/iot_wifi.c @@ -29,12 +29,11 @@ #include "string.h" #include "esp_wifi.h" #include "esp_log.h" -#include "esp_event_loop.h" +#include "esp_event.h" #include "event_groups.h" #if AFR_ESP_LWIP #include "lwip/dns.h" #include "lwip/netdb.h" -#include "tcpip_adapter.h" #else #include "FreeRTOS_IP.h" #include "FreeRTOS_Sockets.h" @@ -58,6 +57,8 @@ static bool wifi_conn_state; static bool wifi_ap_state; static bool wifi_auth_failure; +static esp_netif_t *esp_netif_info; + #define WIFI_FLASH_NS "WiFi" #define MAX_WIFI_KEY_WIDTH ( 5 ) #define MAX_SECURITY_MODE_LEN ( 1 ) @@ -84,114 +85,126 @@ static SemaphoreHandle_t xWiFiSem; /**< WiFi module semaphore. */ */ static const TickType_t xSemaphoreWaitTicks = pdMS_TO_TICKS( wificonfigMAX_SEMAPHORE_WAIT_TIME_MS ); -static esp_err_t event_handler(void *ctx, system_event_t *event) +static void event_handler(void* arg, esp_event_base_t event_base, int32_t event_id, void* event_data) { /* For accessing reason codes in case of disconnection */ - system_event_info_t *info = &event->event_info; + system_event_info_t *info = &((system_event_t*) event_data)->event_info; + if (event_base == WIFI_EVENT) { + switch(event_id) { + case SYSTEM_EVENT_STA_START: + ESP_LOGI(TAG, "SYSTEM_EVENT_STA_START"); + xEventGroupSetBits(wifi_event_group, STARTED_BIT); + break; + case SYSTEM_EVENT_STA_CONNECTED: + ESP_LOGI(TAG, "SYSTEM_EVENT_STA_CONNECTED"); + break; + case SYSTEM_EVENT_STA_DISCONNECTED: + ESP_LOGI(TAG, "SYSTEM_EVENT_STA_DISCONNECTED: %d", info->disconnected.reason); + wifi_auth_failure = false; + + /* Set code corresponding to the reason for disconnection */ + switch (info->disconnected.reason) { + case WIFI_REASON_AUTH_EXPIRE: + case WIFI_REASON_ASSOC_EXPIRE: + case WIFI_REASON_AUTH_LEAVE: + case WIFI_REASON_4WAY_HANDSHAKE_TIMEOUT: + case WIFI_REASON_BEACON_TIMEOUT: + case WIFI_REASON_AUTH_FAIL: + case WIFI_REASON_ASSOC_FAIL: + case WIFI_REASON_HANDSHAKE_TIMEOUT: + ESP_LOGD(TAG, "STA Auth Error"); + wifi_auth_failure = true; + break; + case WIFI_REASON_NO_AP_FOUND: + ESP_LOGD(TAG, "STA AP Not found"); + wifi_auth_failure = true; + break; + default: + break; + } - switch(event->event_id) { - case SYSTEM_EVENT_STA_START: - ESP_LOGI(TAG, "SYSTEM_EVENT_STA_START"); - xEventGroupSetBits(wifi_event_group, STARTED_BIT); - break; - case SYSTEM_EVENT_STA_CONNECTED: - ESP_LOGI(TAG, "SYSTEM_EVENT_STA_CONNECTED"); - break; - case SYSTEM_EVENT_STA_GOT_IP: - ESP_LOGI(TAG, "SYSTEM_EVENT_STA_GOT_IP"); - wifi_conn_state = true; - xEventGroupClearBits(wifi_event_group, DISCONNECTED_BIT); - xEventGroupSetBits(wifi_event_group, CONNECTED_BIT); - if( xEventCallback != NULL ) - { - xEventCallback( AWSIOT_NETWORK_TYPE_WIFI, eNetworkStateEnabled ); - } - break; - case SYSTEM_EVENT_STA_DISCONNECTED: - ESP_LOGI(TAG, "SYSTEM_EVENT_STA_DISCONNECTED: %d", info->disconnected.reason); - wifi_auth_failure = false; - - /* Set code corresponding to the reason for disconnection */ - switch (info->disconnected.reason) { - case WIFI_REASON_AUTH_EXPIRE: - case WIFI_REASON_ASSOC_EXPIRE: - case WIFI_REASON_AUTH_LEAVE: - case WIFI_REASON_4WAY_HANDSHAKE_TIMEOUT: - case WIFI_REASON_BEACON_TIMEOUT: - case WIFI_REASON_AUTH_FAIL: - case WIFI_REASON_ASSOC_FAIL: - case WIFI_REASON_HANDSHAKE_TIMEOUT: - ESP_LOGD(TAG, "STA Auth Error"); - wifi_auth_failure = true; - break; - case WIFI_REASON_NO_AP_FOUND: - ESP_LOGD(TAG, "STA AP Not found"); - wifi_auth_failure = true; + wifi_conn_state = false; + xEventGroupClearBits(wifi_event_group, CONNECTED_BIT); + xEventGroupSetBits(wifi_event_group, DISCONNECTED_BIT); + if( xEventCallback != NULL ) + { + xEventCallback( AWSIOT_NETWORK_TYPE_WIFI, eNetworkStateDisabled ); + } + break; + case SYSTEM_EVENT_AP_START: + ESP_LOGI(TAG, "SYSTEM_EVENT_AP_START"); + wifi_ap_state = true; + xEventGroupClearBits(wifi_event_group, AP_STOPPED_BIT); + xEventGroupSetBits(wifi_event_group, AP_STARTED_BIT); + break; + case SYSTEM_EVENT_AP_STOP: + ESP_LOGI(TAG, "SYSTEM_EVENT_AP_START"); + wifi_ap_state = false; + xEventGroupClearBits(wifi_event_group, AP_STARTED_BIT); + xEventGroupSetBits(wifi_event_group, AP_STOPPED_BIT); + break; + case SYSTEM_EVENT_AP_STACONNECTED: + ESP_LOGI(TAG, "SYSTEM_EVENT_AP_STACONNECTED"); + break; + case SYSTEM_EVENT_AP_STADISCONNECTED: + ESP_LOGI(TAG, "SYSTEM_EVENT_AP_STADISCONNECTED"); + break; + default: + break; + } + } else if(event_base == IP_EVENT) { + switch(event_id) { + case IP_EVENT_STA_GOT_IP: + ESP_LOGI(TAG, "SYSTEM_EVENT_STA_GOT_IP"); + wifi_conn_state = true; + xEventGroupClearBits(wifi_event_group, DISCONNECTED_BIT); + xEventGroupSetBits(wifi_event_group, CONNECTED_BIT); + if( xEventCallback != NULL ) + { + xEventCallback( AWSIOT_NETWORK_TYPE_WIFI, eNetworkStateEnabled ); + } break; + default: break; } - - wifi_conn_state = false; - xEventGroupClearBits(wifi_event_group, CONNECTED_BIT); - xEventGroupSetBits(wifi_event_group, DISCONNECTED_BIT); - if( xEventCallback != NULL ) - { - xEventCallback( AWSIOT_NETWORK_TYPE_WIFI, eNetworkStateDisabled ); - } - break; - case SYSTEM_EVENT_AP_START: - ESP_LOGI(TAG, "SYSTEM_EVENT_AP_START"); - wifi_ap_state = true; - xEventGroupClearBits(wifi_event_group, AP_STOPPED_BIT); - xEventGroupSetBits(wifi_event_group, AP_STARTED_BIT); - break; - case SYSTEM_EVENT_AP_STOP: - ESP_LOGI(TAG, "SYSTEM_EVENT_AP_START"); - wifi_ap_state = false; - xEventGroupClearBits(wifi_event_group, AP_STARTED_BIT); - xEventGroupSetBits(wifi_event_group, AP_STOPPED_BIT); - break; - case SYSTEM_EVENT_AP_STACONNECTED: - ESP_LOGI(TAG, "SYSTEM_EVENT_AP_STACONNECTED"); - break; - case SYSTEM_EVENT_AP_STADISCONNECTED: - ESP_LOGI(TAG, "SYSTEM_EVENT_AP_STADISCONNECTED"); - break; - default: - break; } - return ESP_OK; } /*-----------------------------------------------------------*/ -static void sc_callback(smartconfig_status_t status, void *pdata) +static void sc_callback(void* arg, esp_event_base_t event_base, int32_t event_id, void* event_data) { - switch (status) { - case SC_STATUS_WAIT: - ESP_LOGI(TAG, "SC_STATUS_WAIT"); - break; - case SC_STATUS_FIND_CHANNEL: - ESP_LOGI(TAG, "SC_STATUS_FINDING_CHANNEL"); + switch (event_id) { + case SC_EVENT_SCAN_DONE: + ESP_LOGI(TAG, "SC_EVENT_SCAN_DONE"); break; - case SC_STATUS_GETTING_SSID_PSWD: - ESP_LOGI(TAG, "SC_STATUS_GETTING_SSID_PSWD"); + case SC_EVENT_FOUND_CHANNEL: + ESP_LOGI(TAG, "SC_EVENT_FOUND_CHANNEL"); break; - case SC_STATUS_LINK: - ESP_LOGI(TAG, "SC_STATUS_LINK"); - wifi_config_t *wifi_config = pdata; - ESP_LOGI(TAG, "SSID:%s", wifi_config->sta.ssid); - ESP_LOGI(TAG, "PASSWORD:%s", wifi_config->sta.password); - esp_wifi_set_config(ESP_IF_WIFI_STA, wifi_config); + case SC_EVENT_GOT_SSID_PSWD: + ESP_LOGI(TAG, "SC_EVENT_GOT_SSID_PSWD"); + smartconfig_event_got_ssid_pswd_t *evt = (smartconfig_event_got_ssid_pswd_t *)event_data; + wifi_config_t wifi_config; + uint8_t ssid[33] = { 0 }; + uint8_t password[65] = { 0 }; + + bzero(&wifi_config, sizeof(wifi_config_t)); + memcpy(wifi_config.sta.ssid, evt->ssid, sizeof(wifi_config.sta.ssid)); + memcpy(wifi_config.sta.password, evt->password, sizeof(wifi_config.sta.password)); + wifi_config.sta.bssid_set = evt->bssid_set; + if (wifi_config.sta.bssid_set == true) { + memcpy(wifi_config.sta.bssid, evt->bssid, sizeof(wifi_config.sta.bssid)); + } + + memcpy(ssid, evt->ssid, sizeof(evt->ssid)); + memcpy(password, evt->password, sizeof(evt->password)); + ESP_LOGI(TAG, "SSID:%s", ssid); + ESP_LOGI(TAG, "PASSWORD:%s", password); + esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config); esp_wifi_connect(); break; - case SC_STATUS_LINK_OVER: - ESP_LOGI(TAG, "SC_STATUS_LINK_OVER"); - if (pdata != NULL) { - uint8_t phone_ip[4] = { 0 }; - memcpy(phone_ip, (uint8_t* )pdata, 4); - ESP_LOGI(TAG, "IP: %d.%d.%d.%d\n", phone_ip[0], phone_ip[1], phone_ip[2], phone_ip[3]); - } + case SC_EVENT_SEND_ACK_DONE: + ESP_LOGI(TAG, "SC_EVENT_SEND_ACK_DONE"); xEventGroupSetBits(wifi_event_group, ESPTOUCH_DONE_BIT); break; default: @@ -221,10 +234,12 @@ WIFIReturnCode_t WIFI_Provision() return wifi_ret; } + esp_event_handler_register(SC_EVENT, ESP_EVENT_ANY_ID, &sc_callback, NULL); // Wait for wifi started event xEventGroupWaitBits(wifi_event_group, STARTED_BIT, pdFALSE, pdFALSE, portMAX_DELAY); esp_smartconfig_set_type(SC_TYPE_ESPTOUCH); - ret = esp_smartconfig_start(sc_callback); + smartconfig_start_config_t cfg = SMARTCONFIG_START_CONFIG_DEFAULT(); + esp_smartconfig_start(&cfg); if (ret != ESP_OK) { ESP_LOGE(TAG, "%s: Failed to start smartconfig %d", __func__, ret); xSemaphoreGive( xWiFiSem ); @@ -234,6 +249,7 @@ WIFIReturnCode_t WIFI_Provision() // Wait for wifi connected or disconnected event xEventGroupWaitBits(wifi_event_group, ESPTOUCH_DONE_BIT | DISCONNECTED_BIT, pdTRUE, pdFALSE, portMAX_DELAY); esp_smartconfig_stop(); + esp_event_handler_unregister(SC_EVENT, ESP_EVENT_ANY_ID, &sc_callback); if (wifi_conn_state == true) { wifi_ret = eWiFiSuccess; } @@ -315,11 +331,16 @@ WIFIReturnCode_t WIFI_On( void ) esp_err_t ret; // Check if Event Loop is already initialized if (event_loop_inited == false) { - ret = esp_event_loop_init(event_handler, NULL); + ret = esp_event_loop_create_default(); + esp_netif_info = esp_netif_create_default_wifi_sta(); if (ret != ESP_OK) { ESP_LOGE(TAG, "%s: Failed to init event loop %d", __func__, ret); goto err; } + esp_event_handler_instance_t instance_any_id; + esp_event_handler_instance_t instance_got_ip; + esp_event_handler_instance_register(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler, NULL, &instance_any_id); + esp_event_handler_instance_register(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler, NULL, &instance_got_ip); event_loop_inited = true; } @@ -890,7 +911,7 @@ WIFIReturnCode_t WIFI_NetworkAdd( const WIFINetworkProfile_t * const pxNetworkPr { WIFIReturnCode_t xWiFiRet = eWiFiFailure; esp_err_t xRet; - nvs_handle xNvsHandle = NULL; + nvs_handle xNvsHandle; BaseType_t xOpened = pdFALSE; if( pxNetworkProfile != NULL && pusIndex != NULL ) @@ -1012,7 +1033,7 @@ WIFIReturnCode_t WIFI_NetworkDelete( uint16_t usIndex ) { WIFIReturnCode_t xWiFiRet = eWiFiFailure; esp_err_t xRet; - nvs_handle xNvsHandle = NULL; + nvs_handle xNvsHandle; char cWifiKey[ MAX_WIFI_KEY_WIDTH ] = { 0 }; BaseType_t xOpened = pdFALSE; uint16_t usIdx; @@ -1094,14 +1115,14 @@ WIFIReturnCode_t WIFI_GetIP( uint8_t * pucIPAddr ) pucIPAddr[2], pucIPAddr[3])); #else /* running lwip */ - tcpip_adapter_ip_info_t ipInfo; + esp_netif_ip_info_t ipInfo; int ret; - ret = tcpip_adapter_get_ip_info(TCPIP_ADAPTER_IF_STA, &ipInfo); + ret = esp_netif_get_ip_info(esp_netif_info, &ipInfo); if (ret == ESP_OK) { xRetVal = eWiFiSuccess; - memcpy( pucIPAddr, &ipInfo.ip.addr, sizeof( ipInfo.ip.addr ) ); + memcpy( pucIPAddr, &ipInfo.ip, sizeof( ipInfo.ip ) ); configPRINTF(("%s: local ip address is %d.%d.%d.%d\n", __FUNCTION__, pucIPAddr[0], @@ -1111,7 +1132,7 @@ WIFIReturnCode_t WIFI_GetIP( uint8_t * pucIPAddr ) } else { - configPRINTF(("%s: tcpip_adapter_get_ip_info_error: %d", + configPRINTF(("%s: esp_netif_get_ip_info_error: %d", __FUNCTION__, ret)); } diff --git a/vendors/espressif/esp-idf b/vendors/espressif/esp-idf index ca2ede31e74..6ca07b6c101 160000 --- a/vendors/espressif/esp-idf +++ b/vendors/espressif/esp-idf @@ -1 +1 @@ -Subproject commit ca2ede31e7482f63e8e7401e4057937331210053 +Subproject commit 6ca07b6c101c870d634fa80df44ca714ac7ff098 From 6e1f413f0a4448ad2e8d55d295f8f06fbc6b4641 Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Tue, 21 Apr 2020 11:32:23 +0530 Subject: [PATCH 2/7] aws_esp_ota_ops: Remove OTA source code from ports directory and use source code in app_update component --- .../boards/esp32/ports/ota/aws_esp_ota_ops.c | 362 ------------------ .../boards/esp32/ports/ota/aws_esp_ota_ops.h | 95 ----- .../boards/esp32/ports/ota/aws_ota_pal.c | 20 +- 3 files changed, 10 insertions(+), 467 deletions(-) diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c b/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c index ea48edd50bc..89a00bfc304 100644 --- a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c +++ b/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c @@ -40,377 +40,15 @@ #include "esp_efuse.h" #include "bootloader_common.h" -#define OTA_MAX(a,b) ((a) >= (b) ? (a) : (b)) -#define OTA_MIN(a,b) ((a) <= (b) ? (a) : (b)) -#define SUB_TYPE_ID(i) (i & 0x0F) - -typedef struct ota_ops_entry_ { - uint32_t handle; - const esp_partition_t *part; - uint32_t erased_size; - uint32_t wrote_size; - LIST_ENTRY(ota_ops_entry_) entries; -} ota_ops_entry_t; - typedef esp_ota_select_entry_t ota_select; -static LIST_HEAD(ota_ops_entries_head, ota_ops_entry_) s_ota_ops_entries_head = - LIST_HEAD_INITIALIZER(s_ota_ops_entries_head); - -static uint32_t s_ota_ops_last_handle = 0; -static ota_select s_ota_select[2]; - const static char *TAG = "esp_ota_ops"; -/* Return true if this is an OTA app partition */ -static bool is_ota_partition(const esp_partition_t *p) -{ - return (p != NULL - && p->type == ESP_PARTITION_TYPE_APP - && p->subtype >= ESP_PARTITION_SUBTYPE_APP_OTA_0 - && p->subtype < ESP_PARTITION_SUBTYPE_APP_OTA_2); -} - -esp_err_t aws_esp_ota_begin(const esp_partition_t *partition, size_t image_size, esp_ota_handle_t *out_handle) -{ - ota_ops_entry_t *new_entry; - esp_err_t ret = ESP_OK; - - if ((partition == NULL) || (out_handle == NULL)) { - return ESP_ERR_INVALID_ARG; - } - - partition = esp_partition_verify(partition); - if (partition == NULL) { - return ESP_ERR_NOT_FOUND; - } - - if (!is_ota_partition(partition)) { - return ESP_ERR_INVALID_ARG; - } - - if (partition == esp_ota_get_running_partition()) { - return ESP_ERR_OTA_PARTITION_CONFLICT; - } - - // If input image size is 0 or OTA_SIZE_UNKNOWN, erase entire partition - if ((image_size == 0) || (image_size == OTA_SIZE_UNKNOWN)) { - ret = esp_partition_erase_range(partition, 0, partition->size); - } else { - ret = esp_partition_erase_range(partition, 0, (image_size / SPI_FLASH_SEC_SIZE + 1) * SPI_FLASH_SEC_SIZE); - } - - if (ret != ESP_OK) { - return ret; - } - - new_entry = (ota_ops_entry_t *) calloc(sizeof(ota_ops_entry_t), 1); - if (new_entry == NULL) { - return ESP_ERR_NO_MEM; - } - - LIST_INSERT_HEAD(&s_ota_ops_entries_head, new_entry, entries); - - if ((image_size == 0) || (image_size == OTA_SIZE_UNKNOWN)) { - new_entry->erased_size = partition->size; - } else { - new_entry->erased_size = image_size; - } - - new_entry->part = partition; - new_entry->handle = ++s_ota_ops_last_handle; - *out_handle = new_entry->handle; - return ESP_OK; -} - -esp_err_t aws_esp_ota_write(esp_ota_handle_t handle, const void *data, uint32_t offset, size_t size) -{ - const uint8_t *data_bytes = (const uint8_t *)data; - esp_err_t ret; - ota_ops_entry_t *it; - - if (data == NULL) { - ESP_LOGE(TAG, "write data is invalid"); - return ESP_ERR_INVALID_ARG; - } - - // find ota handle in linked list - for (it = LIST_FIRST(&s_ota_ops_entries_head); it != NULL; it = LIST_NEXT(it, entries)) { - if (it->handle == handle) { - // must erase the partition before writing to it - assert(it->erased_size > 0 && "must erase the partition before writing to it"); - - if (esp_flash_encryption_enabled() && (size % 16)) { - ESP_LOGE(TAG, "size should be 16byte aligned for flash encryption case"); - return ESP_ERR_INVALID_ARG; - } - - ret = esp_partition_write(it->part, offset, data_bytes, size); - if(ret == ESP_OK){ - it->wrote_size += size; - } - return ret; - } - } - - //if go to here ,means don't find the handle - ESP_LOGE(TAG,"not found the handle"); - return ESP_ERR_INVALID_ARG; -} - -esp_err_t aws_esp_ota_end(esp_ota_handle_t handle) -{ - ota_ops_entry_t *it; - esp_err_t ret = ESP_OK; - - for (it = LIST_FIRST(&s_ota_ops_entries_head); it != NULL; it = LIST_NEXT(it, entries)) { - if (it->handle == handle) { - break; - } - } - - if (it == NULL) { - return ESP_ERR_NOT_FOUND; - } - - /* 'it' holds the ota_ops_entry_t for 'handle' */ - - // esp_ota_end() is only valid if some data was written to this handle - if ((it->erased_size == 0) || (it->wrote_size == 0)) { - ret = ESP_ERR_INVALID_ARG; - goto cleanup; - } - - esp_image_metadata_t data; - const esp_partition_pos_t part_pos = { - .offset = it->part->address, - .size = it->part->size, - }; - - if (esp_image_verify(ESP_IMAGE_VERIFY, &part_pos, &data) != ESP_OK) { - ret = ESP_ERR_OTA_VALIDATE_FAILED; - goto cleanup; - } - - cleanup: - LIST_REMOVE(it, entries); - free(it); - return ret; -} - -static uint32_t ota_select_crc(const ota_select *s) -{ - return bootloader_common_ota_select_crc(s); -} - static bool ota_select_valid(const ota_select *s) { return bootloader_common_ota_select_valid(s); } -static esp_err_t rewrite_ota_seq(uint32_t seq, uint8_t sec_id, const esp_partition_t *ota_data_partition) -{ - esp_err_t ret; - - if (sec_id == 0 || sec_id == 1) { - s_ota_select[sec_id].ota_state = ESP_OTA_IMG_NEW; - s_ota_select[sec_id].ota_seq = seq; - s_ota_select[sec_id].crc = ota_select_crc(&s_ota_select[sec_id]); - ret = esp_partition_erase_range(ota_data_partition, sec_id * SPI_FLASH_SEC_SIZE, SPI_FLASH_SEC_SIZE); - if (ret != ESP_OK) { - return ret; - } else { - return esp_partition_write(ota_data_partition, SPI_FLASH_SEC_SIZE * sec_id, &s_ota_select[sec_id].ota_seq, sizeof(ota_select)); - } - } else { - return ESP_ERR_INVALID_ARG; - } -} - -static uint8_t get_ota_partition_count(void) -{ - uint16_t ota_app_count = 0; - while (esp_partition_find_first(ESP_PARTITION_TYPE_APP, ESP_PARTITION_SUBTYPE_APP_OTA_MIN + ota_app_count, NULL) != NULL) { - assert(ota_app_count < 16 && "must erase the partition before writing to it"); - ota_app_count++; - } - return ota_app_count; -} - -static esp_err_t esp_rewrite_ota_data(esp_partition_subtype_t subtype) -{ - esp_err_t ret; - const esp_partition_t *find_partition = NULL; - uint16_t ota_app_count = 0; - uint32_t i = 0; - uint32_t seq; - static spi_flash_mmap_memory_t ota_data_map; - const void *result = NULL; - - find_partition = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_DATA_OTA, NULL); - if (find_partition != NULL) { - ota_app_count = get_ota_partition_count(); - //esp32_idf use two sector for store information about which partition is running - //it defined the two sector as ota data partition,two structure ota_select is saved in the two sector - //named data in first sector as s_ota_select[0], second sector data as s_ota_select[1] - //e.g. - //if s_ota_select[0].ota_seq == s_ota_select[1].ota_seq == 0xFFFFFFFF,means ota info partition is in init status - //so it will boot factory application(if there is),if there's no factory application,it will boot ota[0] application - //if s_ota_select[0].ota_seq != 0 and s_ota_select[1].ota_seq != 0,it will choose a max seq ,and get value of max_seq%max_ota_app_number - //and boot a subtype (mask 0x0F) value is (max_seq - 1)%max_ota_app_number,so if want switch to run ota[x],can use next formulas. - //for example, if s_ota_select[0].ota_seq = 4, s_ota_select[1].ota_seq = 5, and there are 8 ota application, - //current running is (5-1)%8 = 4,running ota[4],so if we want to switch to run ota[7], - //we should add s_ota_select[0].ota_seq (is 4) to 4 ,(8-1)%8=7,then it will boot ota[7] - //if A=(B - C)%D - //then B=(A + C)%D + D*n ,n= (0,1,2...) - //so current ota app sub type id is x , dest bin subtype is y,total ota app count is n - //seq will add (x + n*1 + 1 - seq)%n - if (SUB_TYPE_ID(subtype) >= ota_app_count) { - return ESP_ERR_INVALID_ARG; - } - - ret = esp_partition_mmap(find_partition, 0, find_partition->size, SPI_FLASH_MMAP_DATA, &result, &ota_data_map); - if (ret != ESP_OK) { - result = NULL; - return ret; - } else { - memcpy(&s_ota_select[0], result, sizeof(ota_select)); - memcpy(&s_ota_select[1], result + SPI_FLASH_SEC_SIZE, sizeof(ota_select)); - spi_flash_munmap(ota_data_map); - } - - if (ota_select_valid(&s_ota_select[0]) && ota_select_valid(&s_ota_select[1])) { - seq = OTA_MAX(s_ota_select[0].ota_seq, s_ota_select[1].ota_seq); - while (seq > (SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count) { - i++; - } - - if (s_ota_select[0].ota_seq >= s_ota_select[1].ota_seq) { - return rewrite_ota_seq((SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count, 1, find_partition); - } else { - return rewrite_ota_seq((SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count, 0, find_partition); - } - - } else if (ota_select_valid(&s_ota_select[0])) { - while (s_ota_select[0].ota_seq > (SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count) { - i++; - } - return rewrite_ota_seq((SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count, 1, find_partition); - - } else if (ota_select_valid(&s_ota_select[1])) { - while (s_ota_select[1].ota_seq > (SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count) { - i++; - } - return rewrite_ota_seq((SUB_TYPE_ID(subtype) + 1) % ota_app_count + i * ota_app_count, 0, find_partition); - - } else { - /* Both OTA slots are invalid, probably because unformatted... */ - return rewrite_ota_seq(SUB_TYPE_ID(subtype) + 1, 0, find_partition); - } - - } else { - return ESP_ERR_NOT_FOUND; - } -} - -esp_err_t aws_esp_ota_set_boot_partition(const esp_partition_t *partition) -{ - const esp_partition_t *find_partition = NULL; - if (partition == NULL) { - return ESP_ERR_INVALID_ARG; - } - - esp_image_metadata_t data; - const esp_partition_pos_t part_pos = { - .offset = partition->address, - .size = partition->size, - }; - if (esp_image_verify(ESP_IMAGE_VERIFY, &part_pos, &data) != ESP_OK) { - return ESP_ERR_OTA_VALIDATE_FAILED; - } - - // if set boot partition to factory bin, just format ota info partition - if (partition->type == ESP_PARTITION_TYPE_APP) { - if (partition->subtype == ESP_PARTITION_SUBTYPE_APP_FACTORY) { - ESP_LOGE(TAG, "factory partition not supported"); - return ESP_ERR_INVALID_ARG; - } else { - // try to find this partition in flash,if not find it ,return error - find_partition = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_DATA_OTA, NULL); - if (find_partition != NULL) { -#ifdef CONFIG_APP_ANTI_ROLLBACK - esp_app_desc_t partition_app_desc; - esp_err_t err = esp_ota_get_partition_description(partition, &partition_app_desc); - if (err != ESP_OK) { - return err; - } - - if (esp_efuse_check_secure_version(partition_app_desc.secure_version) == false) { - ESP_LOGE(TAG, "This a new partition can not be booted due to a secure version is lower than stored in efuse. Partition will be erased."); - esp_err_t err = esp_partition_erase_range(partition, 0, partition->size); - if (err != ESP_OK) { - return err; - } - return ESP_ERR_OTA_SMALL_SEC_VER; - } -#endif - return esp_rewrite_ota_data(partition->subtype); - } else { - return ESP_ERR_NOT_FOUND; - } - } - } else { - return ESP_ERR_INVALID_ARG; - } -} - -const esp_partition_t* aws_esp_ota_get_next_update_partition(const esp_partition_t *start_from) -{ - const esp_partition_t *default_ota = NULL; - bool next_is_result = false; - if (start_from == NULL) { - start_from = esp_ota_get_running_partition(); - } else { - start_from = esp_partition_verify(start_from); - } - assert (start_from != NULL); - /* at this point, 'start_from' points to actual partition table data in flash */ - - - /* Two possibilities: either we want the OTA partition immediately after the current running OTA partition, or we - want the first OTA partition in the table (for the case when the last OTA partition is the running partition, or - if the current running partition is not OTA.) - - This loop iterates subtypes instead of using esp_partition_find, so we - get all OTA partitions in a known order (low slot to high slot). - */ - - for (esp_partition_subtype_t t = ESP_PARTITION_SUBTYPE_APP_OTA_0; - t != ESP_PARTITION_SUBTYPE_APP_OTA_2; - t++) { - const esp_partition_t *p = esp_partition_find_first(ESP_PARTITION_TYPE_APP, t, NULL); - if (p == NULL) { - continue; - } - - if (default_ota == NULL) { - /* Default to first OTA partition we find, - will be used if nothing else matches */ - default_ota = p; - } - - if (p == start_from) { - /* Next OTA partition is the one to use */ - next_is_result = true; - } - else if (next_is_result) { - return p; - } - } - - return default_ota; -} - static const esp_partition_t *_esp_get_otadata_partition(uint32_t *offset, ota_select *entry, bool active_part) { esp_err_t ret; diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.h b/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.h index 3c3747eb239..a964da592bd 100644 --- a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.h +++ b/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.h @@ -27,101 +27,6 @@ extern "C" { #endif -/** - * @brief Commence an OTA update writing to the specified partition. - - * The specified partition is erased to the specified image size. - * - * If image size is not yet known, pass OTA_SIZE_UNKNOWN which will - * cause the entire partition to be erased. - * - * On success, this function allocates memory that remains in use - * until esp_ota_end() is called with the returned handle. - * - * @param partition Pointer to info for partition which will receive the OTA update. Required. - * @param image_size Size of new OTA app image. Partition will be erased in order to receive this size of image. If 0 or OTA_SIZE_UNKNOWN, the entire partition is erased. - * @param out_handle On success, returns a handle which should be used for subsequent esp_ota_write() and esp_ota_end() calls. - - * @return - * - ESP_OK: OTA operation commenced successfully. - * - ESP_ERR_INVALID_ARG: partition or out_handle arguments were NULL, or partition doesn't point to an OTA app partition. - * - ESP_ERR_NO_MEM: Cannot allocate memory for OTA operation. - * - ESP_ERR_OTA_PARTITION_CONFLICT: Partition holds the currently running firmware, cannot update in place. - * - ESP_ERR_NOT_FOUND: Partition argument not found in partition table. - * - ESP_ERR_OTA_SELECT_INFO_INVALID: The OTA data partition contains invalid data. - * - ESP_ERR_INVALID_SIZE: Partition doesn't fit in configured flash size. - * - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed. - */ -esp_err_t aws_esp_ota_begin(const esp_partition_t* partition, size_t image_size, esp_ota_handle_t* out_handle); - -/** - * @brief Write OTA update data to partition - * - * This function can be called multiple times as - * data is received during the OTA operation. Data is written - * sequentially to the partition. - * - * @param handle Handle obtained from esp_ota_begin - * @param data Data buffer to write - * @param offset Offset in flash partition - * @param size Size of data buffer in bytes. - * - * @return - * - ESP_OK: Data was written to flash successfully. - * - ESP_ERR_INVALID_ARG: handle is invalid. - * - ESP_ERR_OTA_VALIDATE_FAILED: First byte of image contains invalid app image magic byte. - * - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed. - * - ESP_ERR_OTA_SELECT_INFO_INVALID: OTA data partition has invalid contents - */ -esp_err_t aws_esp_ota_write(esp_ota_handle_t handle, const void* data, uint32_t offset, size_t size); - -/** - * @brief Finish OTA update and validate newly written app image. - * - * @param handle Handle obtained from esp_ota_begin(). - * - * @note After calling esp_ota_end(), the handle is no longer valid and any memory associated with it is freed (regardless of result). - * - * @return - * - ESP_OK: Newly written OTA app image is valid. - * - ESP_ERR_NOT_FOUND: OTA handle was not found. - * - ESP_ERR_INVALID_ARG: Handle was never written to. - * - ESP_ERR_OTA_VALIDATE_FAILED: OTA image is invalid (either not a valid app image, or - if secure boot is enabled - signature failed to verify.) - * - ESP_ERR_INVALID_STATE: If flash encryption is enabled, this result indicates an internal error writing the final encrypted bytes to flash. - */ -esp_err_t aws_esp_ota_end(esp_ota_handle_t handle); - -/** - * @brief Configure OTA data for a new boot partition - * - * @note If this function returns ESP_OK, calling esp_restart() will boot the newly configured app partition. - * - * @param partition Pointer to info for partition containing app image to boot. - * - * @return - * - ESP_OK: OTA data updated, next reboot will use specified partition. - * - ESP_ERR_INVALID_ARG: partition argument was NULL or didn't point to a valid OTA partition of type "app". - * - ESP_ERR_OTA_VALIDATE_FAILED: Partition contained invalid app image. Also returned if secure boot is enabled and signature validation failed. - * - ESP_ERR_NOT_FOUND: OTA data partition not found. - * - ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash erase or write failed. - */ -esp_err_t aws_esp_ota_set_boot_partition(const esp_partition_t* partition); - -/** - * @brief Return the next OTA app partition which should be written with a new firmware. - * - * Call this function to find an OTA app partition which can be passed to esp_ota_begin(). - * - * Finds next partition round-robin, starting from the current running partition. Please note that only - * 2 OTA partitions are supported, with subtype `ota_0` and `ota_1`. - * - * @param start_from If set, treat this partition info as describing the current running partition. Can be NULL, in which case esp_ota_get_running_partition() is used to find the currently running partition. The result of this function is never the same as this argument. - * - * @return Pointer to info for partition which should be updated next. NULL result indicates invalid OTA data partition, or that no eligible OTA app slot partition was found. - * - */ -const esp_partition_t* aws_esp_ota_get_next_update_partition(const esp_partition_t *start_from); - /* Set firmware image flags, `active_part` if true then sets current running firmware flags, else passive (non-executing) firmware flags */ esp_err_t aws_esp_ota_set_boot_flags(uint32_t flags, bool active_part); diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_ota_pal.c b/vendors/espressif/boards/esp32/ports/ota/aws_ota_pal.c index 787fb514f2f..b9f955cf2d9 100644 --- a/vendors/espressif/boards/esp32/ports/ota/aws_ota_pal.c +++ b/vendors/espressif/boards/esp32/ports/ota/aws_ota_pal.c @@ -196,7 +196,7 @@ OTA_Err_t prvPAL_CreateFileForRx( OTA_FileContext_t * const C ) return kOTA_Err_RxFileCreateFailed; } - const esp_partition_t * update_partition = aws_esp_ota_get_next_update_partition( NULL ); + const esp_partition_t * update_partition = esp_ota_get_next_update_partition( NULL ); if( update_partition == NULL ) { @@ -208,11 +208,11 @@ OTA_Err_t prvPAL_CreateFileForRx( OTA_FileContext_t * const C ) update_partition->subtype, update_partition->address ); esp_ota_handle_t update_handle; - esp_err_t err = aws_esp_ota_begin( update_partition, OTA_SIZE_UNKNOWN, &update_handle ); + esp_err_t err = esp_ota_begin( update_partition, OTA_SIZE_UNKNOWN, &update_handle ); if( err != ESP_OK ) { - ESP_LOGE( TAG, "aws_esp_ota_begin failed (%d)", err ); + ESP_LOGE( TAG, "esp_ota_begin failed (%d)", err ); return kOTA_Err_RxFileCreateFailed; } @@ -224,7 +224,7 @@ OTA_Err_t prvPAL_CreateFileForRx( OTA_FileContext_t * const C ) ota_ctx.data_write_len = 0; ota_ctx.valid_image = false; - ESP_LOGI( TAG, "aws_esp_ota_begin succeeded" ); + ESP_LOGI( TAG, "esp_ota_begin succeeded" ); return kOTA_Err_None; } @@ -495,7 +495,7 @@ OTA_Err_t prvPAL_CloseFile( OTA_FileContext_t * const C ) if( result == kOTA_Err_None ) { - esp_err_t ret = aws_esp_ota_write( ota_ctx.update_handle, sec_boot_sig, ota_ctx.data_write_len, ECDSA_SIG_SIZE ); + esp_err_t ret = esp_ota_write_with_offset( ota_ctx.update_handle, sec_boot_sig, ECDSA_SIG_SIZE, ota_ctx.data_write_len ); if( ret != ESP_OK ) { @@ -530,18 +530,18 @@ OTA_Err_t prvPAL_ActivateNewImage( void ) { if( ota_ctx.cur_ota != NULL ) { - if( aws_esp_ota_end( ota_ctx.update_handle ) != ESP_OK ) + if( esp_ota_end( ota_ctx.update_handle ) != ESP_OK ) { - ESP_LOGE( TAG, "aws_esp_ota_end failed!" ); + ESP_LOGE( TAG, "esp_ota_end failed!" ); esp_partition_erase_range( ota_ctx.update_partition, 0, ota_ctx.update_partition->size ); prvPAL_ResetDevice(); } - esp_err_t err = aws_esp_ota_set_boot_partition( ota_ctx.update_partition ); + esp_err_t err = esp_ota_set_boot_partition( ota_ctx.update_partition ); if( err != ESP_OK ) { - ESP_LOGE( TAG, "aws_esp_ota_set_boot_partition failed (%d)!", err ); + ESP_LOGE( TAG, "esp_ota_set_boot_partition failed (%d)!", err ); esp_partition_erase_range( ota_ctx.update_partition, 0, ota_ctx.update_partition->size ); _esp_ota_ctx_clear( &ota_ctx ); } @@ -562,7 +562,7 @@ int16_t prvPAL_WriteBlock( OTA_FileContext_t * const C, { if( _esp_ota_ctx_validate( C ) ) { - esp_err_t ret = aws_esp_ota_write( ota_ctx.update_handle, pacData, iOffset, iBlockSize ); + esp_err_t ret = esp_ota_write_with_offset( ota_ctx.update_handle, pacData, iBlockSize, iOffset ); if( ret != ESP_OK ) { From 537f6d5368286dc44efed75a448a3ef5e1db9480 Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Thu, 23 Apr 2020 15:19:43 +0530 Subject: [PATCH 3/7] Update depricated config options names in sdkconfig.defaults Add mbedtls specific config options in sdkconfig.defaults Disable ESP_NETIF_TCPIP_ADAPTER_COMPATIBLE_LAYER in sdkconfig to fix IP issue with WiFi reconnection Sync freertos component Kconfig with IDF Update linker fragment for freertos component Update sdkconfig.defaults to disable GCC8 warnings and remove corresponding CFLAGS from Makefile --- .../aws_demos/config_files/FreeRTOSConfig.h | 8 ++-- .../boards/esp32/aws_demos/sdkconfig.defaults | 18 +++++--- .../aws_tests/config_files/FreeRTOSConfig.h | 8 ++-- .../boards/esp32/aws_tests/sdkconfig.defaults | 18 +++++--- .../boards/esp32/components/freertos/Kconfig | 41 +++++++++++++++---- .../esp32/components/freertos/linker.lf | 2 +- 6 files changed, 67 insertions(+), 28 deletions(-) diff --git a/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h b/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h index 1af1c8b70b5..4103b7a1bbb 100644 --- a/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h +++ b/vendors/espressif/boards/esp32/aws_demos/config_files/FreeRTOSConfig.h @@ -166,9 +166,9 @@ /* Test FreeRTOS timers (with timer task) and more. */ /* Some files don't compile if this flag is disabled */ #define configUSE_TIMERS 1 -#define configTIMER_TASK_PRIORITY CONFIG_TIMER_TASK_PRIORITY -#define configTIMER_QUEUE_LENGTH CONFIG_TIMER_QUEUE_LENGTH -#define configTIMER_TASK_STACK_DEPTH CONFIG_TIMER_TASK_STACK_DEPTH +#define configTIMER_TASK_PRIORITY CONFIG_FREERTOS_TIMER_TASK_PRIORITY +#define configTIMER_QUEUE_LENGTH CONFIG_FREERTOS_TIMER_QUEUE_LENGTH +#define configTIMER_TASK_STACK_DEPTH CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH #define INCLUDE_xTimerPendFunctionCall 1 #define INCLUDE_eTaskGetState 1 @@ -209,7 +209,7 @@ #define configUSE_NEWLIB_REENTRANT 1 #define configSUPPORT_DYNAMIC_ALLOCATION 1 -#define configSUPPORT_STATIC_ALLOCATION CONFIG_SUPPORT_STATIC_ALLOCATION +#define configSUPPORT_STATIC_ALLOCATION CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION #ifndef __ASSEMBLER__ extern void vPortCleanUpTCB ( void *pxTCB ); diff --git a/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults b/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults index 8712792e5be..7ab3302b47f 100644 --- a/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults +++ b/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults @@ -1,13 +1,13 @@ -CONFIG_INT_WDT= -CONFIG_TASK_WDT= +CONFIG_ESP_INT_WDT= +CONFIG_ESP_TASK_WDT= CONFIG_FREERTOS_USE_TRACE_FACILITY=y -CONFIG_SUPPORT_STATIC_ALLOCATION=y -CONFIG_ENABLE_STATIC_TASK_CLEAN_UP_HOOK=y +CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION=y +CONFIG_FREERTOS_ENABLE_STATIC_TASK_CLEAN_UP=y CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partition-table.csv" CONFIG_PARTITION_TABLE_FILENAME="partition-table.csv" CONFIG_TIMER_TASK_STACK_DEPTH=3584 -CONFIG_TIMER_TASK_PRIORITY=5 +CONFIG_FREERTOS_TIMER_TASK_PRIORITY=5 CONFIG_FREERTOS_LEGACY_HOOKS=y CONFIG_FREERTOS_LEGACY_IDLE_HOOK=y CONFIG_FREERTOS_LEGACY_TICK_HOOK=y @@ -18,7 +18,7 @@ CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 CONFIG_MBEDTLS_CMAC_C=y CONFIG_MBEDTLS_ECP_RESTARTABLE=y CONFIG_BT_ENABLED=y -CONFIG_BLUEDROID_ENABLED= +CONFIG_BT_BLUEDROID_ENABLED= CONFIG_NIMBLE_ENABLED=y CONFIG_NIMBLE_MAX_CONNECTIONS=1 CONFIG_NIMBLE_MAX_BONDS=3 @@ -48,3 +48,9 @@ CONFIG_ESPTOOLPY_BAUD_921600B=y CONFIG_BOOTLOADER_WDT_DISABLE_SKIP_FIRST_BOOT=y CONFIG_BOOTLOADER_WDT_TIME_MS=90000 CONFIG_BOOTLOADER_APP_ROLLBACK_ENABLE=y +CONFIG_MBEDTLS_THREADING_ALT=y +CONFIG_MBEDTLS_THREADING_C=y +CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=n +CONFIG_MBEDTLS_SHA512_C=n +CONFIG_ESP_NETIF_TCPIP_ADAPTER_COMPATIBLE_LAYER=n +CONFIG_COMPILER_DISABLE_GCC8_WARNINGS=y diff --git a/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h b/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h index 1570cc1c6aa..30fbedf29bb 100644 --- a/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h +++ b/vendors/espressif/boards/esp32/aws_tests/config_files/FreeRTOSConfig.h @@ -156,9 +156,9 @@ /* Test FreeRTOS timers (with timer task) and more. */ /* Some files don't compile if this flag is disabled */ #define configUSE_TIMERS 1 -#define configTIMER_TASK_PRIORITY CONFIG_TIMER_TASK_PRIORITY -#define configTIMER_QUEUE_LENGTH CONFIG_TIMER_QUEUE_LENGTH -#define configTIMER_TASK_STACK_DEPTH CONFIG_TIMER_TASK_STACK_DEPTH +#define configTIMER_TASK_PRIORITY CONFIG_FREERTOS_TIMER_TASK_PRIORITY +#define configTIMER_QUEUE_LENGTH CONFIG_FREERTOS_TIMER_QUEUE_LENGTH +#define configTIMER_TASK_STACK_DEPTH CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH #define INCLUDE_xTimerPendFunctionCall 1 #define INCLUDE_eTaskGetState 1 @@ -199,7 +199,7 @@ #define configUSE_NEWLIB_REENTRANT 1 #define configSUPPORT_DYNAMIC_ALLOCATION 1 -#define configSUPPORT_STATIC_ALLOCATION CONFIG_SUPPORT_STATIC_ALLOCATION +#define configSUPPORT_STATIC_ALLOCATION CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION #ifndef __ASSEMBLER__ extern void vPortCleanUpTCB ( void *pxTCB ); diff --git a/vendors/espressif/boards/esp32/aws_tests/sdkconfig.defaults b/vendors/espressif/boards/esp32/aws_tests/sdkconfig.defaults index bea544abcac..98ee3b3a0c4 100644 --- a/vendors/espressif/boards/esp32/aws_tests/sdkconfig.defaults +++ b/vendors/espressif/boards/esp32/aws_tests/sdkconfig.defaults @@ -1,7 +1,7 @@ -CONFIG_TASK_WDT= -CONFIG_INT_WDT= -CONFIG_SUPPORT_STATIC_ALLOCATION=y -CONFIG_ENABLE_STATIC_TASK_CLEAN_UP_HOOK=y +CONFIG_ESP_INT_WDT= +CONFIG_ESP_TASK_WDT= +CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION=y +CONFIG_FREERTOS_ENABLE_STATIC_TASK_CLEAN_UP=y CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partition-table.csv" CONFIG_PARTITION_TABLE_FILENAME="partition-table.csv" @@ -9,7 +9,7 @@ CONFIG_ESP32_WIFI_STATIC_RX_BUFFER_NUM=16 CONFIG_ESP32_WIFI_DYNAMIC_RX_BUFFER_NUM=64 CONFIG_ESP32_WIFI_DYNAMIC_TX_BUFFER_NUM=64 CONFIG_TIMER_TASK_STACK_DEPTH=3584 -CONFIG_TIMER_TASK_PRIORITY=6 +CONFIG_FREERTOS_TIMER_TASK_PRIORITY=6 CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y CONFIG_PTHREAD_MUTEX_TIMEDLOCK= CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y @@ -18,7 +18,7 @@ CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 CONFIG_MBEDTLS_CMAC_C=y CONFIG_MBEDTLS_ECP_RESTARTABLE=y CONFIG_BT_ENABLED=y -CONFIG_BLUEDROID_ENABLED= +CONFIG_BT_BLUEDROID_ENABLED= CONFIG_NIMBLE_ENABLED=y CONFIG_NIMBLE_MAX_CONNECTIONS=1 CONFIG_NIMBLE_MAX_BONDS=3 @@ -49,3 +49,9 @@ CONFIG_FREERTOS_USE_TRACE_FACILITY=y CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y CONFIG_ESPTOOLPY_BAUD_921600B=y CONFIG_LWIP_MAX_ACTIVE_TCP=32 +CONFIG_MBEDTLS_THREADING_ALT=y +CONFIG_MBEDTLS_THREADING_C=y +CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=n +CONFIG_MBEDTLS_SHA512_C=n +CONFIG_ESP_NETIF_TCPIP_ADAPTER_COMPATIBLE_LAYER=n +CONFIG_COMPILER_DISABLE_GCC8_WARNINGS=y diff --git a/vendors/espressif/boards/esp32/components/freertos/Kconfig b/vendors/espressif/boards/esp32/components/freertos/Kconfig index 03b8b5ca151..9eb0306fa33 100644 --- a/vendors/espressif/boards/esp32/components/freertos/Kconfig +++ b/vendors/espressif/boards/esp32/components/freertos/Kconfig @@ -19,7 +19,7 @@ config FREERTOS_UNICORE choice FREERTOS_CORETIMER prompt "Xtensa timer to use as the FreeRTOS tick source" - default CONFIG_FREERTOS_CORETIMER_0 + default FREERTOS_CORETIMER_0 help FreeRTOS needs a timer with an associated interrupt to use as the main tick source to increase counters, run timers and do @@ -38,6 +38,14 @@ config FREERTOS_CORETIMER_1 endchoice +config FREERTOS_OPTIMIZED_SCHEDULER + bool "Enable FreeRTOS pĺatform optimized scheduler" + default y + help + On most platforms there are instructions can speedup the ready task + searching. Enabling this option the FreeRTOS with this instructions + support will be built + config FREERTOS_HZ int "Tick rate (Hz)" range 1 1000 @@ -206,7 +214,7 @@ config FREERTOS_MAX_TASK_NAME_LEN For most uses, the default of 16 is OK. -config SUPPORT_STATIC_ALLOCATION +config FREERTOS_SUPPORT_STATIC_ALLOCATION bool "Enable FreeRTOS static allocation API" default n help @@ -234,9 +242,9 @@ config SUPPORT_STATIC_ALLOCATION It allows the RTOS to be used in applications that simply don't allow any dynamic memory allocation (although FreeRTOS includes allocation schemes that can overcome most objections). -config ENABLE_STATIC_TASK_CLEAN_UP_HOOK +config FREERTOS_ENABLE_STATIC_TASK_CLEAN_UP bool "Enable static task clean up hook" - depends on SUPPORT_STATIC_ALLOCATION + depends on FREERTOS_SUPPORT_STATIC_ALLOCATION default n help Enable this option to make FreeRTOS call the static task clean up hook when a task is deleted. @@ -247,7 +255,7 @@ config ENABLE_STATIC_TASK_CLEAN_UP_HOOK // place clean up code here } -config TIMER_TASK_PRIORITY +config FREERTOS_TIMER_TASK_PRIORITY int "FreeRTOS timer task priority" range 1 25 default 1 @@ -258,7 +266,7 @@ config TIMER_TASK_PRIORITY Use this constant to define the priority that the timer task will run at. -config TIMER_TASK_STACK_DEPTH +config FREERTOS_TIMER_TASK_STACK_DEPTH int "FreeRTOS timer task stack size" range 1536 32768 default 2048 @@ -269,7 +277,7 @@ config TIMER_TASK_STACK_DEPTH Use this constant to define the size (in bytes) of the stack allocated for the timer task. -config TIMER_QUEUE_LENGTH +config FREERTOS_TIMER_QUEUE_LENGTH int "FreeRTOS timer queue length" range 5 20 default 10 @@ -385,6 +393,17 @@ config FREERTOS_IDLE_TIME_BEFORE_SLEEP FreeRTOS will enter light sleep mode if no tasks need to run for this number of ticks. +config FREERTOS_TASK_FUNCTION_WRAPPER + bool "Enclose all task functions in a wrapper function" + depends on COMPILER_OPTIMIZATION_DEFAULT + default y + help + If enabled, all FreeRTOS task functions will be enclosed in a wrapper function. + If a task function mistakenly returns (i.e. does not delete), the call flow will + return to the wrapper function. The wrapper function will then log an error and + abort the application. This option is also required for GDB backtraces and C++ + exceptions to work correctly inside top-level task functions. + menuconfig FREERTOS_DEBUG_INTERNALS bool "Debug FreeRTOS internals" default n @@ -414,4 +433,12 @@ endif #FREERTOS_UNICORE endif # FREERTOS_DEBUG_INTERNALS +config FREERTOS_FPU_IN_ISR + bool "Allow use of float inside Level 1 ISR (EXPERIMENTAL)" + depends on IDF_TARGET_ESP32 + default n + help + When enabled, the usage of float type is allowed inside Level 1 + ISRs. + endmenu diff --git a/vendors/espressif/boards/esp32/components/freertos/linker.lf b/vendors/espressif/boards/esp32/components/freertos/linker.lf index 93092b7e805..a2275ecd62a 100644 --- a/vendors/espressif/boards/esp32/components/freertos/linker.lf +++ b/vendors/espressif/boards/esp32/components/freertos/linker.lf @@ -1,4 +1,4 @@ -[mapping] +[mapping:freertos] archive: libfreertos.a entries: * (noflash_text) From b049985d6382c6a1ba9b18b44b95c9e6297f9df8 Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Tue, 12 May 2020 18:51:06 +0530 Subject: [PATCH 4/7] Enable task watchdog and interrupt watchdog timers for aws_demos --- .../espressif/boards/esp32/aws_demos/sdkconfig.defaults | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults b/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults index 7ab3302b47f..4898eb7d849 100644 --- a/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults +++ b/vendors/espressif/boards/esp32/aws_demos/sdkconfig.defaults @@ -1,5 +1,3 @@ -CONFIG_ESP_INT_WDT= -CONFIG_ESP_TASK_WDT= CONFIG_FREERTOS_USE_TRACE_FACILITY=y CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION=y CONFIG_FREERTOS_ENABLE_STATIC_TASK_CLEAN_UP=y @@ -54,3 +52,8 @@ CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=n CONFIG_MBEDTLS_SHA512_C=n CONFIG_ESP_NETIF_TCPIP_ADAPTER_COMPATIBLE_LAYER=n CONFIG_COMPILER_DISABLE_GCC8_WARNINGS=y +CONFIG_ESP_INT_WDT=y +CONFIG_ESP_INT_WDT_TIMEOUT_MS=300 +CONFIG_ESP_TASK_WDT=y +CONFIG_ESP_TASK_WDT_TIMEOUT_S=20 +CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=y From c0138443063479537f1d72be30734e4eaa387c7b Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Mon, 11 May 2020 17:39:45 +0530 Subject: [PATCH 5/7] Move port and extra components directory to a common location shared by all boards. Remove mbedTLS port files and use ESP-IDF provided files. Changes in CMakeLists for mbedTLS to support ESP32-S2. --- .../components/freertos/CMakeLists.txt | 4 +- .../{esp32 => }/components/freertos/Kconfig | 0 .../components/freertos/component.mk | 8 +- .../{esp32 => }/components/freertos/extra.c | 0 .../freertos/include/freertos/FreeRTOS.h | 0 .../include/freertos/FreeRTOSConfig.h | 0 .../freertos/include/freertos/event_groups.h | 0 .../freertos/include/freertos/list.h | 0 .../freertos/include/freertos/portable.h | 0 .../freertos/include/freertos/portmacro.h | 0 .../freertos/include/freertos/queue.h | 0 .../freertos/include/freertos/semphr.h | 0 .../freertos/include/freertos/task.h | 0 .../freertos/include/freertos/timers.h | 0 .../freertos/include/freertos/xtensa_api.h | 0 .../include/freertos/xtensa_context.h | 0 .../freertos/include/freertos/xtensa_rtos.h | 0 .../freertos/include/freertos/xtensa_timer.h | 0 .../include/freertos_tasks_c_additions.h | 0 .../{esp32 => }/components/freertos/linker.lf | 0 .../esp_http_server/CMakeLists.txt | 0 .../esp_http_server/component.mk | 0 .../freertos_tcpip/ethernet/CMakeLists.txt | 0 .../freertos_tcpip/ethernet/component.mk | 0 .../freertos_tcpip/ethernet/include/esp_eth.h | 0 .../components/freertos_tcpip/ethernet/port.c | 0 .../freertos_plus_tcp/CMakeLists.txt | 0 .../freertos_plus_tcp/component.mk | 0 .../freertos_tcpip/mdns/CMakeLists.txt | 0 .../freertos_tcpip/mdns/component.mk | 0 .../freertos_tcpip/protocomm/CMakeLists.txt | 0 .../freertos_tcpip/protocomm/component.mk | 0 .../smartconfig_ack/CMakeLists.txt | 0 .../smartconfig_ack/component.mk | 0 .../smartconfig_ack/include/smartconfig_ack.h | 0 .../smartconfig_ack/smartconfig_ack.c | 0 .../tcpip_adapter/CMakeLists.txt | 0 .../freertos_tcpip/tcpip_adapter/component.mk | 0 .../tcpip_adapter/include/tcpip_adapter.h | 0 .../tcpip_adapter/tcpip_adapter.c | 0 .../wifi_provisioning/CMakeLists.txt | 0 .../wifi_provisioning/component.mk | 0 .../boards/components/mbedtls/CMakeLists.txt | 101 + .../{esp32 => }/components/mbedtls/Kconfig | 34 + .../components/mbedtls/Makefile.projbuild | 5 + .../components/mbedtls/component.mk | 9 +- .../components/secure_sockets/CMakeLists.txt | 0 .../components/secure_sockets/component.mk | 4 +- .../components/secure_sockets/include/netdb.h | 0 .../secure_sockets/include/sockets.h | 0 vendors/espressif/boards/esp32/CMakeLists.txt | 7 +- .../amazon-freertos-common/component.mk | 4 +- .../amazon-freertos-tests/component.mk | 4 +- .../esp32/components/mbedtls/CMakeLists.txt | 54 - .../components/mbedtls/Makefile.projbuild | 4 - .../esp32/components/mbedtls/port/aes.c | 754 ----- .../components/mbedtls/port/esp_bignum.c | 685 ---- .../components/mbedtls/port/esp_hardware.c | 26 - .../esp32/components/mbedtls/port/esp_mem.c | 48 - .../esp32/components/mbedtls/port/esp_sha1.c | 451 --- .../components/mbedtls/port/esp_sha256.c | 422 --- .../components/mbedtls/port/esp_sha512.c | 469 --- .../components/mbedtls/port/include/aes.h | 353 --- .../components/mbedtls/port/include/aes_alt.h | 66 - .../components/mbedtls/port/include/esp_mem.h | 20 - .../mbedtls/port/include/mbedtls/bignum.h | 78 - .../mbedtls/port/include/mbedtls/config.h | 9 - .../mbedtls/port/include/mbedtls/esp_config.h | 2770 ----------------- .../mbedtls/port/include/mbedtls/esp_debug.h | 57 - .../components/mbedtls/port/include/sha.h | 211 -- .../mbedtls/port/include/sha1_alt.h | 57 - .../mbedtls/port/include/sha256_alt.h | 57 - .../mbedtls/port/include/sha512_alt.h | 57 - .../components/mbedtls/port/mbedtls_debug.c | 94 - .../esp32/components/mbedtls/port/sha.c | 314 -- .../ble/bluedroid/iot_ble_hal_common_gap.c | 0 .../ports/ble/bluedroid/iot_ble_hal_gap.c | 0 .../ble/bluedroid/iot_ble_hal_gatt_server.c | 0 .../ble/bluedroid/iot_ble_hal_internals.h | 0 .../ports/ble/iot_ble_hal_common_gap.c | 0 .../{esp32 => }/ports/ble/iot_ble_hal_gap.c | 0 .../ports/ble/iot_ble_hal_gatt_server.c | 0 .../ports/ble/nimble/iot_ble_hal_common_gap.c | 0 .../ports/ble/nimble/iot_ble_hal_gap.c | 0 .../ble/nimble/iot_ble_hal_gatt_server.c | 0 .../ports/ble/nimble/iot_ble_hal_internals.h | 0 .../{esp32 => }/ports/ota/aws_esp_ota_ops.c | 0 .../{esp32 => }/ports/ota/aws_esp_ota_ops.h | 0 .../{esp32 => }/ports/ota/aws_ota_pal.c | 0 .../{esp32 => }/ports/pkcs11/iot_pkcs11_pal.c | 0 .../ports/posix/FreeRTOS_POSIX_portable.h | 0 .../boards/{esp32 => }/ports/wifi/iot_wifi.c | 0 92 files changed, 161 insertions(+), 7075 deletions(-) rename vendors/espressif/boards/{esp32 => }/components/freertos/CMakeLists.txt (94%) rename vendors/espressif/boards/{esp32 => }/components/freertos/Kconfig (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/component.mk (87%) rename vendors/espressif/boards/{esp32 => }/components/freertos/extra.c (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/FreeRTOS.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/FreeRTOSConfig.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/event_groups.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/list.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/portable.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/portmacro.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/queue.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/semphr.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/task.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/timers.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/xtensa_api.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/xtensa_context.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/xtensa_rtos.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos/xtensa_timer.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/include/freertos_tasks_c_additions.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos/linker.lf (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/esp_http_server/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/esp_http_server/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/ethernet/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/ethernet/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/ethernet/include/esp_eth.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/ethernet/port.c (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/freertos_plus_tcp/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/freertos_plus_tcp/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/mdns/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/mdns/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/protocomm/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/protocomm/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/smartconfig_ack/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/smartconfig_ack/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/smartconfig_ack/include/smartconfig_ack.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/smartconfig_ack/smartconfig_ack.c (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/tcpip_adapter/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/tcpip_adapter/component.mk (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/tcpip_adapter/include/tcpip_adapter.h (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/tcpip_adapter/tcpip_adapter.c (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/wifi_provisioning/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/freertos_tcpip/wifi_provisioning/component.mk (100%) create mode 100644 vendors/espressif/boards/components/mbedtls/CMakeLists.txt rename vendors/espressif/boards/{esp32 => }/components/mbedtls/Kconfig (94%) create mode 100644 vendors/espressif/boards/components/mbedtls/Makefile.projbuild rename vendors/espressif/boards/{esp32 => }/components/mbedtls/component.mk (53%) rename vendors/espressif/boards/{esp32 => }/components/secure_sockets/CMakeLists.txt (100%) rename vendors/espressif/boards/{esp32 => }/components/secure_sockets/component.mk (79%) rename vendors/espressif/boards/{esp32 => }/components/secure_sockets/include/netdb.h (100%) rename vendors/espressif/boards/{esp32 => }/components/secure_sockets/include/sockets.h (100%) delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/Makefile.projbuild delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/aes.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/esp_hardware.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/esp_mem.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha1.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha256.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha512.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/esp_mem.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/bignum.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/config.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_config.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_debug.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/sha1_alt.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/sha256_alt.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/include/sha512_alt.h delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/mbedtls_debug.c delete mode 100644 vendors/espressif/boards/esp32/components/mbedtls/port/sha.c rename vendors/espressif/boards/{esp32 => }/ports/ble/bluedroid/iot_ble_hal_common_gap.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/bluedroid/iot_ble_hal_gap.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/bluedroid/iot_ble_hal_gatt_server.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/bluedroid/iot_ble_hal_internals.h (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/iot_ble_hal_common_gap.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/iot_ble_hal_gap.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/iot_ble_hal_gatt_server.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/nimble/iot_ble_hal_common_gap.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/nimble/iot_ble_hal_gap.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/nimble/iot_ble_hal_gatt_server.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ble/nimble/iot_ble_hal_internals.h (100%) rename vendors/espressif/boards/{esp32 => }/ports/ota/aws_esp_ota_ops.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/ota/aws_esp_ota_ops.h (100%) rename vendors/espressif/boards/{esp32 => }/ports/ota/aws_ota_pal.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/pkcs11/iot_pkcs11_pal.c (100%) rename vendors/espressif/boards/{esp32 => }/ports/posix/FreeRTOS_POSIX_portable.h (100%) rename vendors/espressif/boards/{esp32 => }/ports/wifi/iot_wifi.c (100%) diff --git a/vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt b/vendors/espressif/boards/components/freertos/CMakeLists.txt similarity index 94% rename from vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt rename to vendors/espressif/boards/components/freertos/CMakeLists.txt index 888d0f8c7e3..750832b75cb 100644 --- a/vendors/espressif/boards/esp32/components/freertos/CMakeLists.txt +++ b/vendors/espressif/boards/components/freertos/CMakeLists.txt @@ -11,13 +11,13 @@ set( if(AFR_ENABLE_TESTS) list(APPEND include_dirs - "${CMAKE_CURRENT_LIST_DIR}/../../aws_tests/config_files" + "${CMAKE_CURRENT_LIST_DIR}/../../esp32/aws_tests/config_files" "${AMAZON_FREERTOS_FREERTOS_PLUS_DIR}/standard/freertos_plus_posix/include" "${AMAZON_FREERTOS_3RDPARTY_DIR}/unity/src" ) else() list(APPEND include_dirs - "${CMAKE_CURRENT_LIST_DIR}/../../aws_demos/config_files") + "${CMAKE_CURRENT_LIST_DIR}/../../esp32/aws_demos/config_files") endif() # Edit following two lines to set component requirements (see docs) diff --git a/vendors/espressif/boards/esp32/components/freertos/Kconfig b/vendors/espressif/boards/components/freertos/Kconfig similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/Kconfig rename to vendors/espressif/boards/components/freertos/Kconfig diff --git a/vendors/espressif/boards/esp32/components/freertos/component.mk b/vendors/espressif/boards/components/freertos/component.mk similarity index 87% rename from vendors/espressif/boards/esp32/components/freertos/component.mk rename to vendors/espressif/boards/components/freertos/component.mk index d61a7f11eaa..e1236a38c1c 100644 --- a/vendors/espressif/boards/esp32/components/freertos/component.mk +++ b/vendors/espressif/boards/components/freertos/component.mk @@ -1,9 +1,9 @@ -AMAZON_FREERTOS_LIB_DIR := ../../../../../../libraries -AMAZON_FREERTOS_KERNEL_DIR := ../../../../../../freertos_kernel +AMAZON_FREERTOS_LIB_DIR := ../../../../../libraries +AMAZON_FREERTOS_KERNEL_DIR := ../../../../../freertos_kernel ifndef AMAZON_FREERTOS_ENABLE_UNIT_TEST -AMAZON_FREERTOS_ESP32 := ../../../../../../vendors/espressif/boards/esp32/aws_demos +AMAZON_FREERTOS_ESP32 := ../../../../../vendors/espressif/boards/esp32/aws_demos else -AMAZON_FREERTOS_ESP32 := ../../../../../../vendors/espressif/boards/esp32/aws_tests +AMAZON_FREERTOS_ESP32 := ../../../../../vendors/espressif/boards/esp32/aws_tests endif diff --git a/vendors/espressif/boards/esp32/components/freertos/extra.c b/vendors/espressif/boards/components/freertos/extra.c similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/extra.c rename to vendors/espressif/boards/components/freertos/extra.c diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/FreeRTOS.h b/vendors/espressif/boards/components/freertos/include/freertos/FreeRTOS.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/FreeRTOS.h rename to vendors/espressif/boards/components/freertos/include/freertos/FreeRTOS.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/FreeRTOSConfig.h b/vendors/espressif/boards/components/freertos/include/freertos/FreeRTOSConfig.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/FreeRTOSConfig.h rename to vendors/espressif/boards/components/freertos/include/freertos/FreeRTOSConfig.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/event_groups.h b/vendors/espressif/boards/components/freertos/include/freertos/event_groups.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/event_groups.h rename to vendors/espressif/boards/components/freertos/include/freertos/event_groups.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/list.h b/vendors/espressif/boards/components/freertos/include/freertos/list.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/list.h rename to vendors/espressif/boards/components/freertos/include/freertos/list.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/portable.h b/vendors/espressif/boards/components/freertos/include/freertos/portable.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/portable.h rename to vendors/espressif/boards/components/freertos/include/freertos/portable.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/portmacro.h b/vendors/espressif/boards/components/freertos/include/freertos/portmacro.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/portmacro.h rename to vendors/espressif/boards/components/freertos/include/freertos/portmacro.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/queue.h b/vendors/espressif/boards/components/freertos/include/freertos/queue.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/queue.h rename to vendors/espressif/boards/components/freertos/include/freertos/queue.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/semphr.h b/vendors/espressif/boards/components/freertos/include/freertos/semphr.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/semphr.h rename to vendors/espressif/boards/components/freertos/include/freertos/semphr.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/task.h b/vendors/espressif/boards/components/freertos/include/freertos/task.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/task.h rename to vendors/espressif/boards/components/freertos/include/freertos/task.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/timers.h b/vendors/espressif/boards/components/freertos/include/freertos/timers.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/timers.h rename to vendors/espressif/boards/components/freertos/include/freertos/timers.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_api.h b/vendors/espressif/boards/components/freertos/include/freertos/xtensa_api.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_api.h rename to vendors/espressif/boards/components/freertos/include/freertos/xtensa_api.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_context.h b/vendors/espressif/boards/components/freertos/include/freertos/xtensa_context.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_context.h rename to vendors/espressif/boards/components/freertos/include/freertos/xtensa_context.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_rtos.h b/vendors/espressif/boards/components/freertos/include/freertos/xtensa_rtos.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_rtos.h rename to vendors/espressif/boards/components/freertos/include/freertos/xtensa_rtos.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_timer.h b/vendors/espressif/boards/components/freertos/include/freertos/xtensa_timer.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos/xtensa_timer.h rename to vendors/espressif/boards/components/freertos/include/freertos/xtensa_timer.h diff --git a/vendors/espressif/boards/esp32/components/freertos/include/freertos_tasks_c_additions.h b/vendors/espressif/boards/components/freertos/include/freertos_tasks_c_additions.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/include/freertos_tasks_c_additions.h rename to vendors/espressif/boards/components/freertos/include/freertos_tasks_c_additions.h diff --git a/vendors/espressif/boards/esp32/components/freertos/linker.lf b/vendors/espressif/boards/components/freertos/linker.lf similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos/linker.lf rename to vendors/espressif/boards/components/freertos/linker.lf diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/esp_http_server/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/esp_http_server/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/esp_http_server/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/esp_http_server/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/esp_http_server/component.mk b/vendors/espressif/boards/components/freertos_tcpip/esp_http_server/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/esp_http_server/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/esp_http_server/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/ethernet/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/ethernet/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/component.mk b/vendors/espressif/boards/components/freertos_tcpip/ethernet/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/ethernet/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/include/esp_eth.h b/vendors/espressif/boards/components/freertos_tcpip/ethernet/include/esp_eth.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/include/esp_eth.h rename to vendors/espressif/boards/components/freertos_tcpip/ethernet/include/esp_eth.h diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/port.c b/vendors/espressif/boards/components/freertos_tcpip/ethernet/port.c similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/ethernet/port.c rename to vendors/espressif/boards/components/freertos_tcpip/ethernet/port.c diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/freertos_plus_tcp/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/freertos_plus_tcp/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/freertos_plus_tcp/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/freertos_plus_tcp/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/freertos_plus_tcp/component.mk b/vendors/espressif/boards/components/freertos_tcpip/freertos_plus_tcp/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/freertos_plus_tcp/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/freertos_plus_tcp/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/mdns/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/mdns/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/mdns/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/mdns/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/mdns/component.mk b/vendors/espressif/boards/components/freertos_tcpip/mdns/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/mdns/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/mdns/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/protocomm/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/protocomm/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/protocomm/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/protocomm/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/protocomm/component.mk b/vendors/espressif/boards/components/freertos_tcpip/protocomm/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/protocomm/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/protocomm/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/component.mk b/vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/include/smartconfig_ack.h b/vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/include/smartconfig_ack.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/include/smartconfig_ack.h rename to vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/include/smartconfig_ack.h diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/smartconfig_ack.c b/vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/smartconfig_ack.c similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/smartconfig_ack/smartconfig_ack.c rename to vendors/espressif/boards/components/freertos_tcpip/smartconfig_ack/smartconfig_ack.c diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/component.mk b/vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/component.mk diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/include/tcpip_adapter.h b/vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/include/tcpip_adapter.h similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/include/tcpip_adapter.h rename to vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/include/tcpip_adapter.h diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/tcpip_adapter.c b/vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/tcpip_adapter.c similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/tcpip_adapter/tcpip_adapter.c rename to vendors/espressif/boards/components/freertos_tcpip/tcpip_adapter/tcpip_adapter.c diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/wifi_provisioning/CMakeLists.txt b/vendors/espressif/boards/components/freertos_tcpip/wifi_provisioning/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/wifi_provisioning/CMakeLists.txt rename to vendors/espressif/boards/components/freertos_tcpip/wifi_provisioning/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/freertos_tcpip/wifi_provisioning/component.mk b/vendors/espressif/boards/components/freertos_tcpip/wifi_provisioning/component.mk similarity index 100% rename from vendors/espressif/boards/esp32/components/freertos_tcpip/wifi_provisioning/component.mk rename to vendors/espressif/boards/components/freertos_tcpip/wifi_provisioning/component.mk diff --git a/vendors/espressif/boards/components/mbedtls/CMakeLists.txt b/vendors/espressif/boards/components/mbedtls/CMakeLists.txt new file mode 100644 index 00000000000..31338a9e71d --- /dev/null +++ b/vendors/espressif/boards/components/mbedtls/CMakeLists.txt @@ -0,0 +1,101 @@ +idf_component_register() + +set(FREERTOS_COMPONENT_DIR "${CMAKE_CURRENT_LIST_DIR}/../freertos") +set(MBEDTLS_DIR "${AFR_VENDORS_DIR}/espressif/esp-idf/components/mbedtls") + +string(FIND "${AFR_BOARD_NAME}" "esp32s2" SOC_NAME_ESP32S2) +string(FIND "${AFR_BOARD_NAME}" "esp32" SOC_NAME_ESP32) + +if (NOT(${SOC_NAME_ESP32S2} EQUAL -1)) + set(SOC_NAME "esp32s2") +elseif(NOT($SOC_NAME_ESP32) EQUAL -1) + set(SOC_NAME "esp32") +endif() + +target_compile_options( + afr_3rdparty_mbedtls + PUBLIC + ${IDF_COMPILE_OPTIONS} + $<$:${IDF_C_COMPILE_OPTIONS}> + $<$:${IDF_CXX_COMPILE_OPTIONS}> + "-Wno-maybe-uninitialized" +) + +set( + include_dirs + ${IDF_INCLUDE_DIRECTORIES} + ${MBEDTLS_DIR}/port/include + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/xtensa/include" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/soc/include" +) + +if("${SOC_NAME}" STREQUAL "esp32s2") + list(APPEND include_dirs + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/src/esp32s2/include" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/esp32s2/include" + ) +else() + list(APPEND include_dirs + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/src/esp32/include" + ) +endif() + +target_include_directories( + afr_3rdparty_mbedtls + BEFORE + PRIVATE + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/vfs/include" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/soc/include/soc" + ${FREERTOS_COMPONENT_DIR}/include + PUBLIC + ${include_dirs} +) + +set( + mbedtls_srcs + "${MBEDTLS_DIR}/port/esp_bignum.c" + "${MBEDTLS_DIR}/port/esp_mem.c" + "${MBEDTLS_DIR}/port/esp_hardware.c" + "${MBEDTLS_DIR}/port/mbedtls_debug.c" + "${MBEDTLS_DIR}/port/esp_aes_xts.c" +) + +if("${SOC_NAME}" STREQUAL "esp32s2") + list(APPEND mbedtls_srcs + "${MBEDTLS_DIR}/port/esp32s2/aes.c" + "${MBEDTLS_DIR}/port/esp32s2/sha.c" + "${MBEDTLS_DIR}/port/esp32s2/bignum.c" + "${MBEDTLS_DIR}/port/esp32s2/esp_sha1.c" + "${MBEDTLS_DIR}/port/esp32s2/esp_sha512.c" + "${MBEDTLS_DIR}/port/esp32s2/esp_sha256.c" + "${AFR_VENDORS_DIR}/espressif/esp-idf/components/esp32s2/esp_crypto_lock.c" + ) +else() + list(APPEND mbedtls_srcs + "${MBEDTLS_DIR}/port/esp32/aes.c" + "${MBEDTLS_DIR}/port/esp32/sha.c" + "${MBEDTLS_DIR}/port/esp32/bignum.c" + "${MBEDTLS_DIR}/port/esp32/esp_sha1.c" + "${MBEDTLS_DIR}/port/esp32/esp_sha512.c" + "${MBEDTLS_DIR}/port/esp32/esp_sha256.c" + ) +endif() + +target_sources( + afr_3rdparty_mbedtls + PUBLIC + ${mbedtls_srcs} +) + +target_compile_definitions( + afr_3rdparty_mbedtls + PUBLIC + ${IDF_COMPILE_DEFINITIONS} + -DMBEDTLS_CONFIG_FILE="${MBEDTLS_DIR}/port/include/mbedtls/esp_config.h" +) + +target_link_libraries( + ${COMPONENT_TARGET} + INTERFACE + afr_3rdparty_mbedtls +) diff --git a/vendors/espressif/boards/esp32/components/mbedtls/Kconfig b/vendors/espressif/boards/components/mbedtls/Kconfig similarity index 94% rename from vendors/espressif/boards/esp32/components/mbedtls/Kconfig rename to vendors/espressif/boards/components/mbedtls/Kconfig index e9d75794826..e4fea5f0ce8 100644 --- a/vendors/espressif/boards/esp32/components/mbedtls/Kconfig +++ b/vendors/espressif/boards/components/mbedtls/Kconfig @@ -181,6 +181,19 @@ config MBEDTLS_HAVE_TIME_DATE It is suggested that you should get the real time by "SNTP". +config MBEDTLS_ECDSA_DETERMINISTIC + bool "Enable deterministic ECDSA" + default y + help + Standard ECDSA is "fragile" in the sense that lack of entropy when signing + may result in a compromise of the long-term signing key. + +config MBEDTLS_SHA512_C + bool "Enable the SHA-384 and SHA-512 cryptographic hash algorithms" + default y + help + Enable MBEDTLS_SHA512_C adds support for SHA-384 and SHA-512. + choice MBEDTLS_TLS_MODE bool "TLS Protocol Role" default MBEDTLS_TLS_SERVER_AND_CLIENT @@ -589,4 +602,25 @@ config MBEDTLS_ECP_NIST_OPTIM # end of Elliptic Curve options +config MBEDTLS_THREADING_C + bool "Enable the threading abstraction layer" + default n + help + If you do intend to use contexts between threads, you will need to enable + this layer to prevent race conditions. + +config MBEDTLS_THREADING_ALT + bool "Enable threading alternate implementation" + depends on MBEDTLS_THREADING_C + default y + help + Enable threading alt to allow your own alternate threading implementation. + +config MBEDTLS_THREADING_PTHREAD + bool "Enable threading pthread implementation" + depends on MBEDTLS_THREADING_C + default n + help + Enable the pthread wrapper layer for the threading layer. + endmenu # mbedTLS diff --git a/vendors/espressif/boards/components/mbedtls/Makefile.projbuild b/vendors/espressif/boards/components/mbedtls/Makefile.projbuild new file mode 100644 index 00000000000..18e2a8c55c3 --- /dev/null +++ b/vendors/espressif/boards/components/mbedtls/Makefile.projbuild @@ -0,0 +1,5 @@ +# Anyone compiling mbedTLS code needs the name of the +# alternative config file +MBEDTLS_DIR := ../../../esp-idf/components/mbedtls/port/include +CPPFLAGS += -DMBEDTLS_CONFIG_FILE='"$(MBEDTLS_DIR)/mbedtls/esp_config.h"' + diff --git a/vendors/espressif/boards/esp32/components/mbedtls/component.mk b/vendors/espressif/boards/components/mbedtls/component.mk similarity index 53% rename from vendors/espressif/boards/esp32/components/mbedtls/component.mk rename to vendors/espressif/boards/components/mbedtls/component.mk index 2de38d92c8f..f10b0a32a2c 100644 --- a/vendors/espressif/boards/esp32/components/mbedtls/component.mk +++ b/vendors/espressif/boards/components/mbedtls/component.mk @@ -1,9 +1,10 @@ -AMAZON_FREERTOS_LIB_DIR := ../../../../../../libraries +AMAZON_FREERTOS_LIB_DIR := ../../../../../libraries +MBEDTLS_DIR := ../../../esp-idf/components/mbedtls -COMPONENT_SRCDIRS := $(AMAZON_FREERTOS_LIB_DIR)/3rdparty/mbedtls/library port \ - $(AMAZON_FREERTOS_LIB_DIR)/3rdparty/mbedtls_utils +COMPONENT_SRCDIRS := $(AMAZON_FREERTOS_LIB_DIR)/3rdparty/mbedtls/library $(MBEDTLS_DIR)/port \ + $(MBEDTLS_DIR)/port/esp32 $(AMAZON_FREERTOS_LIB_DIR)/3rdparty/mbedtls_utils -COMPONENT_ADD_INCLUDEDIRS := port/include $(AMAZON_FREERTOS_LIB_DIR)/3rdparty/mbedtls/include +COMPONENT_ADD_INCLUDEDIRS := $(MBEDTLS_DIR)/port/include $(AMAZON_FREERTOS_LIB_DIR)/3rdparty/mbedtls/include libraries/3rdparty/mbedtls/library/hmac_drbg.o: CFLAGS += -Wno-maybe-uninitialized libraries/3rdparty/mbedtls/library/x509_crt.o: CFLAGS += -Wno-maybe-uninitialized diff --git a/vendors/espressif/boards/esp32/components/secure_sockets/CMakeLists.txt b/vendors/espressif/boards/components/secure_sockets/CMakeLists.txt similarity index 100% rename from vendors/espressif/boards/esp32/components/secure_sockets/CMakeLists.txt rename to vendors/espressif/boards/components/secure_sockets/CMakeLists.txt diff --git a/vendors/espressif/boards/esp32/components/secure_sockets/component.mk b/vendors/espressif/boards/components/secure_sockets/component.mk similarity index 79% rename from vendors/espressif/boards/esp32/components/secure_sockets/component.mk rename to vendors/espressif/boards/components/secure_sockets/component.mk index 904d681b7df..0a32df2d929 100644 --- a/vendors/espressif/boards/esp32/components/secure_sockets/component.mk +++ b/vendors/espressif/boards/components/secure_sockets/component.mk @@ -1,5 +1,5 @@ -AMAZON_FREERTOS_ABSTRACTIONS_DIR := ../../../../../../libraries/abstractions -AMAZON_FREERTOS_3RD_PARTY_DIR := ../../../../../../libraries/3rdparty +AMAZON_FREERTOS_ABSTRACTIONS_DIR := ../../../../../libraries/abstractions +AMAZON_FREERTOS_3RD_PARTY_DIR := ../../../../../libraries/3rdparty AMAZON_FREERTOS_PORTS_DIR := ../../ports ifndef AFR_ESP_FREERTOS_TCP diff --git a/vendors/espressif/boards/esp32/components/secure_sockets/include/netdb.h b/vendors/espressif/boards/components/secure_sockets/include/netdb.h similarity index 100% rename from vendors/espressif/boards/esp32/components/secure_sockets/include/netdb.h rename to vendors/espressif/boards/components/secure_sockets/include/netdb.h diff --git a/vendors/espressif/boards/esp32/components/secure_sockets/include/sockets.h b/vendors/espressif/boards/components/secure_sockets/include/sockets.h similarity index 100% rename from vendors/espressif/boards/esp32/components/secure_sockets/include/sockets.h rename to vendors/espressif/boards/components/secure_sockets/include/sockets.h diff --git a/vendors/espressif/boards/esp32/CMakeLists.txt b/vendors/espressif/boards/esp32/CMakeLists.txt index fb34a7f2583..a4c09b94df4 100644 --- a/vendors/espressif/boards/esp32/CMakeLists.txt +++ b/vendors/espressif/boards/esp32/CMakeLists.txt @@ -59,8 +59,8 @@ target_link_options( # ------------------------------------------------------------------------------------------------- # FreeRTOS portable layers # ------------------------------------------------------------------------------------------------- -set(afr_ports_dir "${CMAKE_CURRENT_LIST_DIR}/ports") -set(extra_components_dir "${CMAKE_CURRENT_LIST_DIR}/components") +set(afr_ports_dir "${CMAKE_CURRENT_LIST_DIR}/../ports") +set(extra_components_dir "${CMAKE_CURRENT_LIST_DIR}/../components") set(board_demos_dir "${CMAKE_CURRENT_LIST_DIR}/aws_demos") set(board_tests_dir "${CMAKE_CURRENT_LIST_DIR}/aws_tests") set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}) @@ -90,12 +90,13 @@ set( "${esp_idf_dir}/components/nvs_flash/include" "${esp_idf_dir}/components/pthread/include" "${esp_idf_dir}/components/newlib/platform_include" + "${esp_idf_dir}/components/soc/src/esp32/include" "${esp_idf_dir}/components/soc/soc/esp32/include" "${esp_idf_dir}/components/soc/include" "${esp_idf_dir}/components/spi_flash/include" "${esp_idf_dir}/components/vfs/include" "${extra_components_dir}/freertos/include" - "${extra_components_dir}/mbedtls/port/include" + "${esp_idf_dir}/components/mbedtls/port/include" "${esp_idf_dir}/components/xtensa/esp32/include/xtensa" "${esp_idf_dir}/components/xtensa/esp32/include" "${esp_idf_dir}/components/xtensa/include" diff --git a/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk b/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk index b2a6cfa2732..e824c6692a5 100644 --- a/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk +++ b/vendors/espressif/boards/esp32/aws_demos/application_code/espressif_code/amazon-freertos-common/component.mk @@ -11,7 +11,7 @@ AMAZON_FREERTOS_3RD_PARTY_DIR := ../../../../../../../../libraries/3rdparty AMAZON_FREERTOS_ABSTRACTIONS_DIR := ../../../../../../../../libraries/abstractions AMAZON_FREERTOS_ARF_PLUS_DIR := ../../../../../../../../libraries/freertos_plus AMAZON_FREERTOS_ARF_KERNEL := ../../../../../../../../freertos_kernel -AMAZON_FREERTOS_ARF_PORTS := ../../../../../../../../vendors/espressif/boards/esp32/ports +AMAZON_FREERTOS_ARF_PORTS := ../../../../../../../../vendors/espressif/boards/ports AMAZON_FREERTOS_TESTS_DIR := ../../../../../../../../tests AMAZON_FREERTOS_DEMOS_DIR := ../../../../../../../../demos @@ -93,7 +93,7 @@ COMPONENT_PRIV_INCLUDEDIRS := $(AMAZON_FREERTOS_ABSTRACTIONS_DIR)/pkcs11 \ lib/greengrass/aws_greengrass_discovery.o: CFLAGS+=-Wno-format lib/common/aws_logging_task_dynamic_buffers.o: CFLAGS+=-Wno-format -Wno-uninitialized libraries/c_sdk/aws/defender/src/aws_iot_defender_api.o: CFLAGS+=-Wno-unused-but-set-variable -vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gatt_server.o: CFLAGS+=-Wno-stringop-overflow +vendors/espressif/boards/ports/ble/iot_ble_hal_gatt_server.o: CFLAGS+=-Wno-stringop-overflow ifdef AMAZON_FREERTOS_ENABLE_UNIT_TEST COMPONENT_SRCDIRS += ../.. \ diff --git a/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk b/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk index 3b874cf2ad9..c6eaf94c7d2 100644 --- a/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk +++ b/vendors/espressif/boards/esp32/aws_tests/application_code/espressif_code/amazon-freertos-tests/component.mk @@ -11,7 +11,7 @@ AMAZON_FREERTOS_3RD_PARTY_DIR := ../../../../../../../../libraries/3rdparty AMAZON_FREERTOS_ABSTRACTIONS_DIR := ../../../../../../../../libraries/abstractions AMAZON_FREERTOS_ARF_PLUS_DIR := ../../../../../../../../libraries/freertos_plus AMAZON_FREERTOS_ARF_KERNEL := ../../../../../../../../freertos_kernel -AMAZON_FREERTOS_ARF_PORTS := ../../../../../../../../vendors/espressif/boards/esp32/ports +AMAZON_FREERTOS_ARF_PORTS := ../../../../../../../../vendors/espressif/boards/ports AMAZON_FREERTOS_TESTS_DIR := ../../../../../../../../tests AMAZON_FREERTOS_DEMOS_DIR := ../../../../../../../../demos @@ -154,7 +154,7 @@ tests/common/ota/aws_test_ota_pal.o: CFLAGS+=-Wno-pointer-sign -Wno-sizeof-point tests/common/ota/aws_test_ota_agent.o: CFLAGS+=-Wno-pointer-sign libraries/c_sdk/standard/mqtt/test/unit/iot_tests_mqtt_metrics.o: CFLAGS+=-Wno-nonnull libraries/freertos_plus/standard/tls/test/iot_test_tls.o: CFLAGS+=-Wno-nonnull -vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gatt_server.o: CFLAGS+=-Wno-stringop-overflow +vendors/espressif/boards/ports/ble/iot_ble_hal_gatt_server.o: CFLAGS+=-Wno-stringop-overflow else COMPONENT_SRCDIRS += ../.. \ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt b/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt deleted file mode 100644 index 9488f0bf2da..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/CMakeLists.txt +++ /dev/null @@ -1,54 +0,0 @@ -idf_component_register() - -set(FREERTOS_COMPONENT_DIR "${CMAKE_CURRENT_LIST_DIR}/../freertos") - -target_compile_options( - afr_3rdparty_mbedtls - PUBLIC - ${IDF_COMPILE_OPTIONS} - $<$:${IDF_C_COMPILE_OPTIONS}> - $<$:${IDF_CXX_COMPILE_OPTIONS}> - "-Wno-maybe-uninitialized" -) - -target_include_directories( - afr_3rdparty_mbedtls - BEFORE - PRIVATE - "${AFR_VENDORS_DIR}/espressif/esp-idf/components/vfs/include" - "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/soc/include/soc" - ${FREERTOS_COMPONENT_DIR}/include - PUBLIC - ${IDF_INCLUDE_DIRECTORIES} - ${CMAKE_CURRENT_LIST_DIR}/port/include - "${AFR_VENDORS_DIR}/espressif/esp-idf/components/xtensa/include" - "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/soc/include" - "${AFR_VENDORS_DIR}/espressif/esp-idf/components/soc/src/esp32/include" -) - -target_sources( - afr_3rdparty_mbedtls - PUBLIC - "${CMAKE_CURRENT_LIST_DIR}/port/esp_bignum.c" - "${CMAKE_CURRENT_LIST_DIR}/port/esp_mem.c" - "${CMAKE_CURRENT_LIST_DIR}/port/esp_sha256.c" - "${CMAKE_CURRENT_LIST_DIR}/port/esp_hardware.c" - "${CMAKE_CURRENT_LIST_DIR}/port/esp_sha1.c" - "${CMAKE_CURRENT_LIST_DIR}/port/esp_sha512.c" - "${CMAKE_CURRENT_LIST_DIR}/port/mbedtls_debug.c" - "${CMAKE_CURRENT_LIST_DIR}/port/aes.c" - "${CMAKE_CURRENT_LIST_DIR}/port/sha.c" -) - -target_compile_definitions( - afr_3rdparty_mbedtls - PUBLIC - ${IDF_COMPILE_DEFINITIONS} - -DMBEDTLS_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/port/include/mbedtls/esp_config.h" -) - -target_link_libraries( - ${COMPONENT_TARGET} - INTERFACE - afr_3rdparty_mbedtls -) diff --git a/vendors/espressif/boards/esp32/components/mbedtls/Makefile.projbuild b/vendors/espressif/boards/esp32/components/mbedtls/Makefile.projbuild deleted file mode 100644 index ec9d6f2ce7e..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/Makefile.projbuild +++ /dev/null @@ -1,4 +0,0 @@ -# Anyone compiling mbedTLS code needs the name of the -# alternative config file -CPPFLAGS += -DMBEDTLS_CONFIG_FILE='"mbedtls/esp_config.h"' - diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/aes.c b/vendors/espressif/boards/esp32/components/mbedtls/port/aes.c deleted file mode 100644 index 3ac78397c86..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/aes.c +++ /dev/null @@ -1,754 +0,0 @@ -/** - * \brief AES block cipher, ESP32 hardware accelerated version - * Based on mbedTLS FIPS-197 compliant version. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016-2017, Espressif Systems (Shanghai) PTE Ltd - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -/* - * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. - * - * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf - * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf - */ -#include -#include "mbedtls/aes.h" -#include "mbedtls/platform_util.h" -#include "aes.h" -#include "soc/hwcrypto_periph.h" -#include - -#include - -#include "soc/cpu.h" -#include -#include "driver/periph_ctrl.h" - - -/* AES uses a spinlock mux not a lock as the underlying block operation - only takes 208 cycles (to write key & compute block), +600 cycles - for DPORT protection but +3400 cycles again if you use a full sized lock. - - For CBC, CFB, etc. this may mean that interrupts are disabled for a longer - period of time for bigger lengths. However at the moment this has to happen - anyway due to DPORT protection... -*/ -static portMUX_TYPE aes_spinlock = portMUX_INITIALIZER_UNLOCKED; - -static inline bool valid_key_length(const esp_aes_context *ctx) -{ - return ctx->key_bytes == 128/8 || ctx->key_bytes == 192/8 || ctx->key_bytes == 256/8; -} - -void esp_aes_acquire_hardware( void ) -{ - portENTER_CRITICAL(&aes_spinlock); - - /* Enable AES hardware */ - periph_module_enable(PERIPH_AES_MODULE); -} - -void esp_aes_release_hardware( void ) -{ - /* Disable AES hardware */ - periph_module_disable(PERIPH_AES_MODULE); - - portEXIT_CRITICAL(&aes_spinlock); -} - -void esp_aes_init( esp_aes_context *ctx ) -{ - bzero( ctx, sizeof( esp_aes_context ) ); -} - -void esp_aes_free( esp_aes_context *ctx ) -{ - if ( ctx == NULL ) { - return; - } - - bzero( ctx, sizeof( esp_aes_context ) ); -} - - - -/* - * AES key schedule (same for encryption or decryption, as hardware handles schedule) - * - */ -int esp_aes_setkey( esp_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) -{ - if (keybits != 128 && keybits != 192 && keybits != 256) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - ctx->key_bytes = keybits / 8; - memcpy(ctx->key, key, ctx->key_bytes); - ctx->key_in_hardware = 0; - return 0; -} - -/* - * Helper function to copy key from esp_aes_context buffer - * to hardware key registers. - * - * Call only while holding esp_aes_acquire_hardware(). - */ -static void esp_aes_setkey_hardware(esp_aes_context *ctx, int mode) -{ - const uint32_t MODE_DECRYPT_BIT = 4; - unsigned mode_reg_base = (mode == ESP_AES_ENCRYPT) ? 0 : MODE_DECRYPT_BIT; - - ctx->key_in_hardware = 0; - - for (int i = 0; i < ctx->key_bytes/4; ++i) { - DPORT_REG_WRITE(AES_KEY_BASE + i * 4, *(((uint32_t *)ctx->key) + i)); - ctx->key_in_hardware += 4; - } - - DPORT_REG_WRITE(AES_MODE_REG, mode_reg_base + ((ctx->key_bytes / 8) - 2)); - - /* Fault injection check: all words of key data should have been written to hardware */ - if (ctx->key_in_hardware < 16 - || ctx->key_in_hardware != ctx->key_bytes) { - abort(); - } -} - -/* Run a single 16 byte block of AES, using the hardware engine. - * - * Call only while holding esp_aes_acquire_hardware(). - */ -static int esp_aes_block(esp_aes_context *ctx, const void *input, void *output) -{ - const uint32_t *input_words = (const uint32_t *)input; - uint32_t i0, i1, i2, i3; - uint32_t *output_words = (uint32_t *)output; - - /* If no key is written to hardware yet, either the user hasn't called - mbedtls_aes_setkey_enc/mbedtls_aes_setkey_dec - meaning we also don't - know which mode to use - or a fault skipped the - key write to hardware. Treat this as a fatal error and zero the output block. - */ - if (ctx->key_in_hardware != ctx->key_bytes) { - bzero(output, 16); - return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; - } - - /* Storing i0,i1,i2,i3 in registers not an array - helps a lot with optimisations at -Os level */ - i0 = input_words[0]; - DPORT_REG_WRITE(AES_TEXT_BASE, i0); - - i1 = input_words[1]; - DPORT_REG_WRITE(AES_TEXT_BASE + 4, i1); - - i2 = input_words[2]; - DPORT_REG_WRITE(AES_TEXT_BASE + 8, i2); - - i3 = input_words[3]; - DPORT_REG_WRITE(AES_TEXT_BASE + 12, i3); - - DPORT_REG_WRITE(AES_START_REG, 1); - - while (DPORT_REG_READ(AES_IDLE_REG) != 1) { } - - esp_dport_access_read_buffer(output_words, AES_TEXT_BASE, 4); - - /* Physical security check: Verify the AES accelerator actually ran, and wasn't - skipped due to external fault injection while starting the peripheral. - - Note that i0,i1,i2,i3 are copied from input buffer in case input==output. - - Bypassing this check requires at least one additional fault. - */ - if(i0 == output_words[0] && i1 == output_words[1] && i2 == output_words[2] && i3 == output_words[3]) { - // calling zeroing functions to narrow the - // window for a double-fault of the abort step, here - memset(output, 0, 16); - mbedtls_platform_zeroize(output, 16); - abort(); - } - - return 0; -} - -/* - * AES-ECB block encryption - */ -int esp_internal_aes_encrypt( esp_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - int r; - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); - r = esp_aes_block(ctx, input, output); - esp_aes_release_hardware(); - return r; -} - -/* - * AES-ECB block decryption - */ - -int esp_internal_aes_decrypt( esp_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - int r; - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - esp_aes_setkey_hardware(ctx, ESP_AES_DECRYPT); - r = esp_aes_block(ctx, input, output); - esp_aes_release_hardware(); - return r; -} - -/* - * AES-ECB block encryption/decryption - */ -int esp_aes_crypt_ecb( esp_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) -{ - int r; - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - esp_aes_setkey_hardware(ctx, mode); - r = esp_aes_block(ctx, input, output); - esp_aes_release_hardware(); - - return r; -} - - -/* - * AES-CBC buffer encryption/decryption - */ -int esp_aes_crypt_cbc( esp_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - int i; - uint32_t *output_words = (uint32_t *)output; - const uint32_t *input_words = (const uint32_t *)input; - uint32_t *iv_words = (uint32_t *)iv; - unsigned char temp[16]; - - if ( length % 16 ) { - return ( ERR_ESP_AES_INVALID_INPUT_LENGTH ); - } - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - - esp_aes_setkey_hardware(ctx, mode); - - if ( mode == ESP_AES_DECRYPT ) { - while ( length > 0 ) { - memcpy(temp, input_words, 16); - esp_aes_block(ctx, input_words, output_words); - - for ( i = 0; i < 4; i++ ) { - output_words[i] = output_words[i] ^ iv_words[i]; - } - - memcpy( iv_words, temp, 16 ); - - input_words += 4; - output_words += 4; - length -= 16; - } - } else { // ESP_AES_ENCRYPT - while ( length > 0 ) { - - for ( i = 0; i < 4; i++ ) { - output_words[i] = input_words[i] ^ iv_words[i]; - } - - esp_aes_block(ctx, output_words, output_words); - memcpy( iv_words, output_words, 16 ); - - input_words += 4; - output_words += 4; - length -= 16; - } - } - - esp_aes_release_hardware(); - - return 0; -} - -/* - * AES-CFB128 buffer encryption/decryption - */ -int esp_aes_crypt_cfb128( esp_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - int c; - size_t n = *iv_off; - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - - esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); - - if ( mode == ESP_AES_DECRYPT ) { - while ( length-- ) { - if ( n == 0 ) { - esp_aes_block(ctx, iv, iv); - } - - c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); - iv[n] = (unsigned char) c; - - n = ( n + 1 ) & 0x0F; - } - } else { - while ( length-- ) { - if ( n == 0 ) { - esp_aes_block(ctx, iv, iv); - } - - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); - - n = ( n + 1 ) & 0x0F; - } - } - - *iv_off = n; - - esp_aes_release_hardware(); - - return 0; -} - -/* - * AES-CFB8 buffer encryption/decryption - */ -int esp_aes_crypt_cfb8( esp_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - unsigned char c; - unsigned char ov[17]; - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - - esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); - - while ( length-- ) { - memcpy( ov, iv, 16 ); - esp_aes_block(ctx, iv, iv); - - if ( mode == ESP_AES_DECRYPT ) { - ov[16] = *input; - } - - c = *output++ = (unsigned char)( iv[0] ^ *input++ ); - - if ( mode == ESP_AES_ENCRYPT ) { - ov[16] = c; - } - - memcpy( iv, ov + 1, 16 ); - } - - esp_aes_release_hardware(); - - return 0; -} - -/* - * AES-CTR buffer encryption/decryption - */ -int esp_aes_crypt_ctr( esp_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) -{ - int c, i; - size_t n = *nc_off; - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - ctx->key_in_hardware = 0; - - esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); - - while ( length-- ) { - if ( n == 0 ) { - esp_aes_block(ctx, nonce_counter, stream_block); - - for ( i = 16; i > 0; i-- ) - if ( ++nonce_counter[i - 1] != 0 ) { - break; - } - } - c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); - - n = ( n + 1 ) & 0x0F; - } - - *nc_off = n; - - esp_aes_release_hardware(); - - return 0; -} - -/* - * AES-OFB (Output Feedback Mode) buffer encryption/decryption - */ -int esp_aes_crypt_ofb( esp_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) -{ - int ret = 0; - size_t n; - - if ( ctx == NULL || iv_off == NULL || iv == NULL || - input == NULL || output == NULL ) { - return MBEDTLS_ERR_AES_BAD_INPUT_DATA; - } - - n = *iv_off; - - if( n > 15 ) { - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); - } - - if (!valid_key_length(ctx)) { - return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; - } - - esp_aes_acquire_hardware(); - - esp_aes_setkey_hardware(ctx, ESP_AES_ENCRYPT); - - while( length-- ) { - if( n == 0 ) { - esp_aes_block(ctx, iv, iv); - } - *output++ = *input++ ^ iv[n]; - - n = ( n + 1 ) & 0x0F; - } - - *iv_off = n; - - esp_aes_release_hardware(); - - return( ret ); -} - -/* Below XTS implementation is copied aes.c of mbedtls library. - * When MBEDTLS_AES_ALT is defined mbedtls expects alternate - * definition of XTS functions to be available. Even if this - * could have been avoided, it is done for consistency reason. - */ - -void esp_aes_xts_init( esp_aes_xts_context *ctx ) -{ - esp_aes_init( &ctx->crypt ); - esp_aes_init( &ctx->tweak ); -} - -void esp_aes_xts_free( esp_aes_xts_context *ctx ) -{ - esp_aes_free( &ctx->crypt ); - esp_aes_free( &ctx->tweak ); -} - -static int esp_aes_xts_decode_keys( const unsigned char *key, - unsigned int keybits, - const unsigned char **key1, - unsigned int *key1bits, - const unsigned char **key2, - unsigned int *key2bits ) -{ - const unsigned int half_keybits = keybits / 2; - const unsigned int half_keybytes = half_keybits / 8; - - switch( keybits ) - { - case 256: break; - case 512: break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); - } - - *key1bits = half_keybits; - *key2bits = half_keybits; - *key1 = &key[0]; - *key2 = &key[half_keybytes]; - - return 0; -} - -int esp_aes_xts_setkey_enc( esp_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) -{ - int ret; - const unsigned char *key1, *key2; - unsigned int key1bits, key2bits; - - ret = esp_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set the tweak key. Always set tweak key for the encryption mode. */ - ret = esp_aes_setkey( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set crypt key for encryption. */ - return esp_aes_setkey( &ctx->crypt, key1, key1bits ); -} - -int esp_aes_xts_setkey_dec( esp_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) -{ - int ret; - const unsigned char *key1, *key2; - unsigned int key1bits, key2bits; - - ret = esp_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set the tweak key. Always set tweak key for encryption. */ - ret = esp_aes_setkey( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); - - /* Set crypt key for decryption. */ - return esp_aes_setkey( &ctx->crypt, key1, key1bits ); -} - -/* Endianess with 64 bits values */ -#ifndef GET_UINT64_LE -#define GET_UINT64_LE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) + 7] << 56 ) \ - | ( (uint64_t) (b)[(i) + 6] << 48 ) \ - | ( (uint64_t) (b)[(i) + 5] << 40 ) \ - | ( (uint64_t) (b)[(i) + 4] << 32 ) \ - | ( (uint64_t) (b)[(i) + 3] << 24 ) \ - | ( (uint64_t) (b)[(i) + 2] << 16 ) \ - | ( (uint64_t) (b)[(i) + 1] << 8 ) \ - | ( (uint64_t) (b)[(i) ] ); \ -} -#endif - -#ifndef PUT_UINT64_LE -#define PUT_UINT64_LE(n,b,i) \ -{ \ - (b)[(i) + 7] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) ] = (unsigned char) ( (n) ); \ -} -#endif - -typedef unsigned char esp_be128[16]; - -/* - * GF(2^128) multiplication function - * - * This function multiplies a field element by x in the polynomial field - * representation. It uses 64-bit word operations to gain speed but compensates - * for machine endianess and hence works correctly on both big and little - * endian machines. - */ -static void esp_gf128mul_x_ble( unsigned char r[16], - const unsigned char x[16] ) -{ - uint64_t a, b, ra, rb; - - GET_UINT64_LE( a, x, 0 ); - GET_UINT64_LE( b, x, 8 ); - - ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); - rb = ( a >> 63 ) | ( b << 1 ); - - PUT_UINT64_LE( ra, r, 0 ); - PUT_UINT64_LE( rb, r, 8 ); -} - -/* - * AES-XTS buffer encryption/decryption - */ -int esp_aes_crypt_xts( esp_aes_xts_context *ctx, - int mode, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) -{ - int ret; - size_t blocks = length / 16; - size_t leftover = length % 16; - unsigned char tweak[16]; - unsigned char prev_tweak[16]; - unsigned char tmp[16]; - - /* Sectors must be at least 16 bytes. */ - if( length < 16 ) - return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; - - /* NIST SP 80-38E disallows data units larger than 2**20 blocks. */ - if( length > ( 1 << 20 ) * 16 ) - return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; - - /* Compute the tweak. */ - ret = esp_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, - data_unit, tweak ); - if( ret != 0 ) - return( ret ); - - while( blocks-- ) - { - size_t i; - - if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 ) - { - /* We are on the last block in a decrypt operation that has - * leftover bytes, so we need to use the next tweak for this block, - * and this tweak for the lefover bytes. Save the current tweak for - * the leftovers and then update the current tweak for use on this, - * the last full block. */ - memcpy( prev_tweak, tweak, sizeof( tweak ) ); - esp_gf128mul_x_ble( tweak, tweak ); - } - - for( i = 0; i < 16; i++ ) - tmp[i] = input[i] ^ tweak[i]; - - ret = esp_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) - return( ret ); - - for( i = 0; i < 16; i++ ) - output[i] = tmp[i] ^ tweak[i]; - - /* Update the tweak for the next block. */ - esp_gf128mul_x_ble( tweak, tweak ); - - output += 16; - input += 16; - } - - if( leftover ) - { - /* If we are on the leftover bytes in a decrypt operation, we need to - * use the previous tweak for these bytes (as saved in prev_tweak). */ - unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak; - - /* We are now on the final part of the data unit, which doesn't divide - * evenly by 16. It's time for ciphertext stealing. */ - size_t i; - unsigned char *prev_output = output - 16; - - /* Copy ciphertext bytes from the previous block to our output for each - * byte of cyphertext we won't steal. At the same time, copy the - * remainder of the input for this final round (since the loop bounds - * are the same). */ - for( i = 0; i < leftover; i++ ) - { - output[i] = prev_output[i]; - tmp[i] = input[i] ^ t[i]; - } - - /* Copy ciphertext bytes from the previous block for input in this - * round. */ - for( ; i < 16; i++ ) - tmp[i] = prev_output[i] ^ t[i]; - - ret = esp_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) - return ret; - - /* Write the result back to the previous block, overriding the previous - * output we copied. */ - for( i = 0; i < 16; i++ ) - prev_output[i] = tmp[i] ^ t[i]; - } - - return( 0 ); -} diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c deleted file mode 100644 index 40032de8e56..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_bignum.c +++ /dev/null @@ -1,685 +0,0 @@ -/** - * \brief Multi-precision integer library, ESP32 hardware accelerated parts - * - * based on mbedTLS implementation - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#include -#include -#include -#include -#include -#include -#include -#include "esp32/rom/bigint.h" -#include "soc/hwcrypto_periph.h" -#include "esp_system.h" -#include "esp_log.h" -#include "esp_intr_alloc.h" -#include "esp_attr.h" - -#include - -#include "soc/dport_reg.h" - -#include "freertos/FreeRTOS.h" -#include "freertos/task.h" -#include "freertos/semphr.h" -#include "driver/periph_ctrl.h" - -/* Some implementation notes: - * - * - Naming convention x_words, y_words, z_words for number of words (limbs) used in a particular - * bignum. This number may be less than the size of the bignum - * - * - Naming convention hw_words for the hardware length of the operation. This number is always - * rounded up to a 512 bit multiple, and may be larger than any of the numbers involved in the - * calculation. - * - * - Timing behaviour of these functions will depend on the length of the inputs. This is fundamentally - * the same constraint as the software mbedTLS implementations, and relies on the same - * countermeasures (exponent blinding, etc) which are used in mbedTLS. - */ - -static const __attribute__((unused)) char *TAG = "bignum"; - -#define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ -#define biL (ciL << 3) /* bits in limb */ - -#if defined(CONFIG_MBEDTLS_MPI_USE_INTERRUPT) -static SemaphoreHandle_t op_complete_sem; - -static IRAM_ATTR void rsa_complete_isr(void *arg) -{ - BaseType_t higher_woken; - DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1); - xSemaphoreGiveFromISR(op_complete_sem, &higher_woken); - if (higher_woken) { - portYIELD_FROM_ISR(); - } -} - -static void rsa_isr_initialise() -{ - if (op_complete_sem == NULL) { - op_complete_sem = xSemaphoreCreateBinary(); - esp_intr_alloc(ETS_RSA_INTR_SOURCE, 0, rsa_complete_isr, NULL, NULL); - } -} - -#endif /* CONFIG_MBEDTLS_MPI_USE_INTERRUPT */ - -static _lock_t mpi_lock; - -void esp_mpi_acquire_hardware( void ) -{ - /* newlib locks lazy initialize on ESP-IDF */ - _lock_acquire(&mpi_lock); - - /* Enable RSA hardware */ - periph_module_enable(PERIPH_RSA_MODULE); - DPORT_REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD); - - while(DPORT_REG_READ(RSA_CLEAN_REG) != 1); - // Note: from enabling RSA clock to here takes about 1.3us - -#ifdef CONFIG_MBEDTLS_MPI_USE_INTERRUPT - rsa_isr_initialise(); -#endif -} - -void esp_mpi_release_hardware( void ) -{ - DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD); - - /* Disable RSA hardware */ - periph_module_disable(PERIPH_RSA_MODULE); - - _lock_release(&mpi_lock); -} - -/* Convert bit count to word count - */ -static inline size_t bits_to_words(size_t bits) -{ - return (bits + 31) / 32; -} - -/* Round up number of words to nearest - 512 bit (16 word) block count. -*/ -static inline size_t hardware_words(size_t words) -{ - return (words + 0xF) & ~0xF; -} - -/* Number of words used to hold 'mpi'. - - Equivalent of bits_to_words(mbedtls_mpi_bitlen(mpi)), but uses less cycles if the - exact bit count is not needed. - - Note that mpi->n (size of memory buffer) may be higher than this - number, if the high bits are mostly zeroes. -*/ -static inline size_t word_length(const mbedtls_mpi *mpi) -{ - for(size_t i = mpi->n; i > 0; i--) { - if( mpi->p[i - 1] != 0 ) { - return i; - } - } - return 0; -} - -/* Copy mbedTLS MPI bignum 'mpi' to hardware memory block at 'mem_base'. - - If hw_words is higher than the number of words in the bignum then - these additional words will be zeroed in the memory buffer. - -*/ -static inline void mpi_to_mem_block(uint32_t mem_base, const mbedtls_mpi *mpi, size_t hw_words) -{ - uint32_t *pbase = (uint32_t *)mem_base; - uint32_t copy_words = hw_words < mpi->n ? hw_words : mpi->n; - - /* Copy MPI data to memory block registers */ - for (int i = 0; i < copy_words; i++) { - pbase[i] = mpi->p[i]; - } - - /* Zero any remaining memory block data */ - for (int i = copy_words; i < hw_words; i++) { - pbase[i] = 0; - } - - /* Note: not executing memw here, can do it before we start a bignum operation */ -} - -/* Read mbedTLS MPI bignum back from hardware memory block. - - Reads num_words words from block. - - Bignum 'x' should already be grown to at least num_words by caller (can be done while - calculation is in progress, to save some cycles) -*/ -static inline void mem_block_to_mpi(mbedtls_mpi *x, uint32_t mem_base, int num_words) -{ - assert(x->n >= num_words); - - /* Copy data from memory block registers */ - esp_dport_access_read_buffer(x->p, mem_base, num_words); - - /* Zero any remaining limbs in the bignum, if the buffer is bigger - than num_words */ - for(size_t i = num_words; i < x->n; i++) { - x->p[i] = 0; - } -} - - -/** - * - * There is a need for the value of integer N' such that B^-1(B-1)-N^-1N'=1, - * where B^-1(B-1) mod N=1. Actually, only the least significant part of - * N' is needed, hence the definition N0'=N' mod b. We reproduce below the - * simple algorithm from an article by Dusse and Kaliski to efficiently - * find N0' from N0 and b - */ -static mbedtls_mpi_uint modular_inverse(const mbedtls_mpi *M) -{ - int i; - uint64_t t = 1; - uint64_t two_2_i_minus_1 = 2; /* 2^(i-1) */ - uint64_t two_2_i = 4; /* 2^i */ - uint64_t N = M->p[0]; - - for (i = 2; i <= 32; i++) { - if ((mbedtls_mpi_uint) N * t % two_2_i >= two_2_i_minus_1) { - t += two_2_i_minus_1; - } - - two_2_i_minus_1 <<= 1; - two_2_i <<= 1; - } - - return (mbedtls_mpi_uint)(UINT32_MAX - t + 1); -} - -/* Calculate Rinv = RR^2 mod M, where: - * - * R = b^n where b = 2^32, n=num_words, - * R = 2^N (where N=num_bits) - * RR = R^2 = 2^(2*N) (where N=num_bits=num_words*32) - * - * This calculation is computationally expensive (mbedtls_mpi_mod_mpi) - * so caller should cache the result where possible. - * - * DO NOT call this function while holding esp_mpi_acquire_hardware(). - * - */ -static int calculate_rinv(mbedtls_mpi *Rinv, const mbedtls_mpi *M, int num_words) -{ - int ret; - size_t num_bits = num_words * 32; - mbedtls_mpi RR; - mbedtls_mpi_init(&RR); - MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&RR, num_bits * 2, 1)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(Rinv, &RR, M)); - - cleanup: - mbedtls_mpi_free(&RR); - return ret; -} - - -/* Begin an RSA operation. op_reg specifies which 'START' register - to write to. -*/ -static inline void start_op(uint32_t op_reg) -{ - /* Clear interrupt status */ - DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1); - - /* Note: above REG_WRITE includes a memw, so we know any writes - to the memory blocks are also complete. */ - - DPORT_REG_WRITE(op_reg, 1); -} - -/* Wait for an RSA operation to complete. -*/ -static inline void wait_op_complete(uint32_t op_reg) -{ -#ifdef CONFIG_MBEDTLS_MPI_USE_INTERRUPT - if (!xSemaphoreTake(op_complete_sem, 2000 / portTICK_PERIOD_MS)) { - ESP_LOGE(TAG, "Timed out waiting for RSA operation (op_reg 0x%x int_reg 0x%x)", - op_reg, DPORT_REG_READ(RSA_INTERRUPT_REG)); - abort(); /* indicates a fundamental problem with driver */ - } -#else - while(DPORT_REG_READ(RSA_INTERRUPT_REG) != 1) - { } - - /* clear the interrupt */ - DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1); -#endif - -} - -/* Sub-stages of modulo multiplication/exponentiation operations */ -inline static int modular_multiply_finish(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t hw_words, size_t z_words); - -/* Z = (X * Y) mod M - - Not an mbedTLS function -*/ -int esp_mpi_mul_mpi_mod(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, const mbedtls_mpi *M) -{ - int ret; - size_t x_bits = mbedtls_mpi_bitlen(X); - size_t y_bits = mbedtls_mpi_bitlen(Y); - size_t m_bits = mbedtls_mpi_bitlen(M); - size_t z_bits = MIN(m_bits, x_bits + y_bits); - size_t x_words = bits_to_words(x_bits); - size_t y_words = bits_to_words(y_bits); - size_t m_words = bits_to_words(m_bits); - size_t z_words = bits_to_words(z_bits); - size_t hw_words = hardware_words(MAX(x_words, MAX(y_words, m_words))); /* longest operand */ - mbedtls_mpi Rinv; - mbedtls_mpi_uint Mprime; - - /* Calculate and load the first stage montgomery multiplication */ - mbedtls_mpi_init(&Rinv); - MBEDTLS_MPI_CHK(calculate_rinv(&Rinv, M, hw_words)); - Mprime = modular_inverse(M); - - esp_mpi_acquire_hardware(); - - /* Load M, X, Rinv, Mprime (Mprime is mod 2^32) */ - mpi_to_mem_block(RSA_MEM_M_BLOCK_BASE, M, hw_words); - mpi_to_mem_block(RSA_MEM_X_BLOCK_BASE, X, hw_words); - mpi_to_mem_block(RSA_MEM_RB_BLOCK_BASE, &Rinv, hw_words); - DPORT_REG_WRITE(RSA_M_DASH_REG, (uint32_t)Mprime); - - /* "mode" register loaded with number of 512-bit blocks, minus 1 */ - DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hw_words / 16) - 1); - - /* Execute first stage montgomery multiplication */ - start_op(RSA_MULT_START_REG); - - wait_op_complete(RSA_MULT_START_REG); - - /* execute second stage */ - ret = modular_multiply_finish(Z, X, Y, hw_words, z_words); - - esp_mpi_release_hardware(); - - cleanup: - mbedtls_mpi_free(&Rinv); - return ret; -} - -#if defined(MBEDTLS_MPI_EXP_MOD_ALT) - -/* - * Sliding-window exponentiation: Z = X^Y mod M (HAC 14.85) - * - * _Rinv is optional pre-calculated version of Rinv (via calculate_rinv()). - * - * (See RSA Accelerator section in Technical Reference for more about Mprime, Rinv) - * - */ -int mbedtls_mpi_exp_mod( mbedtls_mpi* Z, const mbedtls_mpi* X, const mbedtls_mpi* Y, const mbedtls_mpi* M, mbedtls_mpi* _Rinv ) -{ - int ret = 0; - size_t x_words = word_length(X); - size_t y_words = word_length(Y); - size_t m_words = word_length(M); - - /* "all numbers must be the same length", so choose longest number - as cardinal length of operation... - */ - size_t hw_words = hardware_words(MAX(m_words, MAX(x_words, y_words))); - - mbedtls_mpi Rinv_new; /* used if _Rinv == NULL */ - mbedtls_mpi *Rinv; /* points to _Rinv (if not NULL) othwerwise &RR_new */ - mbedtls_mpi_uint Mprime; - - if (mbedtls_mpi_cmp_int(M, 0) <= 0 || (M->p[0] & 1) == 0) { - return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - } - - if (mbedtls_mpi_cmp_int(Y, 0) < 0) { - return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - } - - if (mbedtls_mpi_cmp_int(Y, 0) == 0) { - return mbedtls_mpi_lset(Z, 1); - } - - if (hw_words * 32 > 4096) { - return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; - } - - /* Determine RR pointer, either _RR for cached value - or local RR_new */ - if (_Rinv == NULL) { - mbedtls_mpi_init(&Rinv_new); - Rinv = &Rinv_new; - } else { - Rinv = _Rinv; - } - if (Rinv->p == NULL) { - MBEDTLS_MPI_CHK(calculate_rinv(Rinv, M, hw_words)); - } - - Mprime = modular_inverse(M); - - esp_mpi_acquire_hardware(); - - /* "mode" register loaded with number of 512-bit blocks, minus 1 */ - DPORT_REG_WRITE(RSA_MODEXP_MODE_REG, (hw_words / 16) - 1); - - /* Load M, X, Rinv, M-prime (M-prime is mod 2^32) */ - mpi_to_mem_block(RSA_MEM_X_BLOCK_BASE, X, hw_words); - mpi_to_mem_block(RSA_MEM_Y_BLOCK_BASE, Y, hw_words); - mpi_to_mem_block(RSA_MEM_M_BLOCK_BASE, M, hw_words); - mpi_to_mem_block(RSA_MEM_RB_BLOCK_BASE, Rinv, hw_words); - DPORT_REG_WRITE(RSA_M_DASH_REG, Mprime); - - start_op(RSA_START_MODEXP_REG); - - /* X ^ Y may actually be shorter than M, but unlikely when used for crypto */ - if ((ret = mbedtls_mpi_grow(Z, m_words)) != 0) { - esp_mpi_release_hardware(); - goto cleanup; - } - - wait_op_complete(RSA_START_MODEXP_REG); - - mem_block_to_mpi(Z, RSA_MEM_Z_BLOCK_BASE, m_words); - esp_mpi_release_hardware(); - - // Compensate for negative X - if (X->s == -1 && (Y->p[0] & 1) != 0) { - Z->s = -1; - MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(Z, M, Z)); - } else { - Z->s = 1; - } - - cleanup: - if (_Rinv == NULL) { - mbedtls_mpi_free(&Rinv_new); - } - - return ret; -} - -#endif /* MBEDTLS_MPI_EXP_MOD_ALT */ - -/* Second & final step of a modular multiply - load second multiplication - * factor Y, run the operation (modular inverse), read back the result - * into Z. - * - * Called from both mbedtls_mpi_exp_mod and mbedtls_mpi_mod_mpi. - * - * @param Z result value - * @param X first multiplication factor (used to set sign of result). - * @param Y second multiplication factor. - * @param hw_words Size of the hardware operation, in words - * @param z_words Size of the expected result, in words (may be less than hw_words). - * Z will be grown to at least this length. - * - * Caller must have already called esp_mpi_acquire_hardware(). - */ -static int modular_multiply_finish(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t hw_words, size_t z_words) -{ - int ret = 0; - - /* Load Y to X input memory block, rerun */ - mpi_to_mem_block(RSA_MEM_X_BLOCK_BASE, Y, hw_words); - - start_op(RSA_MULT_START_REG); - - MBEDTLS_MPI_CHK( mbedtls_mpi_grow(Z, z_words) ); - - wait_op_complete(RSA_MULT_START_REG); - - mem_block_to_mpi(Z, RSA_MEM_Z_BLOCK_BASE, z_words); - - Z->s = X->s * Y->s; - - cleanup: - return ret; -} - -#if defined(MBEDTLS_MPI_MUL_MPI_ALT) /* MBEDTLS_MPI_MUL_MPI_ALT */ - -static int mpi_mult_mpi_failover_mod_mult(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t z_words); -static int mpi_mult_mpi_overlong(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t Y_bits, size_t z_words); - -/* Z = X * Y */ -int mbedtls_mpi_mul_mpi( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y ) -{ - int ret = 0; - size_t x_bits = mbedtls_mpi_bitlen(X); - size_t y_bits = mbedtls_mpi_bitlen(Y); - size_t x_words = bits_to_words(x_bits); - size_t y_words = bits_to_words(y_bits); - size_t z_words = bits_to_words(x_bits + y_bits); - size_t hw_words = hardware_words(MAX(x_words, y_words)); // length of one operand in hardware - - /* Short-circuit eval if either argument is 0 or 1. - - This is needed as the mpi modular division - argument will sometimes call in here when one - argument is too large for the hardware unit, but the other - argument is zero or one. - */ - if (x_bits == 0 || y_bits == 0) { - mbedtls_mpi_lset(Z, 0); - return 0; - } - if (x_bits == 1) { - ret = mbedtls_mpi_copy(Z, Y); - Z->s *= X->s; - return ret; - } - if (y_bits == 1) { - ret = mbedtls_mpi_copy(Z, X); - Z->s *= Y->s; - return ret; - } - - /* If either factor is over 2048 bits, we can't use the standard hardware multiplier - (it assumes result is double longest factor, and result is max 4096 bits.) - - However, we can fail over to mod_mult for up to 4096 bits of result (modulo - multiplication doesn't have the same restriction, so result is simply the - number of bits in X plus number of bits in in Y.) - */ - if (hw_words * 32 > 2048) { - if (z_words * 32 <= 4096) { - /* Note: it's possible to use mpi_mult_mpi_overlong - for this case as well, but it's very slightly - slower and requires a memory allocation. - */ - return mpi_mult_mpi_failover_mod_mult(Z, X, Y, z_words); - } else { - /* Still too long for the hardware unit... */ - if(y_words > x_words) { - return mpi_mult_mpi_overlong(Z, X, Y, y_words, z_words); - } else { - return mpi_mult_mpi_overlong(Z, Y, X, x_words, z_words); - } - } - } - - /* Otherwise, we can use the (faster) multiply hardware unit */ - - esp_mpi_acquire_hardware(); - - /* Copy X (right-extended) & Y (left-extended) to memory block */ - mpi_to_mem_block(RSA_MEM_X_BLOCK_BASE, X, hw_words); - mpi_to_mem_block(RSA_MEM_Z_BLOCK_BASE + hw_words * 4, Y, hw_words); - /* NB: as Y is left-extended, we don't zero the bottom words_mult words of Y block. - This is OK for now because zeroing is done by hardware when we do esp_mpi_acquire_hardware(). - */ - - DPORT_REG_WRITE(RSA_M_DASH_REG, 0); - - /* "mode" register loaded with number of 512-bit blocks in result, - plus 7 (for range 9-12). (this is ((N~ / 32) - 1) + 8)) - */ - DPORT_REG_WRITE(RSA_MULT_MODE_REG, ((hw_words * 2) / 16) + 7); - - start_op(RSA_MULT_START_REG); - - MBEDTLS_MPI_CHK( mbedtls_mpi_grow(Z, z_words) ); - - wait_op_complete(RSA_MULT_START_REG); - - /* Read back the result */ - mem_block_to_mpi(Z, RSA_MEM_Z_BLOCK_BASE, z_words); - - Z->s = X->s * Y->s; - - cleanup: - esp_mpi_release_hardware(); - - return ret; -} - -/* Special-case of mbedtls_mpi_mult_mpi(), where we use hardware montgomery mod - multiplication to calculate an mbedtls_mpi_mult_mpi result where either - A or B are >2048 bits so can't use the standard multiplication method. - - Result (z_words, based on A bits + B bits) must still be less than 4096 bits. - - This case is simpler than the general case modulo multiply of - esp_mpi_mul_mpi_mod() because we can control the other arguments: - - * Modulus is chosen with M=(2^num_bits - 1) (ie M=R-1), so output - isn't actually modulo anything. - * Mprime and Rinv are therefore predictable as follows: - Mprime = 1 - Rinv = 1 - - (See RSA Accelerator section in Technical Reference for more about Mprime, Rinv) -*/ -static int mpi_mult_mpi_failover_mod_mult(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t z_words) -{ - int ret = 0; - size_t hw_words = hardware_words(z_words); - - /* Load coefficients to hardware */ - esp_mpi_acquire_hardware(); - - /* M = 2^num_words - 1, so block is entirely FF */ - for(int i = 0; i < hw_words; i++) { - DPORT_REG_WRITE(RSA_MEM_M_BLOCK_BASE + i * 4, UINT32_MAX); - } - /* Mprime = 1 */ - DPORT_REG_WRITE(RSA_M_DASH_REG, 1); - - /* "mode" register loaded with number of 512-bit blocks, minus 1 */ - DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hw_words / 16) - 1); - - /* Load X */ - mpi_to_mem_block(RSA_MEM_X_BLOCK_BASE, X, hw_words); - - /* Rinv = 1 */ - DPORT_REG_WRITE(RSA_MEM_RB_BLOCK_BASE, 1); - for(int i = 1; i < hw_words; i++) { - DPORT_REG_WRITE(RSA_MEM_RB_BLOCK_BASE + i * 4, 0); - } - - start_op(RSA_MULT_START_REG); - - wait_op_complete(RSA_MULT_START_REG); - - /* finish the modular multiplication */ - ret = modular_multiply_finish(Z, X, Y, hw_words, z_words); - - esp_mpi_release_hardware(); - - return ret; -} - -/* Deal with the case when X & Y are too long for the hardware unit, by splitting one operand - into two halves. - - Y must be the longer operand - - Slice Y into Yp, Ypp such that: - Yp = lower 'b' bits of Y - Ypp = upper 'b' bits of Y (right shifted) - - Such that - Z = X * Y - Z = X * (Yp + Ypp<p, - .n = words_slice, - .s = Y->s - }; - /* Ypp holds upper bits of Y, right shifted (also reuses Y's array contents) */ - const mbedtls_mpi Ypp = { - .p = Y->p + words_slice, - .n = y_words - words_slice, - .s = Y->s - }; - mbedtls_mpi_init(&Ztemp); - - /* Grow Z to result size early, avoid interim allocations */ - mbedtls_mpi_grow(Z, z_words); - - /* Get result Ztemp = Yp * X (need temporary variable Ztemp) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi(&Ztemp, X, &Yp) ); - - /* Z = Ypp * Y */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi(Z, X, &Ypp) ); - - /* Z = Z << b */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l(Z, words_slice * 32) ); - - /* Z += Ztemp */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi(Z, Z, &Ztemp) ); - - cleanup: - mbedtls_mpi_free(&Ztemp); - - return ret; -} - -#endif /* MBEDTLS_MPI_MUL_MPI_ALT */ - diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_hardware.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_hardware.c deleted file mode 100644 index a919ca34030..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_hardware.c +++ /dev/null @@ -1,26 +0,0 @@ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include -#include -#include -#include - -#include "mbedtls/entropy_poll.h" - -#ifndef MBEDTLS_ENTROPY_HARDWARE_ALT -#error "MBEDTLS_ENTROPY_HARDWARE_ALT should always be set in ESP-IDF" -#endif - -int mbedtls_hardware_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - esp_fill_random(output, len); - *olen = len; - return 0; -} - - diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_mem.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_mem.c deleted file mode 100644 index ef9392e25b4..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_mem.c +++ /dev/null @@ -1,48 +0,0 @@ -// Copyright 2018 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include -#include -#include -#include "esp_mem.h" - -#ifndef CONFIG_MBEDTLS_CUSTOM_MEM_ALLOC - -IRAM_ATTR void *esp_mbedtls_mem_calloc(size_t n, size_t size) -{ -#ifdef CONFIG_MBEDTLS_INTERNAL_MEM_ALLOC - return heap_caps_calloc(n, size, MALLOC_CAP_INTERNAL|MALLOC_CAP_8BIT); -#elif CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC - return heap_caps_calloc(n, size, MALLOC_CAP_SPIRAM|MALLOC_CAP_8BIT); -#elif CONFIG_MBEDTLS_IRAM_8BIT_MEM_ALLOC -#ifdef CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN - if ((n*size) >= CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN || (n*size) >= CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN) { -#else - if ((n*size) >= CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN) { -#endif - return heap_caps_calloc_prefer(n, size, 2, MALLOC_CAP_INTERNAL|MALLOC_CAP_IRAM_8BIT, MALLOC_CAP_INTERNAL|MALLOC_CAP_8BIT); - } else { - return heap_caps_calloc(n, size, MALLOC_CAP_INTERNAL|MALLOC_CAP_8BIT); - } -#else - return calloc(n, size); -#endif -} - -IRAM_ATTR void esp_mbedtls_mem_free(void *ptr) -{ - return heap_caps_free(ptr); -} - -#endif /* !CONFIG_MBEDTLS_CUSTOM_MEM_ALLOC */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha1.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha1.c deleted file mode 100644 index fddc32dd5d3..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha1.c +++ /dev/null @@ -1,451 +0,0 @@ -/* - * SHA-1 implementation with hardware ESP32 support added. - * Uses mbedTLS software implementation for failover when concurrent - * SHA operations are in use. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE LTD - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -/* - * The SHA-1 standard was published by NIST in 1993. - * - * http://www.itl.nist.gov/fipspubs/fip180-1.htm - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_SHA1_ALT) - -#include "mbedtls/sha1.h" - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#include "hwcrypto/sha.h" - -/* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; -} - -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} -#endif - -void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); -} - -void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) -{ - if( ctx == NULL ) - return; - - if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { - esp_sha_unlock_engine(SHA1); - } - mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); -} - -void mbedtls_sha1_clone( mbedtls_sha1_context *dst, - const mbedtls_sha1_context *src ) -{ - *dst = *src; - - if (src->mode == ESP_MBEDTLS_SHA1_HARDWARE) { - /* Copy hardware digest state out to cloned state, - which will be a software digest. - */ - esp_sha_read_digest_state(SHA1, dst->state); - dst->mode = ESP_MBEDTLS_SHA1_SOFTWARE; - } -} - - -/* - * SHA-1 context setup - */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) -{ - ctx->total[0] = 0; - ctx->total[1] = 0; - - ctx->state[0] = 0x67452301; - ctx->state[1] = 0xEFCDAB89; - ctx->state[2] = 0x98BADCFE; - ctx->state[3] = 0x10325476; - ctx->state[4] = 0xC3D2E1F0; - - if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { - esp_sha_unlock_engine(SHA1); - } - ctx->mode = ESP_MBEDTLS_SHA1_UNUSED; - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) -{ - mbedtls_sha1_starts_ret( ctx ); -} -#endif - -static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ); - -int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) -{ - bool first_block = false; - if (ctx->mode == ESP_MBEDTLS_SHA1_UNUSED) { - /* try to use hardware for this digest */ - if (esp_sha_try_lock_engine(SHA1)) { - ctx->mode = ESP_MBEDTLS_SHA1_HARDWARE; - first_block = true; - } else { - ctx->mode = ESP_MBEDTLS_SHA1_SOFTWARE; - } - } - - if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { - esp_sha_block(SHA1, data, first_block); - } else { - mbedtls_sha1_software_process(ctx, data); - } - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ) -{ - mbedtls_internal_sha1_process( ctx, data ); -} -#endif - - -static void mbedtls_sha1_software_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) -{ - uint32_t temp, W[16], A, B, C, D, E; - - GET_UINT32_BE( W[ 0], data, 0 ); - GET_UINT32_BE( W[ 1], data, 4 ); - GET_UINT32_BE( W[ 2], data, 8 ); - GET_UINT32_BE( W[ 3], data, 12 ); - GET_UINT32_BE( W[ 4], data, 16 ); - GET_UINT32_BE( W[ 5], data, 20 ); - GET_UINT32_BE( W[ 6], data, 24 ); - GET_UINT32_BE( W[ 7], data, 28 ); - GET_UINT32_BE( W[ 8], data, 32 ); - GET_UINT32_BE( W[ 9], data, 36 ); - GET_UINT32_BE( W[10], data, 40 ); - GET_UINT32_BE( W[11], data, 44 ); - GET_UINT32_BE( W[12], data, 48 ); - GET_UINT32_BE( W[13], data, 52 ); - GET_UINT32_BE( W[14], data, 56 ); - GET_UINT32_BE( W[15], data, 60 ); - -#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) - -#define R(t) \ -( \ - temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \ - W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \ - ( W[t & 0x0F] = S(temp,1) ) \ -) - -#define P(a,b,c,d,e,x) \ -{ \ - e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ -} - - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - -#define F(x,y,z) (z ^ (x & (y ^ z))) -#define K 0x5A827999 - - P( A, B, C, D, E, W[0] ); - P( E, A, B, C, D, W[1] ); - P( D, E, A, B, C, W[2] ); - P( C, D, E, A, B, W[3] ); - P( B, C, D, E, A, W[4] ); - P( A, B, C, D, E, W[5] ); - P( E, A, B, C, D, W[6] ); - P( D, E, A, B, C, W[7] ); - P( C, D, E, A, B, W[8] ); - P( B, C, D, E, A, W[9] ); - P( A, B, C, D, E, W[10] ); - P( E, A, B, C, D, W[11] ); - P( D, E, A, B, C, W[12] ); - P( C, D, E, A, B, W[13] ); - P( B, C, D, E, A, W[14] ); - P( A, B, C, D, E, W[15] ); - P( E, A, B, C, D, R(16) ); - P( D, E, A, B, C, R(17) ); - P( C, D, E, A, B, R(18) ); - P( B, C, D, E, A, R(19) ); - -#undef K -#undef F - -#define F(x,y,z) (x ^ y ^ z) -#define K 0x6ED9EBA1 - - P( A, B, C, D, E, R(20) ); - P( E, A, B, C, D, R(21) ); - P( D, E, A, B, C, R(22) ); - P( C, D, E, A, B, R(23) ); - P( B, C, D, E, A, R(24) ); - P( A, B, C, D, E, R(25) ); - P( E, A, B, C, D, R(26) ); - P( D, E, A, B, C, R(27) ); - P( C, D, E, A, B, R(28) ); - P( B, C, D, E, A, R(29) ); - P( A, B, C, D, E, R(30) ); - P( E, A, B, C, D, R(31) ); - P( D, E, A, B, C, R(32) ); - P( C, D, E, A, B, R(33) ); - P( B, C, D, E, A, R(34) ); - P( A, B, C, D, E, R(35) ); - P( E, A, B, C, D, R(36) ); - P( D, E, A, B, C, R(37) ); - P( C, D, E, A, B, R(38) ); - P( B, C, D, E, A, R(39) ); - -#undef K -#undef F - -#define F(x,y,z) ((x & y) | (z & (x | y))) -#define K 0x8F1BBCDC - - P( A, B, C, D, E, R(40) ); - P( E, A, B, C, D, R(41) ); - P( D, E, A, B, C, R(42) ); - P( C, D, E, A, B, R(43) ); - P( B, C, D, E, A, R(44) ); - P( A, B, C, D, E, R(45) ); - P( E, A, B, C, D, R(46) ); - P( D, E, A, B, C, R(47) ); - P( C, D, E, A, B, R(48) ); - P( B, C, D, E, A, R(49) ); - P( A, B, C, D, E, R(50) ); - P( E, A, B, C, D, R(51) ); - P( D, E, A, B, C, R(52) ); - P( C, D, E, A, B, R(53) ); - P( B, C, D, E, A, R(54) ); - P( A, B, C, D, E, R(55) ); - P( E, A, B, C, D, R(56) ); - P( D, E, A, B, C, R(57) ); - P( C, D, E, A, B, R(58) ); - P( B, C, D, E, A, R(59) ); - -#undef K -#undef F - -#define F(x,y,z) (x ^ y ^ z) -#define K 0xCA62C1D6 - - P( A, B, C, D, E, R(60) ); - P( E, A, B, C, D, R(61) ); - P( D, E, A, B, C, R(62) ); - P( C, D, E, A, B, R(63) ); - P( B, C, D, E, A, R(64) ); - P( A, B, C, D, E, R(65) ); - P( E, A, B, C, D, R(66) ); - P( D, E, A, B, C, R(67) ); - P( C, D, E, A, B, R(68) ); - P( B, C, D, E, A, R(69) ); - P( A, B, C, D, E, R(70) ); - P( E, A, B, C, D, R(71) ); - P( D, E, A, B, C, R(72) ); - P( C, D, E, A, B, R(73) ); - P( B, C, D, E, A, R(74) ); - P( A, B, C, D, E, R(75) ); - P( E, A, B, C, D, R(76) ); - P( D, E, A, B, C, R(77) ); - P( C, D, E, A, B, R(78) ); - P( B, C, D, E, A, R(79) ); - -#undef K -#undef F - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; -} - -/* - * SHA-1 process buffer - */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) -{ - int ret; - size_t fill; - uint32_t left; - - if( ilen == 0 ) - return 0; - - left = ctx->total[0] & 0x3F; - fill = 64 - left; - - ctx->total[0] += (uint32_t) ilen; - ctx->total[0] &= 0xFFFFFFFF; - - if( ctx->total[0] < (uint32_t) ilen ) - ctx->total[1]++; - - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); - - if ( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) { - return ret; - } - - input += fill; - ilen -= fill; - left = 0; - } - - while( ilen >= 64 ) - { - if ( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 ) { - return ret; - } - - input += 64; - ilen -= 64; - } - - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_update( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ) -{ - mbedtls_sha1_update_ret( ctx, input, ilen ); -} -#endif - -static const unsigned char sha1_padding[64] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* -* SHA-1 final digest - */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ) -{ - int ret; - uint32_t last, padn; - uint32_t high, low; - unsigned char msglen[8]; - - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); - - PUT_UINT32_BE( high, msglen, 0 ); - PUT_UINT32_BE( low, msglen, 4 ); - - last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - - if ( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 ) { - goto out; - } - if ( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 ) { - goto out; - } - - /* if state is in hardware, read it out */ - if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { - esp_sha_read_digest_state(SHA1, ctx->state); - } - - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); - -out: - if (ctx->mode == ESP_MBEDTLS_SHA1_HARDWARE) { - esp_sha_unlock_engine(SHA1); - ctx->mode = ESP_MBEDTLS_SHA1_SOFTWARE; - } - - return ret; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, - unsigned char output[20] ) -{ - mbedtls_sha1_finish_ret( ctx, output ); -} -#endif - -#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha256.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha256.c deleted file mode 100644 index 4eb37c077db..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha256.c +++ /dev/null @@ -1,422 +0,0 @@ -/* - * SHA-256 implementation with hardware ESP32 support added. - * Uses mbedTLS software implementation for failover when concurrent - * SHA operations are in use. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE LTD - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -/* - * The SHA-256 Secure Hash Standard was published by NIST in 2002. - * - * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_SHA256_ALT) - -#include "mbedtls/sha256.h" - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#include "hwcrypto/sha.h" - -/* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} - -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -do { \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} while( 0 ) -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -do { \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} while( 0 ) -#endif - -void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); -} - -void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) -{ - if( ctx == NULL ) - return; - - if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { - esp_sha_unlock_engine(SHA2_256); - } - mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) ); -} - -void mbedtls_sha256_clone( mbedtls_sha256_context *dst, - const mbedtls_sha256_context *src ) -{ - *dst = *src; - - if (src->mode == ESP_MBEDTLS_SHA256_HARDWARE) { - /* Copy hardware digest state out to cloned state, - which will become a software digest. - */ - esp_sha_read_digest_state(SHA2_256, dst->state); - dst->mode = ESP_MBEDTLS_SHA256_SOFTWARE; - } -} - -/* - * SHA-256 context setup - */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) -{ - ctx->total[0] = 0; - ctx->total[1] = 0; - - if( is224 == 0 ) - { - /* SHA-256 */ - ctx->state[0] = 0x6A09E667; - ctx->state[1] = 0xBB67AE85; - ctx->state[2] = 0x3C6EF372; - ctx->state[3] = 0xA54FF53A; - ctx->state[4] = 0x510E527F; - ctx->state[5] = 0x9B05688C; - ctx->state[6] = 0x1F83D9AB; - ctx->state[7] = 0x5BE0CD19; - } - else - { - /* SHA-224 */ - ctx->state[0] = 0xC1059ED8; - ctx->state[1] = 0x367CD507; - ctx->state[2] = 0x3070DD17; - ctx->state[3] = 0xF70E5939; - ctx->state[4] = 0xFFC00B31; - ctx->state[5] = 0x68581511; - ctx->state[6] = 0x64F98FA7; - ctx->state[7] = 0xBEFA4FA4; - } - - ctx->is224 = is224; - if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { - esp_sha_unlock_engine(SHA2_256); - } - ctx->mode = ESP_MBEDTLS_SHA256_UNUSED; - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, - int is224 ) -{ - mbedtls_sha256_starts_ret( ctx, is224 ); -} -#endif - -static const uint32_t K[] = -{ - 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5, - 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5, - 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3, - 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174, - 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC, - 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA, - 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7, - 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967, - 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13, - 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85, - 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3, - 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070, - 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5, - 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3, - 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208, - 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2, -}; - -#define SHR(x,n) ((x & 0xFFFFFFFF) >> n) -#define ROTR(x,n) (SHR(x,n) | (x << (32 - n))) - -#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3)) -#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10)) - -#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22)) -#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25)) - -#define F0(x,y,z) ((x & y) | (z & (x | y))) -#define F1(x,y,z) (z ^ (x & (y ^ z))) - -#define R(t) \ -( \ - W[t] = S1(W[t - 2]) + W[t - 7] + \ - S0(W[t - 15]) + W[t - 16] \ -) - -#define P(a,b,c,d,e,f,g,h,x,K) \ -{ \ - temp1 = h + S3(e) + F1(e,f,g) + K + x; \ - temp2 = S2(a) + F0(a,b,c); \ - d += temp1; h = temp1 + temp2; \ -} - -static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ); - -int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) -{ - bool first_block = false; - - if (ctx->mode == ESP_MBEDTLS_SHA256_UNUSED) { - /* try to use hardware for this digest */ - if (!ctx->is224 && esp_sha_try_lock_engine(SHA2_256)) { - ctx->mode = ESP_MBEDTLS_SHA256_HARDWARE; - first_block = true; - } else { - ctx->mode = ESP_MBEDTLS_SHA256_SOFTWARE; - } - } - - if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { - esp_sha_block(SHA2_256, data, first_block); - } else { - mbedtls_sha256_software_process(ctx, data); - } - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ) -{ - mbedtls_internal_sha256_process( ctx, data ); -} -#endif - -static void mbedtls_sha256_software_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) -{ - uint32_t temp1, temp2, W[64]; - uint32_t A[8]; - unsigned int i; - - for( i = 0; i < 8; i++ ) - A[i] = ctx->state[i]; - -#if defined(MBEDTLS_SHA256_SMALLER) - for( i = 0; i < 64; i++ ) - { - if( i < 16 ) - GET_UINT32_BE( W[i], data, 4 * i ); - else - R( i ); - - P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); - - temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3]; - A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1; - } -#else /* MBEDTLS_SHA256_SMALLER */ - for( i = 0; i < 16; i++ ) - GET_UINT32_BE( W[i], data, 4 * i ); - - for( i = 0; i < 16; i += 8 ) - { - P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i+0], K[i+0] ); - P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i+1], K[i+1] ); - P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i+2], K[i+2] ); - P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i+3], K[i+3] ); - P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i+4], K[i+4] ); - P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i+5], K[i+5] ); - P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] ); - P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] ); - } - - for( i = 16; i < 64; i += 8 ) - { - P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], R(i+0), K[i+0] ); - P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], R(i+1), K[i+1] ); - P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], R(i+2), K[i+2] ); - P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], R(i+3), K[i+3] ); - P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], R(i+4), K[i+4] ); - P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] ); - P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] ); - P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] ); - } -#endif /* MBEDTLS_SHA256_SMALLER */ - - for( i = 0; i < 8; i++ ) - ctx->state[i] += A[i]; -} - -/* - * SHA-256 process buffer - */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, - size_t ilen ) -{ - int ret; - size_t fill; - uint32_t left; - - if( ilen == 0 ) - return 0; - - left = ctx->total[0] & 0x3F; - fill = 64 - left; - - ctx->total[0] += (uint32_t) ilen; - ctx->total[0] &= 0xFFFFFFFF; - - if( ctx->total[0] < (uint32_t) ilen ) - ctx->total[1]++; - - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); - - if ( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) { - return ret; - } - - input += fill; - ilen -= fill; - left = 0; - } - - while( ilen >= 64 ) - { - if ( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 ) { - return ret; - } - - input += 64; - ilen -= 64; - } - - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_update( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ) -{ - mbedtls_sha256_update_ret( ctx, input, ilen ); -} -#endif - -static const unsigned char sha256_padding[64] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* - * SHA-256 final digest - */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ) -{ - int ret; - uint32_t last, padn; - uint32_t high, low; - unsigned char msglen[8]; - - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); - - PUT_UINT32_BE( high, msglen, 0 ); - PUT_UINT32_BE( low, msglen, 4 ); - - last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - - if ( ( ret = mbedtls_sha256_update_ret( ctx, sha256_padding, padn ) ) != 0 ) { - goto out; - } - - if ( ( ret = mbedtls_sha256_update_ret( ctx, msglen, 8 ) ) != 0 ) { - goto out; - } - - /* if state is in hardware, read it out */ - if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { - esp_sha_read_digest_state(SHA2_256, ctx->state); - } - - PUT_UINT32_BE( ctx->state[0], output, 0 ); - PUT_UINT32_BE( ctx->state[1], output, 4 ); - PUT_UINT32_BE( ctx->state[2], output, 8 ); - PUT_UINT32_BE( ctx->state[3], output, 12 ); - PUT_UINT32_BE( ctx->state[4], output, 16 ); - PUT_UINT32_BE( ctx->state[5], output, 20 ); - PUT_UINT32_BE( ctx->state[6], output, 24 ); - - if( ctx->is224 == 0 ) - PUT_UINT32_BE( ctx->state[7], output, 28 ); - -out: - if (ctx->mode == ESP_MBEDTLS_SHA256_HARDWARE) { - esp_sha_unlock_engine(SHA2_256); - ctx->mode = ESP_MBEDTLS_SHA256_SOFTWARE; - } - - return ret; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, - unsigned char output[32] ) -{ - mbedtls_sha256_finish_ret( ctx, output ); -} -#endif - -#endif /* MBEDTLS_SHA256_C && MBEDTLS_SHA256_ALT */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha512.c b/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha512.c deleted file mode 100644 index a61f5f5c2e8..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/esp_sha512.c +++ /dev/null @@ -1,469 +0,0 @@ -/* - * SHA-512 implementation with hardware ESP32 support added. - * Uses mbedTLS software implementation for failover when concurrent - * SHA operations are in use. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE LTD - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -/* - * The SHA-512 Secure Hash Standard was published by NIST in 2002. - * - * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_SHA512_ALT) - -#include "mbedtls/sha512.h" - -#if defined(_MSC_VER) || defined(__WATCOMC__) - #define UL64(x) x##ui64 -#else - #define UL64(x) x##ULL -#endif - -#include - -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ - -#include "hwcrypto/sha.h" - -inline static esp_sha_type sha_type(const mbedtls_sha512_context *ctx) -{ - return ctx->is384 ? SHA2_384 : SHA2_512; -} - -/* Implementation that should never be optimized out by the compiler */ -static void mbedtls_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} - -/* - * 64-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT64_BE -#define GET_UINT64_BE(n,b,i) \ -{ \ - (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ - | ( (uint64_t) (b)[(i) + 1] << 48 ) \ - | ( (uint64_t) (b)[(i) + 2] << 40 ) \ - | ( (uint64_t) (b)[(i) + 3] << 32 ) \ - | ( (uint64_t) (b)[(i) + 4] << 24 ) \ - | ( (uint64_t) (b)[(i) + 5] << 16 ) \ - | ( (uint64_t) (b)[(i) + 6] << 8 ) \ - | ( (uint64_t) (b)[(i) + 7] ); \ -} -#endif /* GET_UINT64_BE */ - -#ifndef PUT_UINT64_BE -#define PUT_UINT64_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ - (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 7] = (unsigned char) ( (n) ); \ -} -#endif /* PUT_UINT64_BE */ - -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) -{ - memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); -} - -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) -{ - if( ctx == NULL ) - return; - - if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { - esp_sha_unlock_engine(sha_type(ctx)); - } - mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) ); -} - -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ) -{ - *dst = *src; - - if (src->mode == ESP_MBEDTLS_SHA512_HARDWARE) { - /* Copy hardware digest state out to cloned state, - which will be a software digest. - - Always read 512 bits of state, even for SHA-384 - (SHA-384 state is identical to SHA-512, only - digest is truncated.) - */ - esp_sha_read_digest_state(SHA2_512, dst->state); - dst->mode = ESP_MBEDTLS_SHA512_SOFTWARE; - } -} - - -/* - * SHA-512 context setup - */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) -{ - ctx->total[0] = 0; - ctx->total[1] = 0; - - if( is384 == 0 ) - { - /* SHA-512 */ - ctx->state[0] = UL64(0x6A09E667F3BCC908); - ctx->state[1] = UL64(0xBB67AE8584CAA73B); - ctx->state[2] = UL64(0x3C6EF372FE94F82B); - ctx->state[3] = UL64(0xA54FF53A5F1D36F1); - ctx->state[4] = UL64(0x510E527FADE682D1); - ctx->state[5] = UL64(0x9B05688C2B3E6C1F); - ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); - ctx->state[7] = UL64(0x5BE0CD19137E2179); - } - else - { - /* SHA-384 */ - ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); - ctx->state[1] = UL64(0x629A292A367CD507); - ctx->state[2] = UL64(0x9159015A3070DD17); - ctx->state[3] = UL64(0x152FECD8F70E5939); - ctx->state[4] = UL64(0x67332667FFC00B31); - ctx->state[5] = UL64(0x8EB44A8768581511); - ctx->state[6] = UL64(0xDB0C2E0D64F98FA7); - ctx->state[7] = UL64(0x47B5481DBEFA4FA4); - } - - ctx->is384 = is384; - if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { - esp_sha_unlock_engine(sha_type(ctx)); - } - ctx->mode = ESP_MBEDTLS_SHA512_UNUSED; - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, - int is384 ) -{ - mbedtls_sha512_starts_ret( ctx, is384 ); -} -#endif - -/* - * Round constants - */ -static const uint64_t K[80] = -{ - UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD), - UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC), - UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019), - UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118), - UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE), - UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2), - UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1), - UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694), - UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3), - UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65), - UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483), - UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5), - UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210), - UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4), - UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725), - UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70), - UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926), - UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF), - UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8), - UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B), - UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001), - UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30), - UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910), - UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8), - UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53), - UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8), - UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB), - UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3), - UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60), - UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC), - UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9), - UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B), - UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207), - UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178), - UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6), - UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B), - UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493), - UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C), - UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), - UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) -}; - -static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ); - -int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) -{ - bool first_block = false; - - if (ctx->mode == ESP_MBEDTLS_SHA512_UNUSED) { - /* try to use hardware for this digest */ - if (esp_sha_try_lock_engine(sha_type(ctx))) { - ctx->mode = ESP_MBEDTLS_SHA512_HARDWARE; - first_block = true; - } else { - ctx->mode = ESP_MBEDTLS_SHA512_SOFTWARE; - } - } - - if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { - esp_sha_block(sha_type(ctx), data, first_block); - } else { - mbedtls_sha512_software_process(ctx, data); - } - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ) -{ - mbedtls_internal_sha512_process( ctx, data ); -} -#endif - - -static void mbedtls_sha512_software_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) -{ - int i; - uint64_t temp1, temp2, W[80]; - uint64_t A, B, C, D, E, F, G, H; - -#define SHR(x,n) (x >> n) -#define ROTR(x,n) (SHR(x,n) | (x << (64 - n))) - -#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) -#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) - -#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) -#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) - -#define F0(x,y,z) ((x & y) | (z & (x | y))) -#define F1(x,y,z) (z ^ (x & (y ^ z))) - -#define P(a,b,c,d,e,f,g,h,x,K) \ -{ \ - temp1 = h + S3(e) + F1(e,f,g) + K + x; \ - temp2 = S2(a) + F0(a,b,c); \ - d += temp1; h = temp1 + temp2; \ -} - - for( i = 0; i < 16; i++ ) - { - GET_UINT64_BE( W[i], data, i << 3 ); - } - - for( ; i < 80; i++ ) - { - W[i] = S1(W[i - 2]) + W[i - 7] + - S0(W[i - 15]) + W[i - 16]; - } - - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - F = ctx->state[5]; - G = ctx->state[6]; - H = ctx->state[7]; - i = 0; - - do - { - P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++; - P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++; - P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++; - P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++; - P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++; - P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++; - P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++; - P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++; - } - while( i < 80 ); - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; - ctx->state[5] += F; - ctx->state[6] += G; - ctx->state[7] += H; -} - -/* - * SHA-512 process buffer - */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input, - size_t ilen ) -{ - int ret; - size_t fill; - unsigned int left; - - if( ilen == 0 ) - return 0; - - left = (unsigned int) (ctx->total[0] & 0x7F); - fill = 128 - left; - - ctx->total[0] += (uint64_t) ilen; - - if( ctx->total[0] < (uint64_t) ilen ) - ctx->total[1]++; - - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); - if ( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) { - return ret; - } - - input += fill; - ilen -= fill; - left = 0; - } - - while( ilen >= 128 ) - { - if ( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 ) { - return ret; - } - - input += 128; - ilen -= 128; - } - - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); - - return 0; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_update( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ) -{ - mbedtls_sha512_update_ret( ctx, input, ilen ); -} -#endif - - -static const unsigned char sha512_padding[128] = -{ - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* - * SHA-512 final digest - */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] ) -{ - int ret; - size_t last, padn; - uint64_t high, low; - unsigned char msglen[16]; - - high = ( ctx->total[0] >> 61 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); - - PUT_UINT64_BE( high, msglen, 0 ); - PUT_UINT64_BE( low, msglen, 8 ); - - last = (size_t)( ctx->total[0] & 0x7F ); - padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); - - if ( ( ret = mbedtls_sha512_update_ret( ctx, sha512_padding, padn ) ) != 0 ) { - goto out; - } - - if ( ( ret = mbedtls_sha512_update_ret( ctx, msglen, 16 ) ) != 0 ) { - goto out; - } - - /* if state is in hardware, read it out */ - if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { - esp_sha_read_digest_state(sha_type(ctx), ctx->state); - } - - PUT_UINT64_BE( ctx->state[0], output, 0 ); - PUT_UINT64_BE( ctx->state[1], output, 8 ); - PUT_UINT64_BE( ctx->state[2], output, 16 ); - PUT_UINT64_BE( ctx->state[3], output, 24 ); - PUT_UINT64_BE( ctx->state[4], output, 32 ); - PUT_UINT64_BE( ctx->state[5], output, 40 ); - - if( ctx->is384 == 0 ) - { - PUT_UINT64_BE( ctx->state[6], output, 48 ); - PUT_UINT64_BE( ctx->state[7], output, 56 ); - } - -out: - if (ctx->mode == ESP_MBEDTLS_SHA512_HARDWARE) { - esp_sha_unlock_engine(sha_type(ctx)); - ctx->mode = ESP_MBEDTLS_SHA512_SOFTWARE; - } - - return ret; -} - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, - unsigned char output[64] ) -{ - mbedtls_sha512_finish_ret( ctx, output ); -} -#endif - -#endif /* MBEDTLS_SHA512_C && MBEDTLS_SHA512_ALT */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h deleted file mode 100644 index f423b8a7ff4..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes.h +++ /dev/null @@ -1,353 +0,0 @@ -/** - * \brief AES block cipher, ESP32 hardware accelerated version - * Based on mbedTLS FIPS-197 compliant version. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * - */ - -#ifndef ESP_AES_H -#define ESP_AES_H - -#include "esp_types.h" -#include "esp32/rom/aes.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* padlock.c and aesni.c rely on these values! */ -#define ESP_AES_ENCRYPT 1 -#define ESP_AES_DECRYPT 0 - -#define ERR_ESP_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ -#define ERR_ESP_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ - -/** - * \brief AES context structure - * - */ -typedef struct { - uint8_t key_bytes; - volatile uint8_t key_in_hardware; /* This variable is used for fault injection checks, so marked volatile to avoid optimisation */ - uint8_t key[32]; -} esp_aes_context; - -/** - * \brief The AES XTS context-type definition. - */ -typedef struct -{ - esp_aes_context crypt; /*!< The AES context to use for AES block - encryption or decryption. */ - esp_aes_context tweak; /*!< The AES context used for tweak - computation. */ -} esp_aes_xts_context; - - -/** - * \brief Lock access to AES hardware unit - * - * AES hardware unit can only be used by one - * consumer at a time. - * - * esp_aes_xxx API calls automatically manage locking & unlocking of - * hardware, this function is only needed if you want to call - * ets_aes_xxx functions directly. - */ -void esp_aes_acquire_hardware( void ); - -/** - * \brief Unlock access to AES hardware unit - * - * esp_aes_xxx API calls automatically manage locking & unlocking of - * hardware, this function is only needed if you want to call - * ets_aes_xxx functions directly. - */ -void esp_aes_release_hardware( void ); - -/** - * \brief Initialize AES context - * - * \param ctx AES context to be initialized - */ -void esp_aes_init( esp_aes_context *ctx ); - -/** - * \brief Clear AES context - * - * \param ctx AES context to be cleared - */ -void esp_aes_free( esp_aes_context *ctx ); - -/** - * \brief This function initializes the specified AES XTS context. - * - * It must be the first API called before using - * the context. - * - * \param ctx The AES XTS context to initialize. - */ -void esp_aes_xts_init( esp_aes_xts_context *ctx ); - -/** - * \brief This function releases and clears the specified AES XTS context. - * - * \param ctx The AES XTS context to clear. - */ -void esp_aes_xts_free( esp_aes_xts_context *ctx ); - -/** - * \brief AES set key schedule (encryption or decryption) - * - * \param ctx AES context to be initialized - * \param key encryption key - * \param keybits must be 128, 192 or 256 - * - * \return 0 if successful, or ERR_AES_INVALID_KEY_LENGTH - */ -int esp_aes_setkey( esp_aes_context *ctx, const unsigned char *key, unsigned int keybits ); - -/** - * \brief AES-ECB block encryption/decryption - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if successful - */ -int esp_aes_crypt_ecb( esp_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ); - -/** - * \brief AES-CBC buffer encryption/decryption - * Length should be a multiple of the block - * size (16 bytes) - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or ERR_AES_INVALID_INPUT_LENGTH - */ -int esp_aes_crypt_cbc( esp_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - - -/** - * \brief AES-CFB128 buffer encryption/decryption. - * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * esp_aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param length length of the input data - * \param iv_off offset in IV (updated after use) - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful - */ -int esp_aes_crypt_cfb128( esp_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief AES-CFB8 buffer encryption/decryption. - * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * esp_aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. - * - * \note Upon exit, the content of the IV is updated so that you can - * call the function same function again on the following - * block(s) of data and get the same result as if it was - * encrypted in one call. This allows a "streaming" usage. - * If on the other hand you need to retain the contents of the - * IV, you should either save it manually or use the cipher - * module instead. - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful - */ -int esp_aes_crypt_cfb8( esp_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief AES-CTR buffer encryption/decryption - * - * Warning: You have to keep the maximum use of your counter in mind! - * - * Note: Due to the nature of CTR you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * esp_aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. - * - * \param ctx AES context - * \param length The length of the data - * \param nc_off The offset in the current stream_block (for resuming - * within current cipher stream). The offset pointer to - * should be 0 at the start of a stream. - * \param nonce_counter The 128-bit nonce and counter. - * \param stream_block The saved stream-block for resuming. Is overwritten - * by the function. - * \param input The input data stream - * \param output The output data stream - * - * \return 0 if successful - */ -int esp_aes_crypt_ctr( esp_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief This function prepares an XTS context for encryption and - * sets the encryption key. - * - * \param ctx The AES XTS context to which the key should be bound. - * \param key The encryption key. This is comprised of the XTS key1 - * concatenated with the XTS key2. - * \param keybits The size of \p key passed in bits. Valid options are: - *
  • 256 bits (each of key1 and key2 is a 128-bit key)
    • - *
  • 512 bits (each of key1 and key2 is a 256-bit key)
- * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. - */ -int esp_aes_xts_setkey_enc( esp_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits ); - -/** - * \brief This function performs an AES-OFB (Output Feedback Mode) - * encryption or decryption operation. - * - * \param ctx The AES context to use for encryption or decryption. - * It must be initialized and bound to a key. - * \param length The length of the input data. - * \param iv_off The offset in IV (updated after use). - * It must point to a valid \c size_t. - * \param iv The initialization vector (updated after use). - * It must be a readable and writeable buffer of \c 16 Bytes. - * \param input The buffer holding the input data. - * It must be readable and of size \p length Bytes. - * \param output The buffer holding the output data. - * It must be writeable and of size \p length Bytes. - * - * \return \c 0 on success. - */ -int esp_aes_crypt_ofb( esp_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief This function prepares an XTS context for decryption and - * sets the decryption key. - * - * \param ctx The AES XTS context to which the key should be bound. - * \param key The decryption key. This is comprised of the XTS key1 - * concatenated with the XTS key2. - * \param keybits The size of \p key passed in bits. Valid options are: - *
  • 256 bits (each of key1 and key2 is a 128-bit key)
    • - *
  • 512 bits (each of key1 and key2 is a 256-bit key)
- * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. - */ -int esp_aes_xts_setkey_dec( esp_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits ); - - -/** - * \brief Internal AES block encryption function - * (Only exposed to allow overriding it, - * see AES_ENCRYPT_ALT) - * - * \param ctx AES context - * \param input Plaintext block - * \param output Output (ciphertext) block - */ -int esp_internal_aes_encrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); - -/** - * \brief Internal AES block decryption function - * (Only exposed to allow overriding it, - * see AES_DECRYPT_ALT) - * - * \param ctx AES context - * \param input Ciphertext block - * \param output Output (plaintext) block - */ -int esp_internal_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); - -/** AES-XTS buffer encryption/decryption */ -int esp_aes_crypt_xts( esp_aes_xts_context *ctx, int mode, size_t length, const unsigned char data_unit[16], const unsigned char *input, unsigned char *output ); - -#ifdef __cplusplus -} -#endif - -#endif /* aes.h */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h deleted file mode 100644 index 9e38fccf2d9..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/aes_alt.h +++ /dev/null @@ -1,66 +0,0 @@ -/** - * \file aes_alt.h - * - * \brief AES block cipher - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * - */ -#ifndef AES_ALT_H -#define AES_ALT_H - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_AES_ALT) -#include "aes.h" - -typedef esp_aes_context mbedtls_aes_context; - -#define mbedtls_aes_init esp_aes_init -#define mbedtls_aes_free esp_aes_free -#define mbedtls_aes_setkey_enc esp_aes_setkey -#define mbedtls_aes_setkey_dec esp_aes_setkey -#define mbedtls_aes_crypt_ecb esp_aes_crypt_ecb -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#define mbedtls_aes_crypt_cbc esp_aes_crypt_cbc -#endif -#if defined(MBEDTLS_CIPHER_MODE_CFB) -#define mbedtls_aes_crypt_cfb128 esp_aes_crypt_cfb128 -#define mbedtls_aes_crypt_cfb8 esp_aes_crypt_cfb8 -#endif -#if defined(MBEDTLS_CIPHER_MODE_CTR) -#define mbedtls_aes_crypt_ctr esp_aes_crypt_ctr -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) -typedef esp_aes_xts_context mbedtls_aes_xts_context; -#define mbedtls_aes_xts_init esp_aes_xts_init -#define mbedtls_aes_xts_free esp_aes_xts_free -#define mbedtls_aes_xts_setkey_enc esp_aes_xts_setkey_enc -#define mbedtls_aes_xts_setkey_dec esp_aes_xts_setkey_dec -#define mbedtls_aes_crypt_xts esp_aes_crypt_xts -#endif -#define mbedtls_internal_aes_encrypt esp_internal_aes_encrypt -#define mbedtls_internal_aes_decrypt esp_internal_aes_decrypt -#endif /* MBEDTLS_AES_ALT */ - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/esp_mem.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/esp_mem.h deleted file mode 100644 index da740830478..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/esp_mem.h +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2018 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include - -void *esp_mbedtls_mem_calloc(size_t n, size_t size); -void esp_mbedtls_mem_free(void *ptr); diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/bignum.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/bignum.h deleted file mode 100644 index 23cd56348a7..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/bignum.h +++ /dev/null @@ -1,78 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -#ifndef __ESP_MBEDTLS_BIGNUM_H__ -#define __ESP_MBEDTLS_BIGNUM_H__ - -#include_next "mbedtls/bignum.h" - -/** - * This is a wrapper for the main mbedtls/bignum.h. This wrapper - * provides a few additional ESP32-only functions. - * - * This is because we don't set MBEDTLS_BIGNUM_ALT in the same way we - * do for AES, SHA, etc. Because we still use most of the bignum.h - * implementation and just replace a few hardware accelerated - * functions (see MBEDTLS_MPI_EXP_MOD_ALT & MBEDTLS_MPI_MUL_MPI_ALT in - * esp_config.h). - * - * @note Unlike the other hardware accelerator support functions in esp32/hwcrypto, there is no - * generic "hwcrypto/bignum.h" header for using these functions without mbedTLS. The reason for this - * is that all of the function implementations depend strongly upon the mbedTLS MPI implementation. - */ - -/** - * @brief Lock access to RSA Accelerator (MPI/bignum operations) - * - * RSA Accelerator hardware unit can only be used by one - * consumer at a time. - * - * @note This function is non-recursive (do not call it twice from the - * same task.) - * - * @note You do not need to call this if you are using the mbedTLS bignum.h - * API or esp_mpi_xxx functions. This function is only needed if you - * want to call ROM RSA functions or access the registers directly. - * - */ -void esp_mpi_acquire_hardware(void); - -/** - * @brief Unlock access to RSA Accelerator (MPI/bignum operations) - * - * Has to be called once for each call to esp_mpi_acquire_hardware(). - * - * @note You do not need to call this if you are using the mbedTLS bignum.h - * API or esp_mpi_xxx functions. This function is only needed if you - * want to call ROM RSA functions or access the registers directly. - */ -void esp_mpi_release_hardware(void); - -/* @brief MPI modular mupltiplication function - * - * Calculates Z = (X * Y) mod M using MPI hardware acceleration. - * - * This is not part of the standard mbedTLS bignum API. - * - * @note All of X, Y & Z should be less than 4096 bit long or an error is returned. - * - * @param Z Result bignum, should be pre-initialised with mbedtls_mpi_init(). - * @param X First multiplication argument. - * @param Y Second multiplication argument. - * @param M Modulus value for result. - * - * @return 0 on success, mbedTLS MPI error codes on failure. - */ -int esp_mpi_mul_mpi_mod(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, const mbedtls_mpi *M); - -#endif diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/config.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/config.h deleted file mode 100644 index cf3d904de02..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/config.h +++ /dev/null @@ -1,9 +0,0 @@ -/* This shim header is added so that any application code - which includes "mbedtls/config.h" directly gets the correct - config. */ -#pragma once -#if !defined(MBEDTLS_CONFIG_FILE) -#include_next "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_config.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_config.h deleted file mode 100644 index 1458310a73f..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_config.h +++ /dev/null @@ -1,2770 +0,0 @@ -/** - * - * \brief Default mbedTLS configuration options for esp-idf - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -#include "sdkconfig.h" - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -#ifdef CONFIG_MEDTLS_USE_AFR_MEMORY - #include - - extern void pvCalloc( size_t xNumElements, - size_t xSize ) ; - extern void vPortFree( void ); - MBEDTLS_PLATFORM_STD_CALLOC pvCalloc - MBEDTLS_PLATFORM_STD_FREE vPortFree -#endif - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/timing.c - * library/padlock.c - * include/mbedtls/bn_mul.h - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Comment if your system does not support time functions - */ -#ifdef CONFIG_MBEDTLS_HAVE_TIME -#define MBEDTLS_HAVE_TIME -#endif - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h and time(), gmtime() and the clock is correct. - * The time needs to be correct (not necesarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - */ -#ifdef CONFIG_MBEDTLS_HAVE_TIME_DATE -#define MBEDTLS_HAVE_TIME_DATE -#endif - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -#define MBEDTLS_PLATFORM_MEMORY - -/** Override calloc(), free() except for case where memory allocation scheme is not set to custom */ -#ifndef CONFIG_MBEDTLS_CUSTOM_MEM_ALLOC -#include "esp_mem.h" -#define MBEDTLS_PLATFORM_STD_CALLOC esp_mbedtls_mem_calloc -#define MBEDTLS_PLATFORM_STD_FREE esp_mbedtls_mem_free -#endif - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_FPRINTF_ALT -//#define MBEDTLS_PLATFORM_PRINTF_ALT -//#define MBEDTLS_PLATFORM_SNPRINTF_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_REMOVED - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternate core implementation of a symmetric crypto or hash module (e.g. - * platform specific assembly optimized implementations). Keep in mind that - * the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base function - * declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - */ -//#define MBEDTLS_ARC4_ALT -//#define MBEDTLS_BLOWFISH_ALT -//#define MBEDTLS_CAMELLIA_ALT -//#define MBEDTLS_DES_ALT -//#define MBEDTLS_XTEA_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT -//#define MBEDTLS_MD5_ALT -//#define MBEDTLS_RIPEMD160_ALT - -/* The following units have ESP32 hardware support, - uncommenting each _ALT macro will use the - hardware-accelerated implementation. */ -#ifdef CONFIG_MBEDTLS_HARDWARE_AES -#define MBEDTLS_AES_ALT -#endif - -/* MBEDTLS_SHAxx_ALT to enable hardware SHA support - with software fallback. -*/ -#ifdef CONFIG_MBEDTLS_HARDWARE_SHA -#define MBEDTLS_SHA1_ALT -#define MBEDTLS_SHA256_ALT -#define MBEDTLS_SHA512_ALT -#endif - -/* The following MPI (bignum) functions have ESP32 hardware support, - Uncommenting these macros will use the hardware-accelerated - implementations. -*/ -#ifdef CONFIG_MBEDTLS_HARDWARE_MPI -#define MBEDTLS_MPI_EXP_MOD_ALT -#define MBEDTLS_MPI_MUL_MPI_ALT -#endif - -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * Note: if you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT -//#define MBEDTLS_AES_DECRYPT_ALT - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * Uncomment this macro to enable restartable ECC computations. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. - */ -#ifdef CONFIG_MBEDTLS_ECP_RESTARTABLE -#define MBEDTLS_ECP_RESTARTABLE -#endif - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -#ifdef CONFIG_MBEDTLS_CMAC_C -#define MBEDTLS_CMAC_C -#endif - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in entropy_poll.h, and accept NULL as first argument. - * - * Uncomment to use your own hardware entropy collector. - */ -#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Store the AES tables in ROM. - * - * Uncomment this macro to store the AES tables in ROM. - */ -#define MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CFB - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#define MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#define MBEDTLS_CIPHER_PADDING_ZEROS - -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - -/** - * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -#ifdef CONFIG_MBEDTLS_RC4_ENABLED -#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES -#endif - -/** - * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED - * - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#endif -#ifdef CONFIG_MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#endif - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#ifdef CONFIG_MBEDTLS_ECP_NIST_OPTIM -#define MBEDTLS_ECP_NIST_OPTIM -#endif - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -//#define MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_PSK -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_PSK -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_PSK -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_RSA_PSK -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_RSA -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_RSA -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#ifdef CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED -#endif - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#define MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific, - * mbedtls_timing_hardclock and HAVEGE based poll functions. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define MBEDTLS_PKCS1_V21 - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonnable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -//#define MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SSL_AEAD_RANDOM_IV - * - * Generate a random IV rather than using the record sequence number as a - * nonce for ciphersuites using and AEAD algorithm (GCM or CCM). - * - * Using the sequence number is generally recommended. - * - * Uncomment this macro to always use random IVs with AEAD ciphersuites. - */ -//#define MBEDTLS_SSL_AEAD_RANDOM_IV - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#ifdef CONFIG_MBEDTLS_TLS_ENABLED -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC -#endif - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#ifdef CONFIG_MBEDTLS_TLS_ENABLED -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET -#endif - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define MBEDTLS_SSL_HW_RECORD_ACCEL - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING -#endif - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Disable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - */ -#ifdef CONFIG_MBEDTLS_SSL_RENEGOTIATION -#define MBEDTLS_SSL_RENEGOTIATION -#endif - -/** - * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to enable support for SSLv2 Client Hello messages. - */ -//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_SSL3 -#define MBEDTLS_SSL_PROTO_SSL3 -#endif - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1 -#define MBEDTLS_SSL_PROTO_TLS1 -#endif - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1_1 -#define MBEDTLS_SSL_PROTO_TLS1_1 -#endif - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1_2 -#define MBEDTLS_SSL_PROTO_TLS1_2 -#endif - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS -#define MBEDTLS_SSL_PROTO_DTLS -#endif - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#ifdef CONFIG_MBEDTLS_SSL_ALPN -#define MBEDTLS_SSL_ALPN -#endif - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY -#endif - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY -#endif - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE -#endif - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#ifdef CONFIG_MBEDTLS_SSL_PROTO_DTLS -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT -#endif - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintainance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#ifdef CONFIG_MBEDTLS_SSL_SESSION_TICKETS -#define MBEDTLS_SSL_SESSION_TICKETS -#endif - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -#define MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT - -/** - * \def MBEDTLS_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be a applicable to your use case. - * - * \note Currently compression can't be used with DTLS. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define MBEDTLS_ZLIB_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/ssl_tls.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#ifdef CONFIG_MBEDTLS_AES_C -#define MBEDTLS_AES_C -#endif - -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/ssl_tls.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA - * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA - * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA - */ -#if defined(CONFIG_MBEDTLS_RC4_ENABLED_NO_DEFAULT) || defined(CONFIG_MBEDTLS_RC4_ENABLED) -#define MBEDTLS_ARC4_C -#endif - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/mbedtls_x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#ifdef CONFIG_MBEDTLS_BLOWFISH_C -#define MBEDTLS_BLOWFISH_C -#endif - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/ssl_tls.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#ifdef CONFIG_MBEDTLS_CAMELLIA_C -#define MBEDTLS_CAMELLIA_C -#endif - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#ifdef CONFIG_MBEDTLS_CCM_C -#define MBEDTLS_CCM_C -#endif - -/** - * \def MBEDTLS_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -#define MBEDTLS_CERTS_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-256-based random generator. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C - * - * This module provides the CTR_DRBG AES-256 random number generator. - */ -#define MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#if CONFIG_MBEDTLS_DEBUG -#define MBEDTLS_DEBUG_C -#endif - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/ssl_tls.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - */ -#ifdef CONFIG_MBEDTLS_DES_C -#define MBEDTLS_DES_C -#endif - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - */ -#define MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#ifdef CONFIG_MBEDTLS_ECDH_C -#define MBEDTLS_ECDH_C -#endif - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C - */ -#ifdef CONFIG_MBEDTLS_ECDSA_C -#define MBEDTLS_ECDSA_C -#endif - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C - */ -//#define MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#ifdef CONFIG_MBEDTLS_ECP_C -#define MBEDTLS_ECP_C -#endif - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#define MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#ifdef CONFIG_MBEDTLS_GCM_C -#define MBEDTLS_GCM_C -#endif - -/** - * \def MBEDTLS_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: MBEDTLS_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define MBEDTLS_HAVEGE_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/mbedtls_md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/mbedtls_md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/mbedtls_md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - */ -//#define MBEDTLS_MD4_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/mbedtls_md5.c - * Caller: library/mbedtls_md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS and X.509. - * PEM_PARSE uses MD5 for decrypting encrypted keys. - */ -#define MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP/IP networking routines. - * - * Module: library/net.c - * - * This module provides TCP/IP networking routines. - */ -//#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/mbedtls_x509_crl.c - * library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c - * library/x509write_crt.c - * library/mbedtls_x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/mbedtls_x509_crl.c - * library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#ifdef CONFIG_MBEDTLS_PEM_PARSE_C -#define MBEDTLS_PEM_PARSE_C -#endif - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/mbedtls_x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#ifdef CONFIG_MBEDTLS_PEM_WRITE_C -#define MBEDTLS_PEM_WRITE_C -#endif - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: MBEDTLS_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define MBEDTLS_PKCS11_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other module rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/mbedtls_ripemd160.c - * Caller: library/mbedtls_md.c - * - */ -#ifdef CONFIG_MBEDTLS_RIPEMD160_C -#define MBEDTLS_RIPEMD160_C -#endif - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#define MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/mbedtls_sha1.c - * Caller: library/mbedtls_md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS and SHA1-signed certificates. - */ -#define MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * - * Module: library/mbedtls_sha256.c - * Caller: library/entropy.c - * library/mbedtls_md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-224 and SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * - * Module: library/mbedtls_sha512.c - * Caller: library/entropy.c - * library/mbedtls_md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This module adds support for SHA-384 and SHA-512. - */ -//#define MBEDTLS_SHA512_C - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#ifdef CONFIG_MBEDTLS_TLS_CLIENT -#define MBEDTLS_SSL_CLI_C -#endif - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#ifdef CONFIG_MBEDTLS_TLS_SERVER -#define MBEDTLS_SSL_SRV_C -#endif - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#ifdef CONFIG_MBEDTLS_TLS_ENABLED -#define MBEDTLS_SSL_TLS_C -#endif - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -#define MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the portable timing interface. - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -//#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/mbedtls_x509_crl.c - * library/mbedtls_x509_crt.c - * library/mbedtls_x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/mbedtls_x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/mbedtls_x509_crl.c - * Caller: library/mbedtls_x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#ifdef CONFIG_MBEDTLS_X509_CRL_PARSE_C -#define MBEDTLS_X509_CRL_PARSE_C -#endif - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/mbedtls_x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#ifdef CONFIG_MBEDTLS_X509_CSR_PARSE_C -#define MBEDTLS_X509_CSR_PARSE_C -#endif - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#ifdef CONFIG_MBEDTLS_XTEA_C -#define MBEDTLS_XTEA_C -#endif - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ - -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correclty zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ -#ifndef CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN - -#define MBEDTLS_SSL_MAX_CONTENT_LEN CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */ - -#else - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum incoming fragment length in bytes. - * - * Uncomment to set the size of the inward TLS buffer independently of the - * outward buffer. - */ -#define MBEDTLS_SSL_IN_CONTENT_LEN CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum outgoing fragment length in bytes. - * - * Uncomment to set the size of the outward TLS buffer independently of the - * inward buffer. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * For absolute minimum RAM usage, it's best to enable - * MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and reduce MBEDTLS_SSL_MAX_CONTENT_LEN. This - * reduces both incoming and outgoing buffer sizes. However this is only - * guaranteed if the other end of the connection also supports the TLS - * max_fragment_len extension. Otherwise the connection may fail. - */ -#define MBEDTLS_SSL_OUT_CONTENT_LEN CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN - -#endif /* !CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN */ - -//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * for compatibility with existing peers. - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/* \} name SECTION: Module configuration options */ - -#if defined(TARGET_LIKE_MBED) -#include "mbedtls/target_config.h" -#endif - -/* - * Allow user to override any previous default. - * - * Use two macro names for that, as: - * - with yotta the prefix YOTTA_CFG_ is forced - * - without yotta is looks weird to have a YOTTA prefix. - */ -#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE) -#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE -#elif defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_debug.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_debug.h deleted file mode 100644 index 8e23a5ea322..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/mbedtls/esp_debug.h +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -#ifndef _ESP_DEBUG_H_ -#define _ESP_DEBUG_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include "sdkconfig.h" -#ifdef CONFIG_MBEDTLS_DEBUG - -/** @brief Enable mbedTLS debug logging via the esp_log mechanism. - * - * mbedTLS internal debugging is filtered from a specified mbedTLS - * threshold level to esp_log level at runtime: - * - * - 1 - Warning - * - 2 - Info - * - 3 - Debug - * - 4 - Verbose - * - * (Note that mbedTLS debug thresholds are not always consistently used.) - * - * This function will set the esp log level for "mbedtls" to the specified mbedTLS - * threshold level that matches. However, the overall max ESP log level must be set high - * enough in menuconfig, or some messages may be filtered at compile time. - * - * @param conf mbedtls_ssl_config structure - * @param mbedTLS debug threshold, 0-4. Messages are filtered at runtime. - */ -void mbedtls_esp_enable_debug_log(mbedtls_ssl_config *conf, int threshold); - -/** @brief Disable mbedTLS debug logging via the esp_log mechanism. - * - */ -void mbedtls_esp_disable_debug_log(mbedtls_ssl_config *conf); - - -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __ESP_DEBUG_H__ */ diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h deleted file mode 100644 index 2009d198180..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha.h +++ /dev/null @@ -1,211 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -#ifndef _ESP_SHA_H_ -#define _ESP_SHA_H_ - -#include "esp32/rom/sha.h" -#include "esp_types.h" - -/** @brief Low-level support functions for the hardware SHA engine - * - * @note If you're looking for a SHA API to use, try mbedtls component - * mbedtls/shaXX.h. That API supports hardware acceleration. - * - * The API in this header provides some building blocks for implementing a - * full SHA API such as the one in mbedtls, and also a basic SHA function esp_sha(). - * - * Some technical details about the hardware SHA engine: - * - * - SHA accelerator engine calculates one digest at a time, per SHA - * algorithm type. It initialises and maintains the digest state - * internally. It is possible to read out an in-progress SHA digest - * state, but it is not possible to restore a SHA digest state - * into the engine. - * - * - The memory block SHA_TEXT_BASE is shared between all SHA digest - * engines, so all engines must be idle before this memory block is - * modified. - * - */ - -#ifdef __cplusplus -extern "C" { -#endif - -/* Defined in esp32/rom/sha.h */ -typedef enum SHA_TYPE esp_sha_type; - -/** @brief Calculate SHA1 or SHA2 sum of some data, using hardware SHA engine - * - * @note For more versatile SHA calculations, where data doesn't need - * to be passed all at once, try the mbedTLS mbedtls/shaX.h APIs. The - * hardware-accelerated mbedTLS implementation is also faster when - * hashing large amounts of data. - * - * @note It is not necessary to lock any SHA hardware before calling - * this function, thread safety is managed internally. - * - * @note If a TLS connection is open then this function may block - * indefinitely waiting for a SHA engine to become available. Use the - * mbedTLS SHA API to avoid this problem. - * - * @param sha_type SHA algorithm to use. - * - * @param input Input data buffer. - * - * @param ilen Length of input data in bytes. - * - * @param output Buffer for output SHA digest. Output is 20 bytes for - * sha_type SHA1, 32 bytes for sha_type SHA2_256, 48 bytes for - * sha_type SHA2_384, 64 bytes for sha_type SHA2_512. - */ -void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output); - -/* @brief Begin to execute a single SHA block operation - * - * @note This is a piece of a SHA algorithm, rather than an entire SHA - * algorithm. - * - * @note Call esp_sha_try_lock_engine() before calling this - * function. Do not call esp_sha_lock_memory_block() beforehand, this - * is done inside the function. - * - * @param sha_type SHA algorithm to use. - * - * @param data_block Pointer to block of data. Block size is - * determined by algorithm (SHA1/SHA2_256 = 64 bytes, - * SHA2_384/SHA2_512 = 128 bytes) - * - * @param is_first_block If this parameter is true, the SHA state will - * be initialised (with the initial state of the given SHA algorithm) - * before the block is calculated. If false, the existing state of the - * SHA engine will be used. - * - * @return As a performance optimisation, this function returns before - * the SHA block operation is complete. Both this function and - * esp_sha_read_state() will automatically wait for any previous - * operation to complete before they begin. If using the SHA registers - * directly in another way, call esp_sha_wait_idle() after calling this - * function but before accessing the SHA registers. - */ -void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block); - -/** @brief Read out the current state of the SHA digest loaded in the engine. - * - * @note This is a piece of a SHA algorithm, rather than an entire SHA algorithm. - * - * @note Call esp_sha_try_lock_engine() before calling this - * function. Do not call esp_sha_lock_memory_block() beforehand, this - * is done inside the function. - * - * If the SHA suffix padding block has been executed already, the - * value that is read is the SHA digest (in big endian - * format). Otherwise, the value that is read is an interim SHA state. - * - * @note If sha_type is SHA2_384, only 48 bytes of state will be read. - * This is enough for the final SHA2_384 digest, but if you want the - * interim SHA-384 state (to continue digesting) then pass SHA2_512 instead. - * - * @param sha_type SHA algorithm in use. - * - * @param state Pointer to a memory buffer to hold the SHA state. Size - * is 20 bytes (SHA1), 32 bytes (SHA2_256), 48 bytes (SHA2_384) or 64 bytes (SHA2_512). - * - */ -void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state); - -/** - * @brief Obtain exclusive access to a particular SHA engine - * - * @param sha_type Type of SHA engine to use. - * - * Blocks until engine is available. Note: Can block indefinitely - * while a TLS connection is open, suggest using - * esp_sha_try_lock_engine() and failing over to software SHA. - */ -void esp_sha_lock_engine(esp_sha_type sha_type); - -/** - * @brief Try and obtain exclusive access to a particular SHA engine - * - * @param sha_type Type of SHA engine to use. - * - * @return Returns true if the SHA engine is locked for exclusive - * use. Call esp_sha_unlock_sha_engine() when done. Returns false if - * the SHA engine is already in use, caller should use software SHA - * algorithm for this digest. - */ -bool esp_sha_try_lock_engine(esp_sha_type sha_type); - -/** - * @brief Unlock an engine previously locked with esp_sha_lock_engine() or esp_sha_try_lock_engine() - * - * @param sha_type Type of engine to release. - */ -void esp_sha_unlock_engine(esp_sha_type sha_type); - -/** - * @brief Acquire exclusive access to the SHA shared memory block at SHA_TEXT_BASE - * - * This memory block is shared across all the SHA algorithm types. - * - * Caller should have already locked a SHA engine before calling this function. - * - * Note that it is possible to obtain exclusive access to the memory block even - * while it is in use by the SHA engine. Caller should use esp_sha_wait_idle() - * to ensure the SHA engine is not reading from the memory block in hardware. - * - * @note This function enters a critical section. Do not block while holding this lock. - * - * @note You do not need to lock the memory block before calling esp_sha_block() or esp_sha_read_digest_state(), these functions handle memory block locking internally. - * - * Call esp_sha_unlock_memory_block() when done. - */ -void esp_sha_lock_memory_block(void); - -/** - * @brief Release exclusive access to the SHA register memory block at SHA_TEXT_BASE - * - * Caller should have already locked a SHA engine before calling this function. - * - * This function releases the critical section entered by esp_sha_lock_memory_block(). - * - * Call following esp_sha_lock_memory_block(). - */ -void esp_sha_unlock_memory_block(void); - -/** @brief Wait for the SHA engine to finish any current operation - * - * @note This function does not ensure exclusive access to any SHA - * engine. Caller should use esp_sha_try_lock_engine() and - * esp_sha_lock_memory_block() as required. - * - * @note Functions declared in this header file wait for SHA engine - * completion automatically, so you don't need to use this API for - * these. However if accessing SHA registers directly, you will need - * to call this before accessing SHA registers if using the - * esp_sha_block() function. - * - * @note This function busy-waits, so wastes CPU resources. - * Best to delay calling until you are about to need it. - * - */ -void esp_sha_wait_idle(void); - -#ifdef __cplusplus -} -#endif - -#endif - diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha1_alt.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha1_alt.h deleted file mode 100644 index 54b77408780..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha1_alt.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * SHA-1 implementation with hardware ESP32 support added. - * Uses mbedTLS software implementation for failover when concurrent - * SHA operations are in use. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE LTD - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef _SHA1_ALT_H_ -#define _SHA1_ALT_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_SHA1_ALT) - -typedef enum { - ESP_MBEDTLS_SHA1_UNUSED, /* first block hasn't been processed yet */ - ESP_MBEDTLS_SHA1_HARDWARE, /* using hardware SHA engine */ - ESP_MBEDTLS_SHA1_SOFTWARE, /* using software SHA */ -} esp_mbedtls_sha1_mode; - -/** - * \brief SHA-1 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[5]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - esp_mbedtls_sha1_mode mode; -} -mbedtls_sha1_context; - -#endif - -#ifdef __cplusplus -} -#endif - -#endif - diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha256_alt.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha256_alt.h deleted file mode 100644 index 436f5324c8c..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha256_alt.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * SHA-256 implementation with hardware ESP32 support added. - * Uses mbedTLS software implementation for failover when concurrent - * SHA operations are in use. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE LTD - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef _SHA256_ALT_H_ -#define _SHA256_ALT_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_SHA256_ALT) - -typedef enum { - ESP_MBEDTLS_SHA256_UNUSED, /* first block hasn't been processed yet */ - ESP_MBEDTLS_SHA256_HARDWARE, /* using hardware SHA engine */ - ESP_MBEDTLS_SHA256_SOFTWARE, /* using software SHA */ -} esp_mbedtls_sha256_mode; - -/** - * \brief SHA-256 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[8]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - int is224; /*!< 0 => SHA-256, else SHA-224 */ - esp_mbedtls_sha256_mode mode; -} -mbedtls_sha256_context; - -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha512_alt.h b/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha512_alt.h deleted file mode 100644 index 36b8fc9d244..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/include/sha512_alt.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * SHA-512 implementation with hardware ESP32 support added. - * Uses mbedTLS software implementation for failover when concurrent - * SHA operations are in use. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE LTD - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -#ifndef _SHA512_ALT_H_ -#define _SHA512_ALT_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(MBEDTLS_SHA512_ALT) - -typedef enum { - ESP_MBEDTLS_SHA512_UNUSED, /* first block hasn't been processed yet */ - ESP_MBEDTLS_SHA512_HARDWARE, /* using hardware SHA engine */ - ESP_MBEDTLS_SHA512_SOFTWARE, /* using software SHA */ -} esp_mbedtls_sha512_mode; - -/** - * \brief SHA-512 context structure - */ -typedef struct -{ - uint64_t total[2]; /*!< number of bytes processed */ - uint64_t state[8]; /*!< intermediate digest state */ - unsigned char buffer[128]; /*!< data block being processed */ - int is384; /*!< 0 => SHA-512, else SHA-384 */ - esp_mbedtls_sha512_mode mode; -} -mbedtls_sha512_context; - -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/mbedtls_debug.c b/vendors/espressif/boards/esp32/components/mbedtls/port/mbedtls_debug.c deleted file mode 100644 index f7b5541453e..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/mbedtls_debug.c +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include - -#include "esp_log.h" -#include "mbedtls/platform.h" -#include "mbedtls/debug.h" -#include "mbedtls/ssl.h" -#include "mbedtls/esp_debug.h" - -#ifdef CONFIG_MBEDTLS_DEBUG -static const char *TAG = "mbedtls"; - -static void mbedtls_esp_debug(void *ctx, int level, - const char *file, int line, - const char *str); - -void mbedtls_esp_enable_debug_log(mbedtls_ssl_config *conf, int threshold) -{ - esp_log_level_t level = ESP_LOG_NONE; - mbedtls_debug_set_threshold(threshold); - mbedtls_ssl_conf_dbg(conf, mbedtls_esp_debug, NULL); - switch(threshold) { - case 1: - level = ESP_LOG_WARN; - break; - case 2: - level = ESP_LOG_INFO; - break; - case 3: - level = ESP_LOG_DEBUG; - break; - case 4: - level = ESP_LOG_VERBOSE; - break; - } - esp_log_level_set(TAG, level); -} - -void mbedtls_esp_disable_debug_log(mbedtls_ssl_config *conf) -{ - mbedtls_ssl_conf_dbg(conf, NULL, NULL); -} - - -/* Default mbedtls debug function that translates mbedTLS debug output - to ESP_LOGx debug output. -*/ -static void mbedtls_esp_debug(void *ctx, int level, - const char *file, int line, - const char *str) -{ - char *file_sep; - - /* Shorten 'file' from the whole file path to just the filename - - This is a bit wasteful because the macros are compiled in with - the full _FILE_ path in each case. - */ - file_sep = rindex(file, '/'); - if(file_sep) - file = file_sep+1; - - switch(level) { - case 1: - ESP_LOGW(TAG, "%s:%d %s", file, line, str); - break; - case 2: - ESP_LOGI(TAG, "%s:%d %s", file, line, str); - break; - case 3: - ESP_LOGD(TAG, "%s:%d %s", file, line, str); - break; - case 4: - ESP_LOGV(TAG, "%s:%d %s", file, line, str); - break; - default: - ESP_LOGE(TAG, "Unexpected log level %d: %s", level, str); - break; - } -} -#endif \ No newline at end of file diff --git a/vendors/espressif/boards/esp32/components/mbedtls/port/sha.c b/vendors/espressif/boards/esp32/components/mbedtls/port/sha.c deleted file mode 100644 index ba1e6009390..00000000000 --- a/vendors/espressif/boards/esp32/components/mbedtls/port/sha.c +++ /dev/null @@ -1,314 +0,0 @@ -/* - * ESP32 hardware accelerated SHA1/256/512 implementation - * based on mbedTLS FIPS-197 compliant version. - * - * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ -/* - * The SHA-1 standard was published by NIST in 1993. - * - * http://www.itl.nist.gov/fipspubs/fip180-1.htm - */ - -#include -#include -#include -#include - -#include "freertos/FreeRTOS.h" -#include "freertos/semphr.h" - -#include "sha.h" -#include "esp32/rom/ets_sys.h" -#include "soc/hwcrypto_periph.h" -#include "driver/periph_ctrl.h" - -inline static uint32_t SHA_LOAD_REG(esp_sha_type sha_type) { - return SHA_1_LOAD_REG + sha_type * 0x10; -} - -inline static uint32_t SHA_BUSY_REG(esp_sha_type sha_type) { - return SHA_1_BUSY_REG + sha_type * 0x10; -} - -inline static uint32_t SHA_START_REG(esp_sha_type sha_type) { - return SHA_1_START_REG + sha_type * 0x10; -} - -inline static uint32_t SHA_CONTINUE_REG(esp_sha_type sha_type) { - return SHA_1_CONTINUE_REG + sha_type * 0x10; -} - -/* Single spinlock for SHA engine memory block -*/ -static portMUX_TYPE memory_block_lock = portMUX_INITIALIZER_UNLOCKED; - - -/* Binary semaphore managing the state of each concurrent SHA engine. - - Available = noone is using this SHA engine - Taken = a SHA session is running on this SHA engine - - Indexes: - 0 = SHA1 - 1 = SHA2_256 - 2 = SHA2_384 or SHA2_512 -*/ -static SemaphoreHandle_t engine_states[3]; - -static uint8_t engines_in_use; - -/* Spinlock for engines_in_use counter -*/ -static portMUX_TYPE engines_in_use_lock = portMUX_INITIALIZER_UNLOCKED; - -/* Index into the engine_states array */ -inline static size_t sha_engine_index(esp_sha_type type) { - switch(type) { - case SHA1: - return 0; - case SHA2_256: - return 1; - default: - return 2; - } -} - -/* Return digest length (in bytes) for a given SHA type */ -inline static size_t sha_length(esp_sha_type type) { - switch(type) { - case SHA1: - return 20; - case SHA2_256: - return 32; - case SHA2_384: - return 48; - case SHA2_512: - return 64; - default: - return 0; - } -} - -/* Return block size (in bytes) for a given SHA type */ -inline static size_t block_length(esp_sha_type type) { - switch(type) { - case SHA1: - case SHA2_256: - return 64; - case SHA2_384: - case SHA2_512: - return 128; - default: - return 0; - } -} - -void esp_sha_lock_memory_block(void) -{ - portENTER_CRITICAL(&memory_block_lock); -} - -void esp_sha_unlock_memory_block(void) -{ - portEXIT_CRITICAL(&memory_block_lock); -} - -static SemaphoreHandle_t sha_get_engine_state(esp_sha_type sha_type) -{ - unsigned idx = sha_engine_index(sha_type); - volatile SemaphoreHandle_t *engine = &engine_states[idx]; - SemaphoreHandle_t result = *engine; - uint32_t set_engine = 0; - - if (result == NULL) { - // Create a new semaphore for 'in use' flag - SemaphoreHandle_t new_engine = xSemaphoreCreateBinary(); - assert(new_engine != NULL); - xSemaphoreGive(new_engine); // start available - - // try to atomically set the previously NULL *engine to new_engine - set_engine = (uint32_t)new_engine; - uxPortCompareSet((volatile uint32_t *)engine, 0, &set_engine); - - if (set_engine != 0) { // we lost a race setting *engine - vSemaphoreDelete(new_engine); - } - result = *engine; - } - return result; -} - -static bool esp_sha_lock_engine_common(esp_sha_type sha_type, TickType_t ticks_to_wait); - -bool esp_sha_try_lock_engine(esp_sha_type sha_type) -{ - return esp_sha_lock_engine_common(sha_type, 0); -} - -void esp_sha_lock_engine(esp_sha_type sha_type) -{ - esp_sha_lock_engine_common(sha_type, portMAX_DELAY); -} - -static bool esp_sha_lock_engine_common(esp_sha_type sha_type, TickType_t ticks_to_wait) -{ - SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); - BaseType_t result = xSemaphoreTake(engine_state, ticks_to_wait); - - if (result == pdFALSE) { - // failed to take semaphore - return false; - } - - portENTER_CRITICAL(&engines_in_use_lock); - - if (engines_in_use == 0) { - /* Just locked first engine, - so enable SHA hardware */ - periph_module_enable(PERIPH_SHA_MODULE); - } - - engines_in_use++; - assert(engines_in_use <= 3); - - portEXIT_CRITICAL(&engines_in_use_lock); - - return true; -} - - -void esp_sha_unlock_engine(esp_sha_type sha_type) -{ - SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); - - portENTER_CRITICAL(&engines_in_use_lock); - - engines_in_use--; - - if (engines_in_use == 0) { - /* About to release last engine, so - disable SHA hardware */ - periph_module_disable(PERIPH_SHA_MODULE); - } - - portEXIT_CRITICAL(&engines_in_use_lock); - - xSemaphoreGive(engine_state); -} - -void esp_sha_wait_idle(void) -{ - while(1) { - if(DPORT_REG_READ(SHA_1_BUSY_REG) == 0 - && DPORT_REG_READ(SHA_256_BUSY_REG) == 0 - && DPORT_REG_READ(SHA_384_BUSY_REG) == 0 - && DPORT_REG_READ(SHA_512_BUSY_REG) == 0) { - break; - } - } -} - -void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state) -{ - uint32_t *digest_state_words = NULL; - uint32_t *reg_addr_buf = NULL; - uint32_t word_len = sha_length(sha_type)/4; -#ifndef NDEBUG - { - SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); - assert(uxSemaphoreGetCount(engine_state) == 0 && - "SHA engine should be locked" ); - } -#endif - - // preemptively do this before entering the critical section, then re-check once in it - esp_sha_wait_idle(); - - esp_sha_lock_memory_block(); - - esp_sha_wait_idle(); - - DPORT_REG_WRITE(SHA_LOAD_REG(sha_type), 1); - while(DPORT_REG_READ(SHA_BUSY_REG(sha_type)) == 1) { } - digest_state_words = (uint32_t *)digest_state; - reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE); - if(sha_type == SHA2_384 || sha_type == SHA2_512) { - /* for these ciphers using 64-bit states, swap each pair of words */ - DPORT_INTERRUPT_DISABLE(); // Disable interrupt only on current CPU. - for(int i = 0; i < word_len; i += 2) { - digest_state_words[i+1] = DPORT_SEQUENCE_REG_READ((uint32_t)®_addr_buf[i]); - digest_state_words[i] = DPORT_SEQUENCE_REG_READ((uint32_t)®_addr_buf[i+1]); - } - DPORT_INTERRUPT_RESTORE(); // restore the previous interrupt level - } else { - esp_dport_access_read_buffer(digest_state_words, (uint32_t)®_addr_buf[0], word_len); - } - esp_sha_unlock_memory_block(); - - /* Fault injection check: verify SHA engine actually ran, - state is not all zeroes. - */ - for (int i = 0; i < word_len; i++) { - if (digest_state_words[i] != 0) { - return; - } - } - abort(); // SHA peripheral returned all zero state, probably due to fault injection -} - -void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block) -{ - uint32_t *reg_addr_buf = NULL; - uint32_t *data_words = NULL; -#ifndef NDEBUG - { - SemaphoreHandle_t engine_state = sha_get_engine_state(sha_type); - assert(uxSemaphoreGetCount(engine_state) == 0 && - "SHA engine should be locked" ); - } -#endif - - // preemptively do this before entering the critical section, then re-check once in it - esp_sha_wait_idle(); - - esp_sha_lock_memory_block(); - - esp_sha_wait_idle(); - - /* Fill the data block */ - reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE); - data_words = (uint32_t *)data_block; - for (int i = 0; i < block_length(sha_type) / 4; i++) { - reg_addr_buf[i] = __builtin_bswap32(data_words[i]); - } - asm volatile ("memw"); - - if(is_first_block) { - DPORT_REG_WRITE(SHA_START_REG(sha_type), 1); - } else { - DPORT_REG_WRITE(SHA_CONTINUE_REG(sha_type), 1); - } - - esp_sha_unlock_memory_block(); - - /* Note: deliberately not waiting for this operation to complete, - as a performance tweak - delay waiting until the next time we need the SHA - unit, instead. - */ -} diff --git a/vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_common_gap.c b/vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_common_gap.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_common_gap.c rename to vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_common_gap.c diff --git a/vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_gap.c b/vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_gap.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_gap.c rename to vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_gap.c diff --git a/vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_gatt_server.c b/vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_gatt_server.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_gatt_server.c rename to vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_gatt_server.c diff --git a/vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_internals.h b/vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_internals.h similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/bluedroid/iot_ble_hal_internals.h rename to vendors/espressif/boards/ports/ble/bluedroid/iot_ble_hal_internals.h diff --git a/vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_common_gap.c b/vendors/espressif/boards/ports/ble/iot_ble_hal_common_gap.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_common_gap.c rename to vendors/espressif/boards/ports/ble/iot_ble_hal_common_gap.c diff --git a/vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gap.c b/vendors/espressif/boards/ports/ble/iot_ble_hal_gap.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gap.c rename to vendors/espressif/boards/ports/ble/iot_ble_hal_gap.c diff --git a/vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gatt_server.c b/vendors/espressif/boards/ports/ble/iot_ble_hal_gatt_server.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/iot_ble_hal_gatt_server.c rename to vendors/espressif/boards/ports/ble/iot_ble_hal_gatt_server.c diff --git a/vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_common_gap.c b/vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_common_gap.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_common_gap.c rename to vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_common_gap.c diff --git a/vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_gap.c b/vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_gap.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_gap.c rename to vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_gap.c diff --git a/vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_gatt_server.c b/vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_gatt_server.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_gatt_server.c rename to vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_gatt_server.c diff --git a/vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_internals.h b/vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_internals.h similarity index 100% rename from vendors/espressif/boards/esp32/ports/ble/nimble/iot_ble_hal_internals.h rename to vendors/espressif/boards/ports/ble/nimble/iot_ble_hal_internals.h diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c b/vendors/espressif/boards/ports/ota/aws_esp_ota_ops.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.c rename to vendors/espressif/boards/ports/ota/aws_esp_ota_ops.c diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.h b/vendors/espressif/boards/ports/ota/aws_esp_ota_ops.h similarity index 100% rename from vendors/espressif/boards/esp32/ports/ota/aws_esp_ota_ops.h rename to vendors/espressif/boards/ports/ota/aws_esp_ota_ops.h diff --git a/vendors/espressif/boards/esp32/ports/ota/aws_ota_pal.c b/vendors/espressif/boards/ports/ota/aws_ota_pal.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/ota/aws_ota_pal.c rename to vendors/espressif/boards/ports/ota/aws_ota_pal.c diff --git a/vendors/espressif/boards/esp32/ports/pkcs11/iot_pkcs11_pal.c b/vendors/espressif/boards/ports/pkcs11/iot_pkcs11_pal.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/pkcs11/iot_pkcs11_pal.c rename to vendors/espressif/boards/ports/pkcs11/iot_pkcs11_pal.c diff --git a/vendors/espressif/boards/esp32/ports/posix/FreeRTOS_POSIX_portable.h b/vendors/espressif/boards/ports/posix/FreeRTOS_POSIX_portable.h similarity index 100% rename from vendors/espressif/boards/esp32/ports/posix/FreeRTOS_POSIX_portable.h rename to vendors/espressif/boards/ports/posix/FreeRTOS_POSIX_portable.h diff --git a/vendors/espressif/boards/esp32/ports/wifi/iot_wifi.c b/vendors/espressif/boards/ports/wifi/iot_wifi.c similarity index 100% rename from vendors/espressif/boards/esp32/ports/wifi/iot_wifi.c rename to vendors/espressif/boards/ports/wifi/iot_wifi.c From 88785f0be38468e1dc074ac202126305394050dd Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Wed, 15 Jul 2020 13:18:33 +0530 Subject: [PATCH 6/7] Add support for ESP32-S2 --- tools/cmake/toolchains/xtensa-esp32s2.cmake | 31 ++ .../boards/components/freertos/CMakeLists.txt | 31 +- vendors/espressif/boards/esp32s2/.gitignore | 2 + .../espressif/boards/esp32s2/CMakeLists.txt | 480 ++++++++++++++++++ .../amazon-freertos-common/CMakeLists.txt | 1 + .../esp32s2/aws_demos/application_code/main.c | 180 +++++++ .../aws_demos/config_files/FreeRTOSConfig.h | 414 +++++++++++++++ .../aws_demos/config_files/FreeRTOSIPConfig.h | 318 ++++++++++++ .../config_files/aws_bufferpool_config.h | 44 ++ .../aws_demos/config_files/aws_demo_config.h | 79 +++ .../aws_demos/config_files/aws_ggd_config.h | 46 ++ .../config_files/aws_iot_network_config.h | 57 +++ .../aws_demos/config_files/aws_mqtt_config.h | 71 +++ .../config_files/aws_ota_agent_config.h | 150 ++++++ .../config_files/aws_secure_sockets_config.h | 72 +++ .../config_files/aws_shadow_config.h | 107 ++++ .../aws_demos/config_files/aws_wifi_config.h | 99 ++++ .../default_pkcs11_config/iot_pkcs11_config.h | 171 +++++++ .../ecc608a_pkcs11_config/atca_config.h | 44 ++ .../ecc608a_pkcs11_config/iot_pkcs11_config.h | 154 ++++++ .../ecc608a_pkcs11_config/pkcs11_config.h | 159 ++++++ .../aws_demos/config_files/iot_ble_config.h | 41 ++ .../aws_demos/config_files/iot_config.h | 80 +++ .../config_files/iot_mqtt_agent_config.h | 113 +++++ .../esp32s2/aws_demos/partition-table.csv | 8 + .../esp32s2/aws_demos/sdkconfig.defaults | 30 ++ .../amazon-freertos-tests/CMakeLists.txt | 1 + .../esp32s2/aws_tests/application_code/main.c | 337 ++++++++++++ .../aws_tests/config_files/FreeRTOSConfig.h | 403 +++++++++++++++ .../aws_tests/config_files/FreeRTOSIPConfig.h | 318 ++++++++++++ .../config_files/aws_bufferpool_config.h | 44 ++ .../aws_tests/config_files/aws_demo_config.h | 66 +++ .../aws_tests/config_files/aws_ggd_config.h | 46 ++ .../config_files/aws_iot_network_config.h | 57 +++ .../aws_tests/config_files/aws_mqtt_config.h | 72 +++ .../config_files/aws_ota_agent_config.h | 151 ++++++ .../config_files/aws_secure_sockets_config.h | 72 +++ .../config_files/aws_shadow_config.h | 108 ++++ .../config_files/aws_test_ota_config.h | 81 +++ .../config_files/aws_test_runner_config.h | 68 +++ .../config_files/aws_test_tcp_config.h | 80 +++ .../config_files/aws_test_wifi_config.h | 53 ++ .../aws_tests/config_files/aws_wifi_config.h | 97 ++++ .../default_pkcs11_config/iot_pkcs11_config.h | 171 +++++++ .../iot_test_pkcs11_config.h | 146 ++++++ .../ecc608a_pkcs11_config/atca_cert_chain.h | 18 + .../ecc608a_pkcs11_config/atca_config.h | 44 ++ .../ecc608a_pkcs11_config/iot_pkcs11_config.h | 136 +++++ .../iot_test_pkcs11_config.h | 147 ++++++ .../ecc608a_pkcs11_config/pkcs11_config.h | 160 ++++++ .../aws_tests/config_files/iot_ble_config.h | 52 ++ .../aws_tests/config_files/iot_config.h | 44 ++ .../config_files/iot_mqtt_agent_config.h | 113 +++++ .../aws_tests/config_files/unity_config.h | 242 +++++++++ .../esp32s2/aws_tests/partition-table.csv | 8 + .../esp32s2/aws_tests/sdkconfig.defaults | 31 ++ .../boards/esp32s2/esp32s2_saola_1.cmake | 20 + .../boards/esp32s2/run_idf_monitor.cmake | 46 ++ vendors/espressif/manifest.cmake | 2 + 59 files changed, 6413 insertions(+), 3 deletions(-) create mode 100644 tools/cmake/toolchains/xtensa-esp32s2.cmake create mode 100644 vendors/espressif/boards/esp32s2/.gitignore create mode 100644 vendors/espressif/boards/esp32s2/CMakeLists.txt create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/application_code/espressif_code/amazon-freertos-common/CMakeLists.txt create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/application_code/main.c create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSConfig.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSIPConfig.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_bufferpool_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_demo_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ggd_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_iot_network_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_mqtt_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ota_agent_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_secure_sockets_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_shadow_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_wifi_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/default_pkcs11_config/iot_pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/atca_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_ble_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_mqtt_agent_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/partition-table.csv create mode 100644 vendors/espressif/boards/esp32s2/aws_demos/sdkconfig.defaults create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/application_code/espressif_code/amazon-freertos-tests/CMakeLists.txt create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/application_code/main.c create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSConfig.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSIPConfig.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_bufferpool_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_demo_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ggd_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_iot_network_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_mqtt_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ota_agent_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_secure_sockets_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_shadow_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_ota_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_runner_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_tcp_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_wifi_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_wifi_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_test_pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_cert_chain.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_test_pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/pkcs11_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_ble_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_mqtt_agent_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/config_files/unity_config.h create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/partition-table.csv create mode 100644 vendors/espressif/boards/esp32s2/aws_tests/sdkconfig.defaults create mode 100644 vendors/espressif/boards/esp32s2/esp32s2_saola_1.cmake create mode 100644 vendors/espressif/boards/esp32s2/run_idf_monitor.cmake diff --git a/tools/cmake/toolchains/xtensa-esp32s2.cmake b/tools/cmake/toolchains/xtensa-esp32s2.cmake new file mode 100644 index 00000000000..09de2d9d850 --- /dev/null +++ b/tools/cmake/toolchains/xtensa-esp32s2.cmake @@ -0,0 +1,31 @@ +include("${CMAKE_CURRENT_LIST_DIR}/find_compiler.cmake") + +set(CMAKE_SYSTEM_NAME Generic) + +# Find GCC for Xtensa-ESP32S2. +afr_find_compiler(AFR_COMPILER_CC xtensa-esp32s2-elf-gcc) +afr_find_compiler(AFR_COMPILER_CXX xtensa-esp32s2-elf-g++) + +# Specify the cross compiler. +set(CMAKE_C_COMPILER ${AFR_COMPILER_CC} CACHE FILEPATH "C compiler") +set(CMAKE_CXX_COMPILER ${AFR_COMPILER_CXX} CACHE FILEPATH "C++ compiler") +set(CMAKE_ASM_COMPILER ${AFR_COMPILER_CC} CACHE FILEPATH "ASM compiler") + +# Disable compiler checks. +set(CMAKE_C_COMPILER_FORCED TRUE) +set(CMAKE_CXX_COMPILER_FORCED TRUE) + +# Add target system root to cmake find path. +get_filename_component(AFR_COMPILER_DIR "${AFR_COMPILER_CC}" DIRECTORY) +get_filename_component(CMAKE_FIND_ROOT_PATH "${AFR_COMPILER_DIR}" DIRECTORY) + +# Look for includes and libraries only in the target system prefix. +set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY) +set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY) + +# Helper variables to abstracts some common compiler flags. +set(AFR_COMPILER_NO_WARNINGS "-w" CACHE INTERNAL "") + +# Global compiler flags. +set(CMAKE_C_FLAGS "-mlongcalls" CACHE STRING "C Compiler Base Flags") +set(CMAKE_CXX_FLAGS "-mlongcalls" CACHE STRING "C++ Compiler Base Flags") diff --git a/vendors/espressif/boards/components/freertos/CMakeLists.txt b/vendors/espressif/boards/components/freertos/CMakeLists.txt index 750832b75cb..2d7e36482c2 100644 --- a/vendors/espressif/boards/components/freertos/CMakeLists.txt +++ b/vendors/espressif/boards/components/freertos/CMakeLists.txt @@ -2,6 +2,15 @@ set(AMAZON_FREERTOS_KERNEL_DIR "${AFR_KERNEL_DIR}") set(AMAZON_FREERTOS_FREERTOS_PLUS_DIR "${AFR_MODULES_FREERTOS_PLUS_DIR}") set(AMAZON_FREERTOS_3RDPARTY_DIR "${AFR_3RDPARTY_DIR}") +string(FIND "${AFR_BOARD_NAME}" "esp32s2" SOC_NAME_ESP32S2) +string(FIND "${AFR_BOARD_NAME}" "esp32" SOC_NAME_ESP32) + +if (NOT(${SOC_NAME_ESP32S2} EQUAL -1)) + set(SOC_NAME "esp32s2") +elseif(NOT($SOC_NAME_ESP32) EQUAL -1) + set(SOC_NAME "esp32") +endif() + set( include_dirs include @@ -11,13 +20,29 @@ set( if(AFR_ENABLE_TESTS) list(APPEND include_dirs - "${CMAKE_CURRENT_LIST_DIR}/../../esp32/aws_tests/config_files" "${AMAZON_FREERTOS_FREERTOS_PLUS_DIR}/standard/freertos_plus_posix/include" "${AMAZON_FREERTOS_3RDPARTY_DIR}/unity/src" ) + if(SOC_NAME STREQUAL "esp32s2") + list(APPEND include_dirs + "${CMAKE_CURRENT_LIST_DIR}/../../esp32s2/aws_tests/config_files" + ) + else() + list(APPEND include_dirs + "${CMAKE_CURRENT_LIST_DIR}/../../esp32/aws_tests/config_files" + ) + endif() + else() - list(APPEND include_dirs - "${CMAKE_CURRENT_LIST_DIR}/../../esp32/aws_demos/config_files") + if(SOC_NAME STREQUAL "esp32s2") + list(APPEND include_dirs + "${CMAKE_CURRENT_LIST_DIR}/../../esp32s2/aws_demos/config_files" + ) + else() + list(APPEND include_dirs + "${CMAKE_CURRENT_LIST_DIR}/../../esp32/aws_demos/config_files" + ) + endif() endif() # Edit following two lines to set component requirements (see docs) diff --git a/vendors/espressif/boards/esp32s2/.gitignore b/vendors/espressif/boards/esp32s2/.gitignore new file mode 100644 index 00000000000..2d0a09acc17 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/.gitignore @@ -0,0 +1,2 @@ +# Ignore the build artifacts in the projects. +*build* diff --git a/vendors/espressif/boards/esp32s2/CMakeLists.txt b/vendors/espressif/boards/esp32s2/CMakeLists.txt new file mode 100644 index 00000000000..1553871c81b --- /dev/null +++ b/vendors/espressif/boards/esp32s2/CMakeLists.txt @@ -0,0 +1,480 @@ + +# ------------------------------------------------------------------------------------------------- +# FreeRTOS Console metadata +# ------------------------------------------------------------------------------------------------- +if("${AFR_BOARD_NAME}" STREQUAL "esp32s2_saola_1") + include("${CMAKE_CURRENT_LIST_DIR}/esp32s2_saola_1.cmake") + set(ECC608_IN_USE FALSE) +endif() + +# ------------------------------------------------------------------------------------------------- +# Compiler settings +# ------------------------------------------------------------------------------------------------- +# Mark the python dependencies as checked so that esp-idf does not check them since this is not +# needed when we are only generating metadata and not building the project. +if(AFR_METADATA_MODE) + set(PYTHON_DEPS_CHECKED 1) +endif() + + + +set(esp_idf_dir "${AFR_VENDORS_DIR}/espressif/esp-idf") +# Provides idf_import_components and idf_link_components +include(${esp_idf_dir}/tools/cmake/idf.cmake) +include(${esp_idf_dir}/tools/cmake/project_utils.cmake) + + +if(AFR_IS_TESTING) + set(exe_target aws_tests) +else() + set(exe_target aws_demos) +endif() + +afr_mcu_port(compiler) + +set(linker_flags "-Wl,--gc-sections" "-Wl,--cref" "-Wl,--Map=${exe_target}.map" "-Wl,--undefined=uxTopUsedPriority") + +# Linker flags +target_link_options( + AFR::compiler::mcu_port + INTERFACE ${linker_flags} +) + + +# ------------------------------------------------------------------------------------------------- +# FreeRTOS portable layers +# ------------------------------------------------------------------------------------------------- +set(afr_ports_dir "${CMAKE_CURRENT_LIST_DIR}/../ports") +set(extra_components_dir "${CMAKE_CURRENT_LIST_DIR}/../components") +set(board_demos_dir "${CMAKE_CURRENT_LIST_DIR}/aws_demos") +set(board_tests_dir "${CMAKE_CURRENT_LIST_DIR}/aws_tests") +set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}) + +if(AFR_IS_TESTING) + set(board_dir "${board_tests_dir}") + set(aws_credentials_include "${AFR_TESTS_DIR}/include") +else() + set(board_dir "${board_demos_dir}") + set(aws_credentials_include "${AFR_DEMOS_DIR}/include") +endif() + +# Kernel +afr_mcu_port(kernel) +afr_glob_src(driver_src DIRECTORY "${esp_idf_dir}" RECURSE) + +set( + kernel_inc_dirs + "${esp_idf_dir}/components/app_update/include/" + "${esp_idf_dir}/components/bootloader_support/include" + "${esp_idf_dir}/components/esp32s2/include" + "${esp_idf_dir}/components/esp_event/include" + "${esp_idf_dir}/components/efuse/include" + "${esp_idf_dir}/components/driver/include" + "${esp_idf_dir}/components/heap/include" + "${esp_idf_dir}/components/log/include" + "${esp_idf_dir}/components/nvs_flash/include" + "${esp_idf_dir}/components/pthread/include" + "${esp_idf_dir}/components/newlib/platform_include" + "${esp_idf_dir}/components/soc/src/esp32s2/include" + "${esp_idf_dir}/components/soc/soc/esp32s2/include" + "${esp_idf_dir}/components/soc/include" + "${esp_idf_dir}/components/spi_flash/include" + "${esp_idf_dir}/components/vfs/include" + "${extra_components_dir}/freertos/include" + "${esp_idf_dir}/components/mbedtls/port/include" + "${esp_idf_dir}/components/xtensa/esp32s2/include/xtensa" + "${esp_idf_dir}/components/xtensa/esp32s2/include" + "${esp_idf_dir}/components/xtensa/include" + "${esp_idf_dir}/components/esp_rom/include" + "${esp_idf_dir}/components/esp_timer/include" + "${esp_idf_dir}/components/esp_common/include" + "${esp_idf_dir}/components/esp_system/include" +) + +if(AFR_ESP_FREERTOS_TCP) + list(APPEND kernel_inc_dirs + "${extra_components_dir}/freertos_tcpip/ethernet/include" + "${extra_components_dir}/freertos_tcpip/smartconfig_ack/include" + "${extra_components_dir}/freertos_tcpip/tcpip_adapter/include" + "${AFR_MODULES_FREERTOS_PLUS_DIR}/standard/freertos_plus_tcp/source/portable/Compiler/GCC" + "${esp_idf_dir}/components/xtensa" + "${esp_idf_dir}/components/esp_wifi/include" + "${esp_idf_dir}/components/esp_netif/include" + "${esp_idf_dir}/components/esp_eth/include" + ) +else() + list(APPEND kernel_inc_dirs + "${esp_idf_dir}/components/tcpip_adapter/include" + ) +endif() + +if(ECC608_IN_USE) + set(mchp_dir "${AFR_VENDORS_DIR}/microchip") + set(ecc608a_dir "${mchp_dir}/secure_elements") + list(APPEND kernel_inc_dirs + "${esp_idf_dir}/components/esp_ringbuf/include" + "${board_dir}/config_files/ecc608a_pkcs11_config" + ) +else() + list(APPEND kernel_inc_dirs + "${board_dir}/config_files/default_pkcs11_config" + ) +endif() + +target_include_directories( + AFR::kernel::mcu_port + INTERFACE + ${kernel_inc_dirs} + "${AFR_KERNEL_DIR}/portable/ThirdParty/GCC/Xtensa_ESP32/include/" + "${aws_credentials_include}" + "${board_dir}/config_files" + "$<$:${CMAKE_BINARY_DIR}/config>" +) + +# WiFi +afr_mcu_port(wifi) + +if(AFR_ESP_FREERTOS_TCP) +target_link_libraries( + AFR::wifi::mcu_port + INTERFACE + AFR::freertos_plus_tcp +) +else() +target_include_directories( + AFR::wifi::mcu_port + INTERFACE + "${esp_idf_dir}/components/lwip/include/apps" + "${esp_idf_dir}/components/lwip/include/apps/sntp" + "${esp_idf_dir}/components/lwip/lwip/src/include" + "${esp_idf_dir}/components/lwip/port/esp32/include" + "${esp_idf_dir}/components/lwip/port/esp32/include/arch" + "${esp_idf_dir}/components/esp_wifi/include" + "${esp_idf_dir}/components/esp_netif/include" + "${esp_idf_dir}/components/esp_eth/include" + "${esp_idf_dir}/components/soc/soc/include" +) +endif() + +target_sources( + AFR::wifi::mcu_port + INTERFACE "${afr_ports_dir}/wifi/iot_wifi.c" +) + +# PKCS11 +if(ECC608_IN_USE) + afr_mcu_port(pkcs11_implementation DEPENDS AFR::pkcs11_ecc608a) + set( + ecc608a_hal_src + "${ecc608a_dir}/lib/hal/atca_hal.c" + "${ecc608a_dir}/lib/hal/hal_freertos.c" + "${ecc608a_dir}/lib/hal/hal_esp32_i2c.c" + "${ecc608a_dir}/lib/hal/hal_esp32_timer.c" + "${ecc608a_dir}/lib/hal/atca_hal.h" + "${ecc608a_dir}/lib/hal/atca_start_config.h" + "${ecc608a_dir}/lib/hal/atca_start_iface.h" + ) + target_include_directories( + AFR::pkcs11_implementation::mcu_port + INTERFACE + "${board_dir}/config_files/ecc608a_pkcs11_config" + ) + target_sources( + AFR::pkcs11_implementation::mcu_port + INTERFACE + "${ecc608a_hal_src}" + ) +else() + afr_mcu_port(pkcs11_implementation DEPENDS AFR::pkcs11_mbedtls) + target_include_directories( + AFR::pkcs11_implementation::mcu_port + INTERFACE + "${board_dir}/config_files/default_pkcs11_config/" + ) + target_sources( + AFR::pkcs11_implementation::mcu_port + INTERFACE + "${afr_ports_dir}/pkcs11/iot_pkcs11_pal.c" + ) +endif() + +target_include_directories( + AFR::pkcs11_implementation::mcu_port + INTERFACE + "${esp_idf_dir}/components/soc/soc/include" +) + +if(AFR_ESP_FREERTOS_TCP) +# FreeRTOS Plus TCP +afr_mcu_port(freertos_plus_tcp) +target_sources( + AFR::freertos_plus_tcp::mcu_port + INTERFACE + "${AFR_MODULES_FREERTOS_PLUS_DIR}/standard/freertos_plus_tcp/source/portable/BufferManagement/BufferAllocation_2.c" + "${AFR_MODULES_FREERTOS_PLUS_DIR}/standard/freertos_plus_tcp/source/portable/NetworkInterface/esp32/NetworkInterface.c" +) + +# Secure sockets +afr_mcu_port(secure_sockets) +target_link_libraries( + AFR::secure_sockets::mcu_port + INTERFACE AFR::secure_sockets_freertos_plus_tcp +) +else() + +# Secure sockets +afr_mcu_port(secure_sockets) + +target_sources( + AFR::secure_sockets::mcu_port + INTERFACE + "${AFR_MODULES_ABSTRACTIONS_DIR}/secure_sockets/lwip/iot_secure_sockets.c" +) + +target_include_directories( + AFR::secure_sockets::mcu_port + INTERFACE + "${esp_idf_dir}/components/lwip/include/apps" + "${esp_idf_dir}/components/lwip/include/apps/sntp" + "${esp_idf_dir}/components/lwip/lwip/src/include" + "${esp_idf_dir}/components/lwip/port/esp32/include" + "${esp_idf_dir}/components/lwip/port/esp32/include/arch" + "${esp_idf_dir}/components/lwip/include" +) + +target_link_libraries( + AFR::secure_sockets::mcu_port + INTERFACE + AFR::tls + AFR::wifi + idf::newlib +) + +endif() + +if(AFR_IS_TESTING) +target_compile_definitions( + AFR::compiler::mcu_port + INTERFACE $<$:${compiler_defined_symbols}> + -DESP32 +) +endif() + +# OTA +# Need to get this validated +afr_mcu_port(ota) +target_sources( + AFR::ota::mcu_port + INTERFACE + "${afr_ports_dir}/ota/aws_ota_pal.c" + "${afr_ports_dir}/ota/aws_esp_ota_ops.c" + "${afr_ports_dir}/ota/aws_esp_ota_ops.h" +) +target_include_directories( + AFR::ota::mcu_port + INTERFACE + "${esp_idf_dir}/components/soc/soc/include" +) +target_link_libraries( + AFR::ota::mcu_port + INTERFACE + AFR::crypto + AFR::pkcs11 + AFR::ota_mqtt + AFR::ota_http +) + +# ------------------------------------------------------------------------------------------------- +# FreeRTOS demos and tests +# ------------------------------------------------------------------------------------------------- +afr_glob_src(config_files DIRECTORY "${board_dir}/config_files") + +# Do not add demos or tests if they're turned off. +if(AFR_ENABLE_DEMOS OR AFR_ENABLE_TESTS) + add_executable( + ${exe_target} + "${board_dir}/application_code/main.c" + ${extra_exe_sources} + ) + idf_build_set_property(PROJECT_DIR ${AFR_ROOT_DIR}) + idf_build_executable(${exe_target}) + target_include_directories( + ${exe_target} + PUBLIC + "${esp_idf_dir}/components/esp_ringbuf/include" + $ + $ + ) + target_link_libraries( + ${exe_target} + PRIVATE + AFR::wifi + AFR::utils + ) +endif() + +if(AFR_METADATA_MODE) + return() +endif() + + +# ------------------------------------------------------------------------------------------------- +# Additional build configurations +# ------------------------------------------------------------------------------------------------- + +# TODO, workaround for permission issue in FreeRTOS console. +if("${CMAKE_HOST_SYSTEM_NAME}" STREQUAL "Linux") + execute_process(COMMAND chmod +x "${esp_idf_dir}/components/esptool_py/esptool/esptool.py") +endif() + +if(ECC608_IN_USE) +set_source_files_properties( + ${ecc608a_dir}/lib/pkcs11/pkcs11_token.c + ${ecc608a_dir}/lib/pkcs11/pkcs11_object.c + ${ecc608a_dir}/lib/basic/atca_helpers.c + PROPERTIES COMPILE_FLAGS + "-Wno-error=pointer-sign -Wno-error=char-subscripts" +) +endif() +set_source_files_properties( + ${AFR_MODULES_C_SDK_DIR}/aws/greengrass/aws_greengrass_discovery.c + ${AFR_DEMOS_DIR}/tcp/aws_tcp_echo_client_single_task.c + ${AFR_DEMOS_DIR}/secure_sockets/iot_test_tcp.c + ${AFR_DEMOS_DIR}/wifi/iot_test_wifi.c + PROPERTIES COMPILE_FLAGS + "-Wno-format" +) + +set_source_files_properties(${AFR_DEMOS_DIR}/logging/iot_logging_task_dynamic_buffers.c + PROPERTIES COMPILE_FLAGS + "-Wno-format -Wno-uninitialized" +) + +set_source_files_properties(${AFR_DEMOS_DIR}/ota/aws_test_ota_pal.c + PROPERTIES COMPILE_FLAGS + "-Wno-pointer-sign -Wno-sizeof-pointer-memaccess" +) + +set_source_files_properties(${AFR_DEMOS_DIR}/ota/aws_test_ota_agent.c + PROPERTIES COMPILE_FLAGS + "-Wno-pointer-sign" +) + +set_source_files_properties(${AFR_DEMOS_DIR}/posix/iot_test_posix_pthread.c + PROPERTIES COMPILE_FLAGS + "-Wno-int-conversion" +) + +set(IDF_TARGET esp32) +set(ENV{IDF_PATH} ${esp_idf_dir}) + +# If external project has set sdkconfig.defaults do not overwrite +if (NOT IDF_SDKCONFIG_DEFAULTS) + # Fetch sdkconfig.defaults and modify the custom partition table csv path + file(READ "${board_dir}/sdkconfig.defaults" file_sdkconfig_default) + string(REGEX REPLACE "partition-table.csv" "${board_dir}/partition-table.csv" file_sdkconfig_default "${file_sdkconfig_default}") + file(WRITE "${CMAKE_BINARY_DIR}/sdkconfig.defaults" "${file_sdkconfig_default}") + set(IDF_SDKCONFIG_DEFAULTS "${CMAKE_BINARY_DIR}/sdkconfig.defaults") +endif() + +# Set sdkconfig generation path inside build +set(SDKCONFIG "${CMAKE_BINARY_DIR}/sdkconfig") + +# Do some configuration for idf_import_components. This enables creation of artifacts (which might not be +# needed) for some projects +set(IDF_BUILD_ARTIFACTS ON) +set(IDF_BUILD_ARTIFACTS_DIR ${CMAKE_BINARY_DIR}) + +set(CMAKE_STATIC_LIBRARY_PREFIX "lib") + +# If external project is set do not link IDF components to aws target +if (NOT IDF_PROJECT_EXECUTABLE) + set(IDF_PROJECT_EXECUTABLE ${exe_target}) +endif() + +set_property(GLOBAL PROPERTY IDF_PROJECT_EXECUTABLE ${IDF_PROJECT_EXECUTABLE}) + +get_filename_component( + ABS_EXTRA_COMPONENT_DIRS + "${extra_components_dir}/freertos" ABSOLUTE +) + +idf_build_component(${ABS_EXTRA_COMPONENT_DIRS}) + +get_filename_component( + ABS_EXTRA_COMPONENT_DIRS + "${extra_components_dir}/mbedtls" ABSOLUTE +) + +idf_build_component(${ABS_EXTRA_COMPONENT_DIRS}) + +if(AFR_ESP_FREERTOS_TCP) +get_filename_component( + ABS_NW_EXTRA_COMPONENT_DIRS + "${extra_components_dir}/freertos_tcpip" ABSOLUTE +) + +idf_build_component(${ABS_EXTRA_COMPONENT_DIRS}) +endif() + +idf_build_process(esp32s2 + SDKCONFIG ${CMAKE_BINARY_DIR}/sdkconfig + SDKCONFIG_DEFAULTS ${CMAKE_BINARY_DIR}/sdkconfig.defaults + BUILD_DIR ${CMAKE_BINARY_DIR}) + +idf_build_get_property(idf_compile_options "COMPILE_OPTIONS") +idf_build_get_property(idf_c_compile_options "C_COMPILE_OPTIONS") +idf_build_get_property(idf_cxx_compile_options "CXX_COMPILE_OPTIONS") +idf_build_get_property(idf_compile_definitions "COMPILE_DEFINITIONS") + +# Compiler flags +target_compile_options( + AFR::compiler::mcu_port + INTERFACE + $<$:${idf_c_compile_options}> + $<$:${idf_cxx_compile_options}> + -Wno-stringop-overflow + -Wno-bool-operation + -Wno-sizeof-pointer-div + -Wno-nonnull +) + +# Compiler definitions/macros +target_compile_definitions( + AFR::compiler::mcu_port + INTERFACE + ${idf_compile_definitions} + -DESP_PLATFORM +) + +if(NOT AFR_ESP_FREERTOS_TCP) +target_compile_definitions( + AFR::compiler::mcu_port + INTERFACE $<$:${compiler_defined_symbols}> + -DAFR_ESP_LWIP +) +endif() + +target_compile_options( + AFR::compiler::mcu_port + INTERFACE + ${idf_compile_options} +) + +idf_project_generate_description_file(${CMAKE_BINARY_DIR}/project_description.json) + +# This is a hack to have IDF build system use PRIVATE keyword when +# calling target_link_libraries() on aws_demos target. This is necessary +# as CMake doesn't allow mixing target_link_libraries() call signature +# for the same target. +function(target_link_libraries) + set(_args ARGV) + get_property(exe_target GLOBAL PROPERTY IDF_PROJECT_EXECUTABLE) + if (${ARGV0} STREQUAL ${exe_target}) + list(INSERT ${_args} 1 PRIVATE) + endif() + _target_link_libraries(${${_args}}) +endfunction() + +# Override IDF's native toolchain file +set(IDF_TOOLCHAIN_FILE ${CMAKE_TOOLCHAIN_FILE}) diff --git a/vendors/espressif/boards/esp32s2/aws_demos/application_code/espressif_code/amazon-freertos-common/CMakeLists.txt b/vendors/espressif/boards/esp32s2/aws_demos/application_code/espressif_code/amazon-freertos-common/CMakeLists.txt new file mode 100644 index 00000000000..cfde39e32c4 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/application_code/espressif_code/amazon-freertos-common/CMakeLists.txt @@ -0,0 +1 @@ +# Nothing to be done here diff --git a/vendors/espressif/boards/esp32s2/aws_demos/application_code/main.c b/vendors/espressif/boards/esp32s2/aws_demos/application_code/main.c new file mode 100644 index 00000000000..8ef7fded310 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/application_code/main.c @@ -0,0 +1,180 @@ +/* + * FreeRTOS V1.4.7 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#include "iot_config.h" + +/* FreeRTOS includes. */ + +#include "FreeRTOS.h" +#include "task.h" + +/* Demo includes */ +#include "aws_demo.h" +#include "aws_dev_mode_key_provisioning.h" + +/* AWS System includes. */ +#include "iot_system_init.h" +#include "iot_logging_task.h" + +#include "nvs_flash.h" +#if !AFR_ESP_LWIP +#include "FreeRTOS_IP.h" +#include "FreeRTOS_Sockets.h" +#endif + +#include "esp_system.h" +#include "esp_wifi.h" +#include "esp_interface.h" + +#include "driver/uart.h" +#include "aws_application_version.h" +#include "esp_netif.h" + +#include "iot_network_manager_private.h" + +/* Logging Task Defines. */ +#define mainLOGGING_MESSAGE_QUEUE_LENGTH ( 32 ) +#define mainLOGGING_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 4 ) +#define mainDEVICE_NICK_NAME "Espressif_Demo" + +QueueHandle_t spp_uart_queue = NULL; + +/* Static arrays for FreeRTOS+TCP stack initialization for Ethernet network connections + * are use are below. If you are using an Ethernet connection on your MCU device it is + * recommended to use the FreeRTOS+TCP stack. The default values are defined in + * FreeRTOSConfig.h. */ + +/** + * @brief Initializes the board. + */ +static void prvMiscInitialization( void ); + +/*-----------------------------------------------------------*/ + +/** + * @brief Application runtime entry point. + */ +int app_main( void ) +{ + /* Perform any hardware initialization that does not require the RTOS to be + * running. */ + + prvMiscInitialization(); + + if( SYSTEM_Init() == pdPASS ) + { + /* A simple example to demonstrate key and certificate provisioning in + * microcontroller flash using PKCS#11 interface. This should be replaced + * by production ready key provisioning mechanism. */ + vDevModeKeyProvisioning(); + + /* Run all demos. */ + DEMO_RUNNER_RunDemos(); + } + + /* Start the scheduler. Initialization that requires the OS to be running, + * including the WiFi initialization, is performed in the RTOS daemon task + * startup hook. */ + /* Following is taken care by initialization code in ESP IDF */ + /* vTaskStartScheduler(); */ + return 0; +} + +/*-----------------------------------------------------------*/ +extern void vApplicationIPInit( void ); +static void prvMiscInitialization( void ) +{ + /* Initialize NVS */ + esp_err_t ret = nvs_flash_init(); + + if( ( ret == ESP_ERR_NVS_NO_FREE_PAGES ) || ( ret == ESP_ERR_NVS_NEW_VERSION_FOUND ) ) + { + ESP_ERROR_CHECK( nvs_flash_erase() ); + ret = nvs_flash_init(); + } + + ESP_ERROR_CHECK( ret ); + + /* Create tasks that are not dependent on the WiFi being initialized. */ + xLoggingTaskInitialize( mainLOGGING_TASK_STACK_SIZE, + tskIDLE_PRIORITY + 5, + mainLOGGING_MESSAGE_QUEUE_LENGTH ); + +#if AFR_ESP_LWIP + configPRINTF( ("Initializing lwIP TCP stack\r\n") ); + esp_netif_init(); +#else + configPRINTF( ("Initializing FreeRTOS TCP stack\r\n") ); + vApplicationIPInit(); +#endif +} + +/*-----------------------------------------------------------*/ + +extern void esp_vApplicationTickHook(); +void IRAM_ATTR vApplicationTickHook() +{ + esp_vApplicationTickHook(); +} + +/*-----------------------------------------------------------*/ +extern void esp_vApplicationIdleHook(); +void vApplicationIdleHook() +{ + esp_vApplicationIdleHook(); +} + +/*-----------------------------------------------------------*/ + +void vApplicationDaemonTaskStartupHook( void ) +{ +} + +#if !AFR_ESP_LWIP +/*-----------------------------------------------------------*/ +void vApplicationIPNetworkEventHook( eIPCallbackEvent_t eNetworkEvent ) +{ + uint32_t ulIPAddress, ulNetMask, ulGatewayAddress, ulDNSServerAddress; + system_event_t evt; + + if( eNetworkEvent == eNetworkUp ) + { + /* Print out the network configuration, which may have come from a DHCP + * server. */ + FreeRTOS_GetAddressConfiguration( + &ulIPAddress, + &ulNetMask, + &ulGatewayAddress, + &ulDNSServerAddress ); + + evt.event_id = SYSTEM_EVENT_STA_GOT_IP; + evt.event_info.got_ip.ip_changed = true; + evt.event_info.got_ip.ip_info.ip.addr = ulIPAddress; + evt.event_info.got_ip.ip_info.netmask.addr = ulNetMask; + evt.event_info.got_ip.ip_info.gw.addr = ulGatewayAddress; + esp_event_send( &evt ); + } +} +#endif diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSConfig.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSConfig.h new file mode 100644 index 00000000000..06e475ddc2f --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSConfig.h @@ -0,0 +1,414 @@ +/* + * FreeRTOS Kernel V10.2.0 + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#ifndef FREERTOS_CONFIG_H +#define FREERTOS_CONFIG_H + +/* The ESP32 development environment defines application configurations in this header. + * The configurations are updated in the "Espressif IDF Configuration" menu that appears + * when a "make menuconfig" is run from a 32 bit GNU compatible environment. + */ +#include "sdkconfig.h" + +/* Required for configuration-dependent settings */ +#include "xtensa_config.h" + +#ifndef __ASSEMBLER__ + #include /* for abort() */ + #include "esp32s2/rom/ets_sys.h" + #include + #include "soc/cpu.h" + #include "esp_attr.h" + + #if CONFIG_SYSVIEW_ENABLE + #include "SEGGER_SYSVIEW_FreeRTOS.h" + #undef INLINE // to avoid redefinition + #endif +#endif /* def __ASSEMBLER__ */ + +#define pdTICKS_TO_MS( xTicks ) ( ( uint32_t ) ( xTicks ) * 1000 / configTICK_RATE_HZ ) + +/*----------------------------------------------------------- + * Application specific definitions. + * + * These definitions should be adjusted for your particular hardware and + * application requirements. + * + * Note that the default heap size is deliberately kept small so that + * the build is more likely to succeed for configurations with limited + * memory. + * + * THESE PARAMETERS ARE DESCRIBED WITHIN THE 'CONFIGURATION' SECTION OF THE + * FreeRTOS API DOCUMENTATION AVAILABLE ON THE FreeRTOS.org WEB SITE. + *----------------------------------------------------------*/ + +#define configUSE_PREEMPTION 1 +#define configUSE_IDLE_HOOK ( CONFIG_FREERTOS_LEGACY_IDLE_HOOK ) +#define configUSE_TICK_HOOK ( CONFIG_FREERTOS_LEGACY_TICK_HOOK ) +#define configTICK_RATE_HZ ( CONFIG_FREERTOS_HZ ) +#define configUSE_DAEMON_TASK_STARTUP_HOOK 1 + +/* Use the default clock rate for simulator. */ +/* #define configCPU_CLOCK_HZ 80000000 */ + +/* This has impact on speed of search for highest priority. */ +#ifdef SMALL_TEST + #define configMAX_PRIORITIES ( 7 ) +#else + #define configMAX_PRIORITIES ( 25 ) +#endif + +#ifndef CONFIG_ESP32_APPTRACE_ENABLE + #define configMINIMAL_STACK_SIZE 768 +#else + /* The apptrace module requires at least 2KB of stack per task. */ + #define configMINIMAL_STACK_SIZE 2048 +#endif + +#define configUSE_MUTEXES 1 +#define configUSE_RECURSIVE_MUTEXES 1 +#define configUSE_COUNTING_SEMAPHORES 1 +#define configUSE_16_BIT_TICKS 0 +#define configIDLE_SHOULD_YIELD 0 +#define configQUEUE_REGISTRY_SIZE CONFIG_FREERTOS_QUEUE_REGISTRY_SIZE +#define configMAX_TASK_NAME_LEN ( CONFIG_FREERTOS_MAX_TASK_NAME_LEN ) +#define configUSE_POSIX_ERRNO 1 + +#if CONFIG_FREERTOS_CHECK_STACKOVERFLOW_NONE + #define configCHECK_FOR_STACK_OVERFLOW 0 +#elif CONFIG_FREERTOS_CHECK_STACKOVERFLOW_PTRVAL + #define configCHECK_FOR_STACK_OVERFLOW 1 +#elif CONFIG_FREERTOS_CHECK_STACKOVERFLOW_CANARY + #define configCHECK_FOR_STACK_OVERFLOW 2 +#endif + +/* We define the heap to span all of the non-statically-allocated shared RAM. + * TODO: Make sure there is some space left for the app and main cpu when running outside + * of a thread. */ +#define configAPPLICATION_ALLOCATED_HEAP 1 +#define configTOTAL_HEAP_SIZE (&_heap_end - &_heap_start)//( ( size_t ) (64 * 1024) ) + +#ifndef configIDLE_TASK_STACK_SIZE + #define configIDLE_TASK_STACK_SIZE CONFIG_FREERTOS_IDLE_TASK_STACKSIZE +#endif + +/* The Xtensa port uses a separate interrupt stack. Adjust the stack size */ +/* to suit the needs of your specific application. */ +#ifndef configISR_STACK_SIZE + #define configISR_STACK_SIZE CONFIG_FREERTOS_ISR_STACKSIZE +#endif + +/* configASSERT behaviour */ +#if defined(CONFIG_FREERTOS_ASSERT_DISABLE) + #define configASSERT(a) /* assertions disabled */ +#elif defined(CONFIG_FREERTOS_ASSERT_FAIL_PRINT_CONTINUE) + #define configASSERT(a) if (!(a)) { \ + ( void ) ets_printf("%s:%d (%s)- assert failed!\n", \ + __FILE__, __LINE__, __FUNCTION__); \ + } +#else /* CONFIG_FREERTOS_ASSERT_FAIL_ABORT */ + #define configASSERT(a) if (!(a)) { \ + ( void ) ets_printf("%s:%d (%s)- assert failed!\n", \ + __FILE__, __LINE__, __FUNCTION__); \ + abort(); \ + } +#endif + + +#ifndef __ASSEMBLER__ + /* The function that implements FreeRTOS printf style output, and the macro + * that maps the configPRINTF() macros to that function. */ + extern void vLoggingPrintf( const char * pcFormat, ... ); + #define configPRINTF( X ) vLoggingPrintf X + + /* Non-format version thread-safe print. */ + extern void vLoggingPrint( const char * pcMessage ); + #define configPRINT( X ) vLoggingPrint( X ) + + /* Map the logging task's printf to the board specific output function. */ + #define configPRINT_STRING( x ) printf( x ) +#endif /* #ifndef __ASSEMBER__ */ + +/* Sets the length of the buffers into which logging messages are written - so + * also defines the maximum length of each log message. */ +#define configLOGGING_MAX_MESSAGE_LENGTH 192 + +/* Set to 1 to prepend each log message with a message number, the task name, + * and a time stamp. */ +#define configLOGGING_INCLUDE_TIME_AND_TASK_NAME 1 + +/* Co-routine definitions. */ +#define configUSE_CO_ROUTINES 0 +#define configMAX_CO_ROUTINE_PRIORITIES ( 2 ) + +/* Test FreeRTOS timers (with timer task) and more. */ +/* Some files don't compile if this flag is disabled */ +#define configUSE_TIMERS 1 +#define configTIMER_TASK_PRIORITY CONFIG_FREERTOS_TIMER_TASK_PRIORITY +#define configTIMER_QUEUE_LENGTH CONFIG_FREERTOS_TIMER_QUEUE_LENGTH +#define configTIMER_TASK_STACK_DEPTH CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH + +#define INCLUDE_xTimerPendFunctionCall 1 +#define INCLUDE_eTaskGetState 1 +#define configUSE_QUEUE_SETS 1 + +#define configUSE_TICKLESS_IDLE CONFIG_FREERTOS_USE_TICKLESS_IDLE +#if configUSE_TICKLESS_IDLE +#define configEXPECTED_IDLE_TIME_BEFORE_SLEEP CONFIG_FREERTOS_IDLE_TIME_BEFORE_SLEEP +#endif //configUSE_TICKLESS_IDLE +#define configENABLE_TASK_SNAPSHOT 1 + +#define configINCLUDE_FREERTOS_TASK_C_ADDITIONS_H 1 + +/* Set the following definitions to 1 to include the API function, or zero + to exclude the API function. */ +#define INCLUDE_vTaskPrioritySet 1 +#define INCLUDE_uxTaskPriorityGet 1 +#define INCLUDE_vTaskDelete 1 +#define INCLUDE_vTaskCleanUpResources 0 +#define INCLUDE_vTaskSuspend 1 +#define INCLUDE_vTaskDelayUntil 1 +#define INCLUDE_vTaskDelay 1 +#define INCLUDE_uxTaskGetStackHighWaterMark 1 +#define INCLUDE_pcTaskGetTaskName 1 +#define INCLUDE_xTaskGetIdleTaskHandle 1 +#define INCLUDE_pxTaskGetStackStart 1 +#define INCLUDE_xSemaphoreGetMutexHolder 1 + +/* The priority at which the tick interrupt runs. This should probably be + kept at 1. */ +#define configKERNEL_INTERRUPT_PRIORITY 1 + +/* The maximum interrupt priority from which FreeRTOS.org API functions can + be called. Only API functions that end in ...FromISR() can be used within + interrupts. */ +#define configMAX_SYSCALL_INTERRUPT_PRIORITY XCHAL_EXCM_LEVEL + +#define configUSE_NEWLIB_REENTRANT 1 + +#define configSUPPORT_DYNAMIC_ALLOCATION 1 +#define configSUPPORT_STATIC_ALLOCATION CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION + +#ifndef __ASSEMBLER__ + extern void vPortCleanUpTCB ( void *pxTCB ); + #define portCLEAN_UP_TCB( pxTCB ) vPortCleanUpTCB( pxTCB ) +#endif + +#ifdef CONFIG_FREERTOS_USE_TRACE_FACILITY + #define configUSE_TRACE_FACILITY 1 /* Used by uxTaskGetSystemState(), and other trace facility functions */ +#endif + +#ifdef CONFIG_FREERTOS_USE_STATS_FORMATTING_FUNCTIONS + #define configUSE_STATS_FORMATTING_FUNCTIONS 1 /* Used by vTaskList() */ +#endif + +#ifdef CONFIG_FREERTOS_GENERATE_RUN_TIME_STATS + #define configGENERATE_RUN_TIME_STATS 1 /* Used by vTaskGetRunTimeStats() */ +#endif + + +/* This demo creates a virtual network connection by accessing the raw Ethernet + * or WiFi data to and from a real network connection. Many computers have more + * than one real network port, and configNETWORK_INTERFACE_TO_USE is used to tell + * the demo which real port should be used to create the virtual port. The ports + * available are displayed on the console when the application is executed. For + * example, on my development laptop setting configNETWORK_INTERFACE_TO_USE to 4 + * results in the wired network being used, while setting + * configNETWORK_INTERFACE_TO_USE to 2 results in the wireless network being + * used. */ +#define configNETWORK_INTERFACE_TO_USE 2L + +/* The address of an echo server that will be used by the two demo echo client + * tasks: + * http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_Echo_Clients.html, + * http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/UDP_Echo_Clients.html. */ +#define configECHO_SERVER_ADDR0 192 +#define configECHO_SERVER_ADDR1 168 +#define configECHO_SERVER_ADDR2 2 +#define configECHO_SERVER_ADDR3 7 +#define configTCP_ECHO_CLIENT_PORT 7 + +/* Default MAC address configuration. The demo creates a virtual network + * connection that uses this MAC address by accessing the raw Ethernet/WiFi data + * to and from a real network connection on the host PC. See the + * configNETWORK_INTERFACE_TO_USE definition above for information on how to + * configure the real network connection to use. */ +#define configMAC_ADDR0 0x00 +#define configMAC_ADDR1 0x11 +#define configMAC_ADDR2 0x22 +#define configMAC_ADDR3 0x33 +#define configMAC_ADDR4 0x44 +#define configMAC_ADDR5 0x21 + +/* Default IP address configuration. Used in ipconfigUSE_DHCP is set to 0, or + * ipconfigUSE_DHCP is set to 1 but a DNS server cannot be contacted. */ +#define configIP_ADDR0 192 +#define configIP_ADDR1 168 +#define configIP_ADDR2 0 +#define configIP_ADDR3 105 + +/* Default gateway IP address configuration. Used in ipconfigUSE_DHCP is set to + * 0, or ipconfigUSE_DHCP is set to 1 but a DNS server cannot be contacted. */ +#define configGATEWAY_ADDR0 192 +#define configGATEWAY_ADDR1 168 +#define configGATEWAY_ADDR2 0 +#define configGATEWAY_ADDR3 1 + +/* Default DNS server configuration. OpenDNS addresses are 208.67.222.222 and + * 208.67.220.220. Used in ipconfigUSE_DHCP is set to 0, or ipconfigUSE_DHCP is + * set to 1 but a DNS server cannot be contacted.*/ +#define configDNS_SERVER_ADDR0 208 +#define configDNS_SERVER_ADDR1 67 +#define configDNS_SERVER_ADDR2 222 +#define configDNS_SERVER_ADDR3 222 + +/* Default netmask configuration. Used in ipconfigUSE_DHCP is set to 0, or + * ipconfigUSE_DHCP is set to 1 but a DNS server cannot be contacted. */ +#define configNET_MASK0 255 +#define configNET_MASK1 255 +#define configNET_MASK2 255 +#define configNET_MASK3 0 + +/* The UDP port to which print messages are sent. */ +#define configPRINT_PORT ( 15000 ) + +#define configPROFILING ( 0 ) + +/* The platform FreeRTOS is running on. */ +#define configPLATFORM_NAME "EspressifESP32-S2" + +#ifndef __ASSEMBLER__ +/*----------------------------------------------------------- + * Segger Sysview FreeRTOS configurations. + *-----------------------------------------------------------*/ + #ifndef traceISR_EXIT_TO_SCHEDULER + #define traceISR_EXIT_TO_SCHEDULER() + #endif + + #ifndef traceISR_EXIT + #define traceISR_EXIT() + #endif + + #ifndef traceISR_ENTER + #define traceISR_ENTER(_n_) + #endif + +/*----------------------------------------------------------- + * Extra ESP32 Specific Functions defined in extra.c + *-----------------------------------------------------------*/ + + int xTaskCreatePinnedToCore( void (*pxTaskCode)(void*), + const char * const pcName, + const uint32_t usStackDepth, + void * const pvParameters, + unsigned uxPriority, + void * const pxCreatedTask, + const int xCoreID ); + + + static inline bool IRAM_ATTR xPortCanYield(void) + { + uint32_t ps_reg = 0; + + //Get the current value of PS (processor status) register + RSR(PS, ps_reg); + + /* + * intlevel = (ps_reg & 0xf); + * excm = (ps_reg >> 4) & 0x1; + * CINTLEVEL is max(excm * EXCMLEVEL, INTLEVEL), where EXCMLEVEL is 3. + * However, just return true, only intlevel is zero. + */ + + return ((ps_reg & PS_INTLEVEL_MASK) == 0); + } + + #define xTaskGetIdleTaskHandleForCPU(i) xTaskGetIdleTaskHandle() + + #define xTaskGetCurrentTaskHandleForCPU(i) xTaskGetCurrentTaskHandle() + + static inline int xTaskGetAffinity(void* arg) + { + return 0; + } + + #define tskNO_AFFINITY INT32_MAX + + extern struct _reent *_impure_ptr; + + extern void esp_tasks_c_additions_init(); + #define FREERTOS_TASKS_C_ADDITIONS_INIT() esp_tasks_c_additions_init() + +#endif /* #ifndef __ASSEMBLER__ */ + +/*----------------------------------------------------------- + * ESP32/Xtensa Specific configurations. + *-----------------------------------------------------------*/ + +/* ESP31 and ESP32 are dualcore processors. */ +#ifndef CONFIG_FREERTOS_UNICORE + #define portNUM_PROCESSORS 2 +#else + #define portNUM_PROCESSORS 1 +#endif + +#define configUSE_TRACE_FACILITY_2 0 /* Provided by Xtensa port patch */ +#define configBENCHMARK 0 /* Provided by Xtensa port patch */ + +#define XT_USE_THREAD_SAFE_CLIB 0 +#define configASSERT_2 0 +#define configUSE_MUTEX 1 +#undef XT_USE_SWPRI + +#if CONFIG_FREERTOS_CORETIMER_0 + #define XT_TIMER_INDEX 0 +#elif CONFIG_FREERTOS_CORETIMER_1 + #define XT_TIMER_INDEX 1 +#endif + +#define configNUM_THREAD_LOCAL_STORAGE_POINTERS CONFIG_FREERTOS_THREAD_LOCAL_STORAGE_POINTERS +#define configTHREAD_LOCAL_STORAGE_DELETE_CALLBACKS 1 + +#ifndef __ASSEMBLER__ + /** + * This function is defined to provide a deprecation warning whenever + * XT_CLOCK_FREQ macro is used. + * Update the code to use esp_clk_cpu_freq function instead. + * @return current CPU clock frequency, in Hz + */ + int xt_clock_freq(void) __attribute__((deprecated)); + #define XT_CLOCK_FREQ (xt_clock_freq()) +#endif // __ASSEMBLER__ + +#define configXT_BOARD 1 /* Board mode. */ +#define configXT_SIMULATOR 0 + +#if CONFIG_FREERTOS_ASSERT_ON_UNTESTED_FUNCTION + #define UNTESTED_FUNCTION() { ets_printf("Untested FreeRTOS function %s\r\n", __FUNCTION__); configASSERT(false); } while(0) +#else + #define UNTESTED_FUNCTION() +#endif + +#endif /* #define FREERTOS_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSIPConfig.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSIPConfig.h new file mode 100644 index 00000000000..9fed74eccd2 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/FreeRTOSIPConfig.h @@ -0,0 +1,318 @@ +/* + * FreeRTOS Kernel V10.2.0 + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/***************************************************************************** +* +* See the following URL for configuration information. +* http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_IP_Configuration.html +* +*****************************************************************************/ + +#ifndef FREERTOS_IP_CONFIG_H +#define FREERTOS_IP_CONFIG_H + +/* Prototype for the function used to print out. In this case it prints to the + * console before the network is connected then a UDP port after the network has + * connected. */ +extern void vLoggingPrintf( const char * pcFormatString, + ... ); + +/* Set to 1 to print out debug messages. If ipconfigHAS_DEBUG_PRINTF is set to + * 1 then FreeRTOS_debug_printf should be defined to the function used to print + * out the debugging messages. */ +#define ipconfigHAS_DEBUG_PRINTF 0 +#if ( ipconfigHAS_DEBUG_PRINTF == 1 ) + #define FreeRTOS_debug_printf( X ) configPRINTF( X ) +#endif + +/* Set to 1 to print out non debugging messages, for example the output of the + * FreeRTOS_netstat() command, and ping replies. If ipconfigHAS_PRINTF is set to 1 + * then FreeRTOS_printf should be set to the function used to print out the + * messages. */ +#define ipconfigHAS_PRINTF 1 +#if ( ipconfigHAS_PRINTF == 1 ) + #define FreeRTOS_printf( X ) configPRINTF( X ) + /* Allow monitoring the message queue of the IP-task. */ + #define ipconfigCHECK_IP_QUEUE_SPACE 1 +#endif + +/* Define the byte order of the target MCU (the MCU FreeRTOS+TCP is executing + * on). Valid options are pdFREERTOS_BIG_ENDIAN and pdFREERTOS_LITTLE_ENDIAN. */ +#define ipconfigBYTE_ORDER pdFREERTOS_LITTLE_ENDIAN + +/* If the network card/driver includes checksum offloading (IP/TCP/UDP checksums) + * then set ipconfigDRIVER_INCLUDED_RX_IP_CHECKSUM to 1 to prevent the software + * stack repeating the checksum calculations. */ +#define ipconfigDRIVER_INCLUDED_RX_IP_CHECKSUM 1 + +/* TX checksum offloading has NOT been implemented in the Wi-Fi of ESP32. */ +#define ipconfigDRIVER_INCLUDED_TX_IP_CHECKSUM 0 + +/* Several API's will block until the result is known, or the action has been + * performed, for example FreeRTOS_send() and FreeRTOS_recv(). The timeouts can be + * set per socket, using setsockopt(). If not set, the times below will be + * used as defaults. */ +#define ipconfigSOCK_DEFAULT_RECEIVE_BLOCK_TIME ( 500 ) +#define ipconfigSOCK_DEFAULT_SEND_BLOCK_TIME ( 500 ) + +/* Include support for DNS caching. For TCP, having a small DNS cache is very + * useful. When a cache is present, ipconfigDNS_REQUEST_ATTEMPTS can be kept low + * and also DNS may use small timeouts. If a DNS reply comes in after the DNS + * socket has been destroyed, the result will be stored into the cache. The next + * call to FreeRTOS_gethostbyname() will return immediately, without even creating + * a socket. + */ +#define ipconfigUSE_DNS_CACHE ( 1 ) +#define ipconfigDNS_CACHE_ADDRESSES_PER_ENTRY ( 6 ) +#define ipconfigDNS_REQUEST_ATTEMPTS ( 2 ) + +/* The IP stack executes it its own task (although any application task can make + * use of its services through the published sockets API). ipconfigUDP_TASK_PRIORITY + * sets the priority of the task that executes the IP stack. The priority is a + * standard FreeRTOS task priority so can take any value from 0 (the lowest + * priority) to (configMAX_PRIORITIES - 1) (the highest priority). + * configMAX_PRIORITIES is a standard FreeRTOS configuration parameter defined in + * FreeRTOSConfig.h, not FreeRTOSIPConfig.h. Consideration needs to be given as to + * the priority assigned to the task executing the IP stack relative to the + * priority assigned to tasks that use the IP stack. */ +#define ipconfigIP_TASK_PRIORITY ( configMAX_PRIORITIES - 7 ) + +/* The size, in words (not bytes), of the stack allocated to the FreeRTOS+TCP + * task. This setting is less important when the FreeRTOS Win32 simulator is used + * as the Win32 simulator only stores a fixed amount of information on the task + * stack. FreeRTOS includes optional stack overflow detection, see: + * http://www.freertos.org/Stacks-and-stack-overflow-checking.html. */ +#define ipconfigIP_TASK_STACK_SIZE_WORDS ( configMINIMAL_STACK_SIZE * 5 ) + +/* ipconfigRAND32() is called by the IP stack to generate random numbers for + * things such as a DHCP transaction number or initial sequence number. Random + * number generation is performed via this macro to allow applications to use their + * own random number generation method. For example, it might be possible to + * generate a random number by sampling noise on an analogue input. */ +extern uint32_t ulRand(); +#define ipconfigRAND32() ulRand() + +/* If ipconfigUSE_NETWORK_EVENT_HOOK is set to 1 then FreeRTOS+TCP will call the + * network event hook at the appropriate times. If ipconfigUSE_NETWORK_EVENT_HOOK + * is not set to 1 then the network event hook will never be called. See: + * http://www.FreeRTOS.org/FreeRTOS-Plus/FreeRTOS_Plus_UDP/API/vApplicationIPNetworkEventHook.shtml. + */ +#define ipconfigUSE_NETWORK_EVENT_HOOK 1 + +/* Sockets have a send block time attribute. If FreeRTOS_sendto() is called but + * a network buffer cannot be obtained then the calling task is held in the Blocked + * state (so other tasks can continue to executed) until either a network buffer + * becomes available or the send block time expires. If the send block time expires + * then the send operation is aborted. The maximum allowable send block time is + * capped to the value set by ipconfigMAX_SEND_BLOCK_TIME_TICKS. Capping the + * maximum allowable send block time prevents prevents a deadlock occurring when + * all the network buffers are in use and the tasks that process (and subsequently + * free) the network buffers are themselves blocked waiting for a network buffer. + * ipconfigMAX_SEND_BLOCK_TIME_TICKS is specified in RTOS ticks. A time in + * milliseconds can be converted to a time in ticks by dividing the time in + * milliseconds by portTICK_PERIOD_MS. */ +#define ipconfigUDP_MAX_SEND_BLOCK_TIME_TICKS ( 5000 / portTICK_PERIOD_MS ) + +/* If ipconfigUSE_DHCP is 1 then FreeRTOS+TCP will attempt to retrieve an IP + * address, netmask, DNS server address and gateway address from a DHCP server. If + * ipconfigUSE_DHCP is 0 then FreeRTOS+TCP will use a static IP address. The + * stack will revert to using the static IP address even when ipconfigUSE_DHCP is + * set to 1 if a valid configuration cannot be obtained from a DHCP server for any + * reason. The static configuration used is that passed into the stack by the + * FreeRTOS_IPInit() function call. */ +#define ipconfigUSE_DHCP 1 +#define ipconfigDHCP_REGISTER_HOSTNAME 1 +#define ipconfigDHCP_USES_UNICAST 1 + +/* If ipconfigDHCP_USES_USER_HOOK is set to 1 then the application writer must + * provide an implementation of the DHCP callback function, + * xApplicationDHCPUserHook(). */ +#define ipconfigUSE_DHCP_HOOK 0 + +/* When ipconfigUSE_DHCP is set to 1, DHCP requests will be sent out at + * increasing time intervals until either a reply is received from a DHCP server + * and accepted, or the interval between transmissions reaches + * ipconfigMAXIMUM_DISCOVER_TX_PERIOD. The IP stack will revert to using the + * static IP address passed as a parameter to FreeRTOS_IPInit() if the + * re-transmission time interval reaches ipconfigMAXIMUM_DISCOVER_TX_PERIOD without + * a DHCP reply being received. */ +#define ipconfigMAXIMUM_DISCOVER_TX_PERIOD \ + ( 120000 / portTICK_PERIOD_MS ) + +/* The ARP cache is a table that maps IP addresses to MAC addresses. The IP + * stack can only send a UDP message to a remove IP address if it knowns the MAC + * address associated with the IP address, or the MAC address of the router used to + * contact the remote IP address. When a UDP message is received from a remote IP + * address the MAC address and IP address are added to the ARP cache. When a UDP + * message is sent to a remote IP address that does not already appear in the ARP + * cache then the UDP message is replaced by a ARP message that solicits the + * required MAC address information. ipconfigARP_CACHE_ENTRIES defines the maximum + * number of entries that can exist in the ARP table at any one time. */ +#define ipconfigARP_CACHE_ENTRIES 6 + +/* ARP requests that do not result in an ARP response will be re-transmitted a + * maximum of ipconfigMAX_ARP_RETRANSMISSIONS times before the ARP request is + * aborted. */ +#define ipconfigMAX_ARP_RETRANSMISSIONS ( 5 ) + +/* ipconfigMAX_ARP_AGE defines the maximum time between an entry in the ARP + * table being created or refreshed and the entry being removed because it is stale. + * New ARP requests are sent for ARP cache entries that are nearing their maximum + * age. ipconfigMAX_ARP_AGE is specified in tens of seconds, so a value of 150 is + * equal to 1500 seconds (or 25 minutes). */ +#define ipconfigMAX_ARP_AGE 150 + +/* Implementing FreeRTOS_inet_addr() necessitates the use of string handling + * routines, which are relatively large. To save code space the full + * FreeRTOS_inet_addr() implementation is made optional, and a smaller and faster + * alternative called FreeRTOS_inet_addr_quick() is provided. FreeRTOS_inet_addr() + * takes an IP in decimal dot format (for example, "192.168.0.1") as its parameter. + * FreeRTOS_inet_addr_quick() takes an IP address as four separate numerical octets + * (for example, 192, 168, 0, 1) as its parameters. If + * ipconfigINCLUDE_FULL_INET_ADDR is set to 1 then both FreeRTOS_inet_addr() and + * FreeRTOS_indet_addr_quick() are available. If ipconfigINCLUDE_FULL_INET_ADDR is + * not set to 1 then only FreeRTOS_indet_addr_quick() is available. */ +#define ipconfigINCLUDE_FULL_INET_ADDR 1 + +/* ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS defines the total number of network buffer that + * are available to the IP stack. The total number of network buffers is limited + * to ensure the total amount of RAM that can be consumed by the IP stack is capped + * to a pre-determinable value. */ +#define ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS 60 + +/* A FreeRTOS queue is used to send events from application tasks to the IP + * stack. ipconfigEVENT_QUEUE_LENGTH sets the maximum number of events that can + * be queued for processing at any one time. The event queue must be a minimum of + * 5 greater than the total number of network buffers. */ +#define ipconfigEVENT_QUEUE_LENGTH \ + ( ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS + 5 ) + +/* The address of a socket is the combination of its IP address and its port + * number. FreeRTOS_bind() is used to manually allocate a port number to a socket + * (to 'bind' the socket to a port), but manual binding is not normally necessary + * for client sockets (those sockets that initiate outgoing connections rather than + * wait for incoming connections on a known port number). If + * ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND is set to 1 then calling + * FreeRTOS_sendto() on a socket that has not yet been bound will result in the IP + * stack automatically binding the socket to a port number from the range + * socketAUTO_PORT_ALLOCATION_START_NUMBER to 0xffff. If + * ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND is set to 0 then calling FreeRTOS_sendto() + * on a socket that has not yet been bound will result in the send operation being + * aborted. */ +#define ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND 1 + +/* Defines the Time To Live (TTL) values used in outgoing UDP packets. */ +#define ipconfigUDP_TIME_TO_LIVE 128 +/* Also defined in FreeRTOSIPConfigDefaults.h. */ +#define ipconfigTCP_TIME_TO_LIVE 128 + +/* USE_TCP: Use TCP and all its features. */ +#define ipconfigUSE_TCP ( 1 ) + +/* USE_WIN: Let TCP use windowing mechanism. */ +#define ipconfigUSE_TCP_WIN ( 1 ) + +/* The MTU is the maximum number of bytes the payload of a network frame can + * contain. For normal Ethernet V2 frames the maximum MTU is 1500. Setting a + * lower value can save RAM. */ +#define ipconfigNETWORK_MTU 1460 + +/* Set ipconfigUSE_DNS to 1 to include a basic DNS client/resolver. DNS is used + * through the FreeRTOS_gethostbyname() API function. */ +#define ipconfigUSE_DNS 1 + +/* If ipconfigREPLY_TO_INCOMING_PINGS is set to 1 then the IP stack will + * generate replies to incoming ICMP echo (ping) requests. */ +#define ipconfigREPLY_TO_INCOMING_PINGS 1 + +/* If ipconfigSUPPORT_OUTGOING_PINGS is set to 1 then the + * FreeRTOS_SendPingRequest() API function is available. */ +#define ipconfigSUPPORT_OUTGOING_PINGS 0 + +/* If ipconfigSUPPORT_SELECT_FUNCTION is set to 1 then the FreeRTOS_select() + * (and associated) API function is available. */ +#define ipconfigSUPPORT_SELECT_FUNCTION 0 + +/* If ipconfigFILTER_OUT_NON_ETHERNET_II_FRAMES is set to 1 then Ethernet frames + * that are not in Ethernet II format will be dropped. This option is included for + * potential future IP stack developments. */ +#define ipconfigFILTER_OUT_NON_ETHERNET_II_FRAMES 1 + +/* If ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES is set to 1 then it is the + * responsibility of the Ethernet interface to filter out packets that are of no + * interest. If the Ethernet interface does not implement this functionality, then + * set ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES to 0 to have the IP stack + * perform the filtering instead (it is much less efficient for the stack to do it + * because the packet will already have been passed into the stack). If the + * Ethernet driver does all the necessary filtering in hardware then software + * filtering can be removed by using a value other than 1 or 0. */ +#define ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES 1 + +/* The windows simulator cannot really simulate MAC interrupts, and needs to + * block occasionally to allow other tasks to run. */ +#define configWINDOWS_MAC_INTERRUPT_SIMULATOR_DELAY ( 20 / portTICK_PERIOD_MS ) + +/* Advanced only: in order to access 32-bit fields in the IP packets with + * 32-bit memory instructions, all packets will be stored 32-bit-aligned, + * plus 16-bits. This has to do with the contents of the IP-packets: all + * 32-bit fields are 32-bit-aligned, plus 16-bit. */ +#define ipconfigPACKET_FILLER_SIZE 2 + +/* Define the size of the pool of TCP window descriptors. On the average, each + * TCP socket will use up to 2 x 6 descriptors, meaning that it can have 2 x 6 + * outstanding packets (for Rx and Tx). When using up to 10 TP sockets + * simultaneously, one could define TCP_WIN_SEG_COUNT as 120. */ +#define ipconfigTCP_WIN_SEG_COUNT 240 + +/* Each TCP socket has a circular buffers for Rx and Tx, which have a fixed + * maximum size. Define the size of Rx buffer for TCP sockets. */ +#define ipconfigTCP_RX_BUFFER_LENGTH ( 3000 ) + +/* Define the size of Tx buffer for TCP sockets. */ +#define ipconfigTCP_TX_BUFFER_LENGTH ( 3000 ) + +/* When using call-back handlers, the driver may check if the handler points to + * real program memory (RAM or flash) or just has a random non-zero value. */ +#define ipconfigIS_VALID_PROG_ADDRESS( x ) ( ( x ) != NULL ) + +/* Include support for TCP keep-alive messages. */ +#define ipconfigTCP_KEEP_ALIVE ( 1 ) +#define ipconfigTCP_KEEP_ALIVE_INTERVAL ( 20 ) /* Seconds. */ + +/* The socket semaphore is used to unblock the MQTT task. */ +#define ipconfigSOCKET_HAS_USER_SEMAPHORE ( 0 ) + +#define ipconfigSOCKET_HAS_USER_WAKE_CALLBACK ( 1 ) +#define ipconfigUSE_CALLBACKS ( 0 ) + + +#define portINLINE __inline + +void vApplicationMQTTGetKeys( const char ** ppcRootCA, + const char ** ppcClientCert, + const char ** ppcClientPrivateKey ); + +#endif /* FREERTOS_IP_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_bufferpool_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_bufferpool_config.h new file mode 100644 index 00000000000..2db28859876 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_bufferpool_config.h @@ -0,0 +1,44 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_bufferpool_config.h + * @brief Buffer Pool config options. + */ + +#ifndef _AWS_BUFFER_POOL_CONFIG_H_ +#define _AWS_BUFFER_POOL_CONFIG_H_ + +/** + * @brief The number of buffers in the static buffer pool. + */ +#define bufferpoolconfigNUM_BUFFERS ( 8 ) + +/** + * @brief The size of each buffer in the static buffer pool. + */ +#define bufferpoolconfigBUFFER_SIZE ( 2048 + 128 ) + +#endif /* _AWS_BUFFER_POOL_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_demo_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_demo_config.h new file mode 100644 index 00000000000..42bd60dc34d --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_demo_config.h @@ -0,0 +1,79 @@ +/* + * FreeRTOS V1.4.7 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#ifndef _AWS_DEMO_CONFIG_H_ +#define _AWS_DEMO_CONFIG_H_ + +/* To run a particular demo you need to define one of these. + * Only one demo can be configured at a time + * + * CONFIG_MQTT_DEMO_ENABLED + * CONFIG_SHADOW_DEMO_ENABLED + * CONFIG_GREENGRASS_DISCOVERY_DEMO_ENABLED + * CONFIG_TCP_ECHO_CLIENT_DEMO_ENABLED + * CONFIG_DEFENDER_DEMO_ENABLED + * CONFIG_OTA_UPDATE_DEMO_ENABLED + * CONFIG_BLE_GATT_SERVER_DEMO_ENABLED + * CONFIG_HTTPS_SYNC_DOWNLOAD_DEMO_ENABLED + * CONFIG_HTTPS_ASYNC_DOWNLOAD_DEMO_ENABLED + * CONFIG_HTTPS_SYNC_UPLOAD_DEMO_ENABLED + * CONFIG_HTTPS_ASYNC_UPLOAD_DEMO_ENABLED + * + * These defines are used in iot_demo_runner.h for demo selection */ + +#define CONFIG_MQTT_DEMO_ENABLED + +/* Default configuration for all demos. Individual demos can override these below */ +#define democonfigDEMO_STACKSIZE ( configMINIMAL_STACK_SIZE * 8 ) +#define democonfigDEMO_PRIORITY ( tskIDLE_PRIORITY + 5 ) +#define democonfigNETWORK_TYPES ( AWSIOT_NETWORK_TYPE_WIFI ) + +#if defined( CONFIG_MQTT_DEMO_ENABLED ) + #undef democonfigNETWORK_TYPES + #define democonfigNETWORK_TYPES ( AWSIOT_NETWORK_TYPE_WIFI ) +#endif + +#if defined( CONFIG_OTA_UPDATE_DEMO_ENABLED ) + #undef democonfigNETWORK_TYPES + #define democonfigNETWORK_TYPES ( AWSIOT_NETWORK_TYPE_WIFI ) +#endif + +#define democonfigGREENGRASS_DISCOVERY_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 12 ) + +#define democonfigMEMORY_ANALYSIS + +#ifdef democonfigMEMORY_ANALYSIS + #define democonfigMEMORY_ANALYSIS_STACK_DEPTH_TYPE UBaseType_t + #define democonfigMEMORY_ANALYSIS_MIN_EVER_HEAP_SIZE() xPortGetMinimumEverFreeHeapSize() + #if ( INCLUDE_uxTaskGetStackHighWaterMark == 1 ) + /* Shift by left twice to convert from stack words to bytes */ + #define democonfigMEMORY_ANALYSIS_STACK_WATERMARK( x ) uxTaskGetStackHighWaterMark( x ) + #else + #define democonfigMEMORY_ANALYSIS_STACK_WATERMARK( x ) NULL + #endif /* if( INCLUDE_uxTaskGetStackHighWaterMark == 1 ) */ +#endif /* democonfigMEMORY_ANALYSIS */ + + +#endif /* _AWS_DEMO_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ggd_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ggd_config.h new file mode 100644 index 00000000000..76155759b66 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ggd_config.h @@ -0,0 +1,46 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_ggd_config.h + * @brief GGD config options. + */ + +#ifndef _AWS_GGD_CONFIG_H_ +#define _AWS_GGD_CONFIG_H_ + + +/** + * @brief The number of your network interface here. + */ +#define ggdconfigCORE_NETWORK_INTERFACE ( 0 ) + +/** + * @brief Size of the array used by jsmn to store the tokens. + */ +#define ggdconfigJSON_MAX_TOKENS ( 128 ) + +#endif /* _AWS_GGD_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_iot_network_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_iot_network_config.h new file mode 100644 index 00000000000..044ad007c62 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_iot_network_config.h @@ -0,0 +1,57 @@ +/* +* FreeRTOS + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_iot_network_config.h + * @brief Configuration file which enables different network types. + */ +#ifndef AWS_IOT_NETWORK_CONFIG_H_ +#define AWS_IOT_NETWORK_CONFIG_H_ + +/** + * @brief Configuration flag used to specify all supported network types by the board. + * + * The configuration is fixed per board and should never be changed. + * More than one network interfaces can be enabled by using 'OR' operation with flags for + * each network types supported. Flags for all supported network types can be found + * in "aws_iot_network.h" + */ + +#define configSUPPORTED_NETWORKS ( AWSIOT_NETWORK_TYPE_WIFI ) + +/** + * @brief Configuration flag which is used to enable one or more network interfaces for a board. + * + * The configuration can be changed any time to keep one or more network enabled or disabled. + * More than one network interfaces can be enabled by using 'OR' operation with flags for + * each network types supported. Flags for all supported network types can be found + * in "aws_iot_network.h" + * + */ + +#define configENABLED_NETWORKS ( AWSIOT_NETWORK_TYPE_WIFI ) + +#endif /* CONFIG_FILES_AWS_IOT_NETWORK_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_mqtt_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_mqtt_config.h new file mode 100644 index 00000000000..445dfb9d3b6 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_mqtt_config.h @@ -0,0 +1,71 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_mqtt_config.h + * @brief MQTT config options. + */ + +#ifndef _AWS_MQTT_CONFIG_H_ +#define _AWS_MQTT_CONFIG_H_ + +#include + +/** + * @brief Enable subscription management. + * + * This gives the user flexibility of registering a callback per topic. + */ +#define mqttconfigENABLE_SUBSCRIPTION_MANAGEMENT ( 1 ) + +/** + * @brief Maximum length of the topic which can be stored in subscription + * manager. + */ +#define mqttconfigSUBSCRIPTION_MANAGER_MAX_TOPIC_LENGTH ( 128 ) + +/** + * @brief Maximum number of subscriptions which can be stored in subscription + * manager. + */ +#define mqttconfigSUBSCRIPTION_MANAGER_MAX_SUBSCRIPTIONS ( 8 ) + +/* + * Uncomment the following two lines to enable asserts. + */ +/* extern void vAssertCalled( const char *pcFile, uint32_t ulLine ); */ +/* #define mqttconfigASSERT( x ) if( ( x ) == 0 ) vAssertCalled( __FILE__, __LINE__ ) */ + +#if defined(AMAZON_FREERTOS_ENABLE_UNIT_TESTS) +#include "unity_internals.h" +#define mqttconfigASSERT( x ) if( ( x ) == 0 ) TEST_ABORT() +#endif /* AMAZON_FREERTOS_ENABLE_UNIT_TESTS */ + +/** + * @brief Set this macro to 1 for enabling debug logs. + */ +#define mqttconfigENABLE_DEBUG_LOGS 0 + +#endif /* _AWS_MQTT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ota_agent_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ota_agent_config.h new file mode 100644 index 00000000000..7e5399f190f --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_ota_agent_config.h @@ -0,0 +1,150 @@ +/* + * FreeRTOS V1.4.7 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_ota_agent_config.h + * @brief OTA user configurable settings. + */ + +#ifndef _AWS_OTA_AGENT_CONFIG_H_ +#define _AWS_OTA_AGENT_CONFIG_H_ + +/** + * @brief The number of words allocated to the stack for the OTA agent. + */ +#define otaconfigSTACK_SIZE 6000U + +/** + * @brief Log base 2 of the size of the file data block message (excluding the header). + * + * 10 bits yields a data block size of 1KB. + */ +#define otaconfigLOG2_FILE_BLOCK_SIZE 12UL + +/** + * @brief Milliseconds to wait for the self test phase to succeed before we force reset. + */ +#define otaconfigSELF_TEST_RESPONSE_WAIT_MS 16000U + +/** + * @brief Milliseconds to wait before requesting data blocks from the OTA service if nothing is happening. + * + * The wait timer is reset whenever a data block is received from the OTA service so we will only send + * the request message after being idle for this amount of time. + */ +#define otaconfigFILE_REQUEST_WAIT_MS 10000U + +/** + * @brief The OTA agent task priority. Normally it runs at a low priority. + */ +#define otaconfigAGENT_PRIORITY tskIDLE_PRIORITY + 5U + +/** + * @brief The maximum allowed length of the thing name used by the OTA agent. + * + * AWS IoT requires Thing names to be unique for each device that connects to the broker. + * Likewise, the OTA agent requires the developer to construct and pass in the Thing name when + * initializing the OTA agent. The agent uses this size to allocate static storage for the + * Thing name used in all OTA base topics. Namely $aws/things/ + */ +#define otaconfigMAX_THINGNAME_LEN 64U +/** + * @brief The maximum number of data blocks requested from OTA streaming service. + * + * This configuration parameter is sent with data requests and represents the maximum number of + * data blocks the service will send in response. The maximum limit for this must be calculated + * from the maximum data response limit (128 KB from service) divided by the block size. + * For example if block size is set as 1 KB then the maximum number of data blocks that we can + * request is 128/1 = 128 blocks. Configure this parameter to this maximum limit or lower based on + * how many data blocks response is expected for each data requests. + * Please note that this must be set larger than zero. + * + */ +#define otaconfigMAX_NUM_BLOCKS_REQUEST 8U + +/** + * @brief The maximum number of requests allowed to send without a response before we abort. + * + * This configuration parameter sets the maximum number of times the requests are made over + * the selected communication channel before aborting and returning error. + * + */ +#define otaconfigMAX_NUM_REQUEST_MOMENTUM 32U + +/** + * @brief The number of data buffers reserved by the OTA agent. + * + * This configurations parameter sets the maximum number of static data buffers used by + * the OTA agent for job and file data blocks received. + */ +#define otaconfigMAX_NUM_OTA_DATA_BUFFERS 2U + +/** + * @brief Allow update to same or lower version. + * + * Set this to 1 to allow downgrade or same version update.This configurations parameter + * disables version check and allows update to a same or lower version.This is provided for + * testing purpose and it is recommended to always update to higher version and keep this + * configuration disabled. + */ +#define otaconfigAllowDowngrade 0U + +/** + * @brief The protocol selected for OTA control operations. + + * This configurations parameter sets the default protocol for all the OTA control + * operations like requesting OTA job, updating the job status etc. + * + * Note - Only MQTT is supported at this time for control operations. + */ +#define configENABLED_CONTROL_PROTOCOL ( OTA_CONTROL_OVER_MQTT ) + +/** + * @brief The protocol selected for OTA data operations. + + * This configurations parameter sets the protocols selected for the data operations + * like requesting file blocks from the service. + * + * Note - Both MQTT and HTTP is supported for data transfer. This configuration parameter + * can be set to following - + * Enable data over MQTT - ( OTA_DATA_OVER_MQTT ) + * Enable data over HTTP - ( OTA_DATA_OVER_HTTP) + * Enable data over both MQTT & HTTP ( OTA_DATA_OVER_MQTT | OTA_DATA_OVER_HTTP ) + */ +#define configENABLED_DATA_PROTOCOLS ( OTA_DATA_OVER_MQTT ) + + /** + * @brief The preferred protocol selected for OTA data operations. + * + * Primary data protocol will be the protocol used for downloading file if more than + * one protocol is selected while creating OTA job. Default primary data protocol is MQTT + * and following update here to switch to HTTP as primary. + * + * Note - use OTA_DATA_OVER_HTTP for HTTP as primary data protocol. + */ + +#define configOTA_PRIMARY_DATA_PROTOCOL ( OTA_DATA_OVER_MQTT ) + +#endif /* _AWS_OTA_AGENT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_secure_sockets_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_secure_sockets_config.h new file mode 100644 index 00000000000..afd87a98324 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_secure_sockets_config.h @@ -0,0 +1,72 @@ +/* + * FreeRTOS V1.4.7 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_secure_sockets_config.h + * @brief Secure sockets configuration options. + */ + +#ifndef _AWS_SECURE_SOCKETS_CONFIG_H_ +#define _AWS_SECURE_SOCKETS_CONFIG_H_ + +/** + * @brief Byte order of the target MCU. + * + * Valid values are pdLITTLE_ENDIAN and pdBIG_ENDIAN. + */ +#define socketsconfigBYTE_ORDER pdLITTLE_ENDIAN + +/** + * @brief Default socket send timeout. + */ +#define socketsconfigDEFAULT_SEND_TIMEOUT ( 10000 ) + +/** + * @brief Default socket receive timeout. + */ +#define socketsconfigDEFAULT_RECV_TIMEOUT ( 10000 ) + +/** + * @brief Enable metrics of secure socket. + */ +#define AWS_IOT_SECURE_SOCKETS_METRICS_ENABLED ( 1 ) + +/** + * @brief Stack depth for the task that runs the receive callback function + * + * When SOCKETS_SetSockOpt() is called with SOCKETS_SO_WAKEUP_CALLBACK and + * a function pointer, a task is created to run the callback each time the + * socket becomes ready. This is the number of words (not bytes!) to allocate + * for use as the task’s stack. + */ +#define socketsconfigRECEIVE_CALLBACK_TASK_STACK_DEPTH 1024u + +/** + * @brief Default max socket number support + */ +#define socketsconfigDEFAULT_MAX_NUM_SECURE_SOCKETS 10 + +#endif /* _AWS_SECURE_SOCKETS_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_shadow_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_shadow_config.h new file mode 100644 index 00000000000..c35fc8a7636 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_shadow_config.h @@ -0,0 +1,107 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_shadow_config.h + * @brief specify shadow config + */ + +#ifndef _AWS_SHADOW_CONFIG_H_ +#define _AWS_SHADOW_CONFIG_H_ + +/** + * @brief Number of jsmn tokens to use in parsing. Each jsmn token contains 4 ints. + * Ensure that the number of tokens does not overflow the calling task's stack, + * but is also sufficient to parse the largest expected JSON documents. */ +#define shadowConfigJSON_JSMN_TOKENS ( 64 ) + + +/** + * @brief + * The JSON key to search for when looking for client tokens. + */ +#define shadowConfigJSON_CLIENT_TOKEN "clientToken" + + + /** + * @brief + * enable/disable shadowConfigUNIQUE_CLIENT_TOKEN_CHECK check. + */ +#define shadowConfigUNIQUE_CLIENT_TOKEN_CHECK 0 + + + /** + * @brief Maximum number of Shadow Clients. + * + * Up to this number of Shadow Clients may be successfully created with + * #SHADOW_ClientCreate. Shadow clients are allocated in the global data + * segment. Ensure that there is enough memory to accommodate the Shadow + * Clients. + * + * @note Should be less than 256. + */ +#define shadowMAX_CLIENTS ( ( BaseType_t ) ( 1 ) ) + + /** + * @brief Shadow debug message setting. + * + * Set this value to @c 0 to disable Shadow Client debug messages; or set it to + * @c 1 to enable debug messages. Ensure that the macro @c configPRINTF is + * available if debugging is enabled. + */ +#define shadowENABLE_DEBUG_LOGS ( 1 ) + + /** + * @brief Number of unique Things for which user notify callbacks can be + * registered. + * + * Each Shadow Client stores the Things with user notify callbacks registered. + * Define how many unique Things require user notify callbacks here. + * + * @note Should be less than 256. + */ +#define shadowCLIENT_MAX_THINGS_WITH_CALLBACKS ( ( BaseType_t ) ( 1 ) ) + + /** + * @brief Time (in milliseconds) a Shadow Client may block during cleanup @b IF + * a timeout occurs. + * + * Should a Shadow API call time out, the Shadow Client will stop its current + * operation and cleanup before returning. The time below (in milliseconds) is + * the amount of additional time that the Shadow Client may block to cleanup @b + * IF the user's given timeout is inadequate. In general, 5000 ms is sufficient + * for cleanup on a good connection; more time should be given if the connection + * is unreliable. + * + * @note If a user gives a Shadow API call @a x milliseconds of block time but + * @a x is insufficient time to complete the API call, then function may block + * for up to (@a x + #shadowCLEANUP_TIME_MS) milliseconds. However, if @a x is + * sufficient time for the API call, then block time will be at most @a x + * milliseconds. + * @warning If cleanup doesn't fully complete, users may be billed for MQTT + * messages on topics that weren't properly cleaned up! + */ +#define shadowCLEANUP_TIME_MS 5000 +#endif /* _AWS_SHADOW_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_wifi_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_wifi_config.h new file mode 100644 index 00000000000..6cddf375ec8 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/aws_wifi_config.h @@ -0,0 +1,99 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_wifi_config.h + * @brief WiFi module configuration parameters. + */ + +#ifndef _AWS_WIFI_CONFIG_H_ +#define _AWS_WIFI_CONFIG_H_ + +/** + * @brief Maximum number of sockets that can be created simultaneously. + */ +#define wificonfigMAX_SOCKETS ( 4 ) + +/** + * @brief Maximum number of connection retries. + */ +#define wificonfigNUM_CONNECTION_RETRY ( 3 ) + +/** + * @brief Maximum number of connected station in Access Point mode. + */ +#define wificonfigMAX_CONNECTED_STATIONS ( 4 ) + +/** + * @brief Max SSID length + */ +#define wificonfigMAX_SSID_LEN ( 32 ) + +/** + * @brief Max BSSID length + */ +#define wificonfigMAX_BSSID_LEN ( 6 ) + +/** + * @brief Max passphrase length + * Maximum allowed WPA2 passphrase length (per specification) is 63 + */ +#define wificonfigMAX_PASSPHRASE_LEN ( 63 ) + +/** + * @brief Soft Access point SSID + */ +#define wificonfigACCESS_POINT_SSID_PREFIX ( "ConfigureMe" ) + +/** + * @brief Soft Access point Passkey + */ +#define wificonfigACCESS_POINT_PASSKEY ( "awsiotdevice" ) + +/** + * @brief Soft Access point Channel + */ +#define wificonfigACCESS_POINT_CHANNEL ( 11 ) + + +/** + * @brief Maximum number of network profiles stored. + */ +#define wificonfigMAX_NETWORK_PROFILES ( 8 ) + + +/** + * @brief WiFi semaphore timeout + */ +#define wificonfigMAX_SEMAPHORE_WAIT_TIME_MS ( 60000 ) + +/** + * @brief Soft Access point security + * WPA2 Security, see WIFISecurity_t + * other values are - eWiFiSecurityOpen, eWiFiSecurityWEP, eWiFiSecurityWPA + */ +#define wificonfigACCESS_POINT_SECURITY ( eWiFiSecurityWPA2 ) + +#endif /* _AWS_WIFI_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/default_pkcs11_config/iot_pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/default_pkcs11_config/iot_pkcs11_config.h new file mode 100644 index 00000000000..84c524fe93c --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/default_pkcs11_config/iot_pkcs11_config.h @@ -0,0 +1,171 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_pkcs11_config.h + * @brief PCKS#11 config options. + */ + + +#ifndef _AWS_PKCS11_CONFIG_H_ +#define _AWS_PKCS11_CONFIG_H_ + +/**************************************************/ +/******* DO NOT CHANGE the following order ********/ +/**************************************************/ + +/* Include logging header files and define logging macros in the following order: + * 1. Include the header file "logging_levels.h". + * 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros depending on + * the logging configuration for PKCS #11. + * 3. Include the header file "logging_stack.h", if logging is enabled for PKCS #11. + */ +#include "logging_levels.h" + +/* Logging configuration for the PKCS #11 library. */ +#ifndef LIBRARY_LOG_NAME + #define LIBRARY_LOG_NAME "PKCS11" +#endif + +#ifndef LIBRARY_LOG_LEVEL + #define LIBRARY_LOG_LEVEL LOG_ERROR +#endif + +#include "logging_stack.h" + +/** + * @brief ESP32 NVS Partition where PKCS #11 data is stored + */ +#define pkcs11configSTORAGE_PARTITION "storage" + +/** + * @brief ESP32 NVS namespace for PKCS #11 data + */ +#define pkcs11configSTORAGE_NS "creds" + +/** + * @brief PKCS #11 default user PIN. + * + * The PKCS #11 standard specifies the presence of a user PIN. That feature is + * sensible for applications that have an interactive user interface and memory + * protections. However, since typical microcontroller applications lack one or + * both of those, the user PIN is assumed to be used herein for interoperability + * purposes only, and not as a security feature. + * + * Note: Do not cast this to a pointer! The library calls sizeof to get the length + * of this string. + */ +#define configPKCS11_DEFAULT_USER_PIN "0000" + +/** + * @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL + * attribute. + */ +#define pkcs11configMAX_LABEL_LENGTH 32UL + +/** + * @brief Maximum number of token objects that can be stored + * by the PKCS #11 module. + */ +#define pkcs11configMAX_NUM_OBJECTS 6UL + +/** + * @brief Maximum number of sessions that can be stored + * by the PKCS #11 module. + */ +#define pkcs11configMAX_SESSIONS 10UL + +/** + * @brief Set to 1 if a PAL destroy object is implemented. + * + * If set to 0, no PAL destroy object is implemented, and this functionality + * is implemented in the common PKCS #11 layer. + */ +#define pkcs11configPAL_DESTROY_SUPPORTED 0 + +/** + * @brief Set to 1 if OTA image verification via PKCS #11 module is supported. + * + * If set to 0, OTA code signing certificate is built in via + * aws_ota_codesigner_certificate.h. + */ +#define pkcs11configOTA_SUPPORTED 1 + +/** + * @brief Set to 1 if PAL supports storage for JITP certificate, + * code verify certificate, and trusted server root certificate. + * + * If set to 0, PAL does not support storage mechanism for these, and + * they are accessed via headers compiled into the code. + */ +#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 + +/** + * @brief The PKCS #11 label for device private key. + * + * Private key for connection to AWS IoT endpoint. The corresponding + * public key should be registered with the AWS IoT endpoint. + */ +#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS ( "Device Priv TLS Key" ) + +/** + * @brief The PKCS #11 label for device public key. + * + * The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS ( "Device Pub TLS Key" ) + +/** + * @brief The PKCS #11 label for the device certificate. + * + * Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS ( "Device Cert" ) + +/** + * @brief The PKCS #11 label for the object to be used for code verification. + * + * Used by over-the-air update code to verify an incoming signed image. + */ +#define pkcs11configLABEL_CODE_VERIFICATION_KEY ( "Code Verify Key" ) + +/** + * @brief The PKCS #11 label for Just-In-Time-Provisioning. + * + * The certificate corresponding to the issuer of the device certificate + * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or + * JITP flow. + */ +#define pkcs11configLABEL_JITP_CERTIFICATE ( "JITP Cert" ) + +/** + * @brief The PKCS #11 label for the AWS Trusted Root Certificate. + * + * @see aws_default_root_certificates.h + */ +#define pkcs11configLABEL_ROOT_CERTIFICATE ( "Root Cert" ) + +#endif /* _AWS_PKCS11_CONFIG_H_ include guard. */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/atca_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/atca_config.h new file mode 100644 index 00000000000..ad134af1bd3 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/atca_config.h @@ -0,0 +1,44 @@ +/** + * \file + * \brief Cryptoauthlib Configuration Defines + * + * \copyright (c) 2015-2018 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ + +#ifndef _ATCA_CONFIG_H +#define _ATCA_CONFIG_H + +/** Use HID */ +#define ATCA_HAL_I2C + +/** Use the following address for ECC devices */ +#define ATCA_I2C_ECC_ADDRESS 0x6C + +/** Define if cryptoauthlib is to use the maximum execution time method */ +#define ATCA_NO_POLL + +/** Use RTOS timers (i.e. delays that yield) */ +#define ATCA_USE_RTOS_TIMER + + +#endif diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h new file mode 100644 index 00000000000..ad52868fcc0 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h @@ -0,0 +1,154 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_pkcs11_config.h + * @brief PCKS#11 config options. + */ + +#ifndef _AWS_PKCS11_CONFIG_H_ +#define _AWS_PKCS11_CONFIG_H_ + + +extern const char * pcPkcs11GetThingName(void); + +/** + * @brief ESP32 NVS Partition where PKCS #11 data is stored + */ +#define pkcs11configSTORAGE_PARTITION "storage" + +/** + * @brief ESP32 NVS namespace for PKCS #11 data + */ +#define pkcs11configSTORAGE_NS "creds" + +/** + * @brief PKCS #11 default user PIN. + * + * The PKCS #11 standard specifies the presence of a user PIN. That feature is + * sensible for applications that have an interactive user interface and memory + * protections. However, since typical microcontroller applications lack one or + * both of those, the user PIN is assumed to be used herein for interoperability + * purposes only, and not as a security feature. + * + * Note: Do not cast this to a pointer! The library calls sizeof to get the length + * of this string. + */ +#define configPKCS11_DEFAULT_USER_PIN "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF" + +/** + * @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL + * attribute. + */ +#define pkcs11configMAX_LABEL_LENGTH 32 + +/** + * @brief Maximum number of token objects that can be stored + * by the PKCS #11 module. + */ +#define pkcs11configMAX_NUM_OBJECTS 6 + +/** + * @brief Set to 1 if a PAL destroy object is implemented. + * + * If set to 0, no PAL destroy object is implemented, and this functionality + * is implemented in the common PKCS #11 layer. + */ +#define pkcs11configPAL_DESTROY_SUPPORTED 0 + +/** + * @brief Set to 1 if importing device private key via C_CreateObject is supported. 0 if not. + */ +#define pkcs11configIMPORT_PRIVATE_KEYS_SUPPORTED 0 + +/** + * @brief Set to 1 if OTA image verification via PKCS #11 module is supported. + * + * If set to 0, OTA code signing certificate is built in via + * aws_ota_codesigner_certificate.h. + */ +#define pkcs11configOTA_SUPPORTED 1 + +/** + * @brief Set to 1 if PAL supports storage for JITP certificate, + * code verify certificate, and trusted server root certificate. + * + * If set to 0, PAL does not support storage mechanism for these, and + * they are accessed via headers compiled into the code. + */ +#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 + +/** + * @brief The PKCS #11 label for device private key. + * + * Private key for connection to AWS IoT endpoint. The corresponding + * public key should be registered with the AWS IoT endpoint. + */ +#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Device Priv TLS Key" + +/** + * @brief The PKCS #11 label for device public key. + * + * The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Device Pub TLS Key" + +/** + * @brief The PKCS #11 label for the device certificate. + * + * Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS "Device Cert" + +/** + * @brief The PKCS #11 label for the object to be used for code verification. + * + * Used by over-the-air update code to verify an incoming signed image. + */ +#define pkcs11configLABEL_CODE_VERIFICATION_KEY "Code Verify Key" + +/** + * @brief The PKCS #11 label for Just-In-Time-Provisioning. + * + * The certificate corresponding to the issuer of the device certificate + * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or + * JITP flow. + */ +#define pkcs11configLABEL_JITP_CERTIFICATE "JITP Cert" + +/** + * @brief The PKCS #11 label for the AWS Trusted Root Certificate. + * + * @see aws_default_root_certificates.h + */ +#define pkcs11configLABEL_ROOT_CERTIFICATE "Root Cert" + +#endif /* _AWS_PKCS11_CONFIG_H_ include guard. */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/pkcs11_config.h new file mode 100644 index 00000000000..60781c604ad --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/ecc608a_pkcs11_config/pkcs11_config.h @@ -0,0 +1,159 @@ +/** + * \file + * \brief PKCS11 Library Configuration + * + * Copyright (c) 2017 Microchip Technology Inc. All rights reserved. + * + * \atmel_crypto_device_library_license_start + * + * \page License + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. The name of Atmel may not be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * 4. This software may only be redistributed and used in connection with an + * Atmel integrated circuit. + * + * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE + * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * \atmel_crypto_device_library_license_stop + */ + +#ifndef PKCS11_CONFIG_H_ +#define PKCS11_CONFIG_H_ + + +/* Cryptoauthlib at the time of this module development is not versioned */ +#ifndef ATCA_LIB_VER_MAJOR +#define ATCA_LIB_VER_MAJOR 3 +#endif + +#ifndef ATCA_LIB_VER_MINOR +#define ATCA_LIB_VER_MINOR 2 +#endif + +/** If an Auth-key or IoProtection Secret is to be used this is the + * slot number of it */ +#ifndef PKCS11_PIN_SLOT +#define PKCS11_PIN_SLOT 6 +#endif + +/** Define to lock the PIN slot after writing */ +#ifndef PKCS11_LOCK_PIN_SLOT +#define PKCS11_LOCK_PIN_SLOT 0 +#endif + +/** Enable PKCS#11 Debugging Messages */ +#ifndef PKCS11_DEBUG_ENABLE +#define PKCS11_DEBUG_ENABLE 0 +#endif + +/** Use Static or Dynamic Allocation */ +#ifndef PKCS11_USE_STATIC_MEMORY +#define PKCS11_USE_STATIC_MEMORY 1 +#endif + +/** Use a compiled configuration rather than loading from a filestore */ +#ifndef PKCS11_USE_STATIC_CONFIG +#define PKCS11_USE_STATIC_CONFIG 1 +#endif + +/** Maximum number of slots allowed in the system - if static memory this will + always be the number of slots */ +#ifndef PKCS11_MAX_SLOTS_ALLOWED +#define PKCS11_MAX_SLOTS_ALLOWED 1 +#endif + +/** Maximum number of total sessions allowed in the system - if using static + memory then this many session contexts will be allocated */ +#ifndef PKCS11_MAX_SESSIONS_ALLOWED +#define PKCS11_MAX_SESSIONS_ALLOWED 10 +#endif + +/** Maximum number of cryptographic objects allowed to be cached */ +#ifndef PKCS11_MAX_OBJECTS_ALLOWED +#define PKCS11_MAX_OBJECTS_ALLOWED 16 +#endif + +/** Maximum label size in characters */ +#ifndef PKCS11_MAX_LABEL_SIZE +#define PKCS11_MAX_LABEL_SIZE 30 +#endif + +/****************************************************************************/ +/* The following configuration options are for fine tuning of the library */ +/****************************************************************************/ + +/** Defines if the library will produce a static function list or use an + externally defined one. This is an optimization that allows for a statically + linked library to include only the PKCS#11 functions that the application + intends to use. Otherwise compilers will not be able to optimize out the unusued + functions */ +#ifndef PKCS11_EXTERNAL_FUNCTION_LIST +#define PKCS11_EXTERNAL_FUNCTION_LIST 1 +#endif + +/** Static Search Attribute Cache in bytes (variable number of attributes based + on size and memory requirements) */ +#ifndef PKCS11_SEARCH_CACHE_SIZE +#define PKCS11_SEARCH_CACHE_SIZE 128 +#endif + +/** Device Support for ATECC508A */ +#ifndef PKCS11_508_SUPPORT +#define PKCS11_508_SUPPORT 0 +#endif + +/** Device Support for ATECC608A */ +#ifndef PKCS11_608_SUPPORT +#define PKCS11_608_SUPPORT 1 +#endif + +/** Support for configuring a "blank" or new device */ +#ifndef PKCS11_TOKEN_INIT_SUPPORT +#define PKCS11_TOKEN_INIT_SUPPORT 1 +#endif + +/** Include the monotonic hardware feature as an object */ +#ifndef PKCS11_MONOTONIC_ENABLE +#define PKCS11_MONOTONIC_ENABLE 0 +#endif + + +#include "pkcs11/cryptoki.h" +#include +typedef struct _pkcs11_slot_ctx *pkcs11_slot_ctx_ptr; +typedef struct _pkcs11_lib_ctx *pkcs11_lib_ctx_ptr; +typedef struct _pkcs11_object *pkcs11_object_ptr; + +CK_RV pkcs11_config_load_objects(pkcs11_slot_ctx_ptr pSlot); +CK_RV pkcs11_config_load(pkcs11_slot_ctx_ptr slot_ctx); +CK_RV pkcs11_config_cert(pkcs11_lib_ctx_ptr pLibCtx, pkcs11_slot_ctx_ptr pSlot, pkcs11_object_ptr pObject, CK_ATTRIBUTE_PTR pcLabel); +CK_RV pkcs11_config_key(pkcs11_lib_ctx_ptr pLibCtx, pkcs11_slot_ctx_ptr pSlot, pkcs11_object_ptr pObject, CK_ATTRIBUTE_PTR pcLabel); +CK_RV pkcs11_config_remove_object(pkcs11_lib_ctx_ptr pLibCtx, pkcs11_slot_ctx_ptr pSlot, pkcs11_object_ptr pObject); + +void pkcs11_config_init_private(pkcs11_object_ptr pObject, char * label, size_t len); +void pkcs11_config_init_public(pkcs11_object_ptr pObject, char * label, size_t len); +void pkcs11_config_init_cert(pkcs11_object_ptr pObject, char * label, size_t len); + +#endif /* PKCS11_CONFIG_H_ */ \ No newline at end of file diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_ble_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_ble_config.h new file mode 100644 index 00000000000..e32b4bb8fd0 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_ble_config.h @@ -0,0 +1,41 @@ +/* + * FreeRTOS V1.4.2 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file iot_ble_config.h + * @brief BLE configuration overrides for ESP32 board. + */ + + +#ifndef _IOT_BLE_CONFIG_H_ +#define _IOT_BLE_CONFIG_H_ + +/* Device name for this peripheral device. */ +#define IOT_BLE_DEVICE_COMPLETE_LOCAL_NAME "ESP32" + +/* Include BLE default config at bottom to set the default values for the configurations which are not overridden */ +#include "iot_ble_config_defaults.h" + +#endif /* _IOT_BLE_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_config.h new file mode 100644 index 00000000000..9faa1caffea --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_config.h @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +/* This file contains configuration settings for the demos. */ + +#ifndef IOT_CONFIG_H_ +#define IOT_CONFIG_H_ + +/* Standard include. */ +#include + +/* How long the MQTT library will wait for PINGRESPs or PUBACKs. */ +#define IOT_MQTT_RESPONSE_WAIT_MS ( 10000 ) + +/* MQTT demo configuration. */ +#define IOT_DEMO_MQTT_PUBLISH_BURST_COUNT ( 10 ) +#define IOT_DEMO_MQTT_PUBLISH_BURST_SIZE ( 2 ) + +/* Shadow demo configuration. The demo publishes periodic Shadow updates and responds + * to changing Shadows. */ +#define AWS_IOT_DEMO_SHADOW_UPDATE_COUNT ( 20 ) /* Number of updates to publish. */ +#define AWS_IOT_DEMO_SHADOW_UPDATE_PERIOD_MS ( 3000 ) /* Period of Shadow updates. */ + +/* Library logging configuration. IOT_LOG_LEVEL_GLOBAL provides a global log + * level for all libraries; the library-specific settings override the global + * setting. If both the library-specific and global settings are undefined, + * no logs will be printed. */ +#define IOT_LOG_LEVEL_GLOBAL IOT_LOG_INFO +#define IOT_LOG_LEVEL_DEMO IOT_LOG_INFO +#define IOT_LOG_LEVEL_PLATFORM IOT_LOG_NONE +#define IOT_LOG_LEVEL_NETWORK IOT_LOG_INFO +#define IOT_LOG_LEVEL_TASKPOOL IOT_LOG_NONE +#define IOT_LOG_LEVEL_MQTT IOT_LOG_INFO +#define AWS_IOT_LOG_LEVEL_SHADOW IOT_LOG_INFO +#define AWS_IOT_LOG_LEVEL_DEFENDER IOT_LOG_INFO +#define IOT_LOG_LEVEL_HTTPS IOT_LOG_INFO + +/* Platform thread stack size and priority. */ +#define IOT_THREAD_DEFAULT_STACK_SIZE 6000 +#define IOT_THREAD_DEFAULT_PRIORITY 5 + +/* This board supports MQTT-over-BLE, which uses a different serializer than normal + * MQTT 3.1.1. Enable the serializer overrides of the MQTT library. */ +#define IOT_MQTT_ENABLE_SERIALIZER_OVERRIDES ( 0 ) + +/* Provide additional serializer initialization functions. */ +extern bool IotBleMqtt_InitSerialize( void ); +extern void IotBleMqtt_CleanupSerialize( void ); +#define _IotMqtt_InitSerializeAdditional IotBleMqtt_InitSerialize +#define _IotMqtt_CleanupSerializeAdditional IotBleMqtt_CleanupSerialize + +/* Provide a function to retrieve the serializer function pointers in the MQTT demo. */ +typedef struct IotMqttSerializer IotMqttSerializer_t; +extern const IotMqttSerializer_t * demoGetMqttSerializer( void ); +#define IOT_DEMO_MQTT_SERIALIZER demoGetMqttSerializer() + +#define iotconfigUSE_PORT_SPECIFIC_HOOKS + +/* Include the common configuration file for FreeRTOS. */ +#include "iot_config_common.h" + +#endif /* ifndef IOT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_mqtt_agent_config.h b/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_mqtt_agent_config.h new file mode 100644 index 00000000000..e3a43f874a8 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/config_files/iot_mqtt_agent_config.h @@ -0,0 +1,113 @@ +/* + * FreeRTOS V1.4.8 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. If you wish to use our Amazon + * FreeRTOS name, please do so in a fair use way that does not cause confusion. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file iot_mqtt_agent_config.h + * @brief MQTT agent config options. + */ + +#ifndef _AWS_MQTT_AGENT_CONFIG_H_ +#define _AWS_MQTT_AGENT_CONFIG_H_ + +#include "FreeRTOS.h" + +/** + * @brief Controls whether or not to report usage metrics to the + * AWS IoT broker. + * + * If mqttconfigENABLE_METRICS is set to 1, a string containing + * metric information will be included in the "username" field of + * the MQTT connect messages. + */ +#define mqttconfigENABLE_METRICS ( 1 ) + +/** + * @brief The maximum time interval in seconds allowed to elapse between 2 consecutive + * control packets. + */ +#define mqttconfigKEEP_ALIVE_INTERVAL_SECONDS ( 1200 ) + +/** + * @brief Defines the frequency at which the client should send Keep Alive messages. + * + * Even though the maximum time allowed between 2 consecutive control packets + * is defined by the mqttconfigKEEP_ALIVE_INTERVAL_SECONDS macro, the user + * can and should send Keep Alive messages at a slightly faster rate to ensure + * that the connection is not closed by the server because of network delays. + * This macro defines the interval of inactivity after which a keep alive messages + * is sent. + */ +#define mqttconfigKEEP_ALIVE_ACTUAL_INTERVAL_TICKS ( pdMS_TO_TICKS(300000) ) + +/** + * @brief The maximum interval in ticks to wait for PINGRESP. + * + * If PINGRESP is not received within this much time after sending PINGREQ, + * the client assumes that the PINGREQ timed out. + */ +#define mqttconfigKEEP_ALIVE_TIMEOUT_TICKS ( 1000 ) + +/** + * @brief The maximum time in ticks for which the MQTT task is permitted to block. + * + * The MQTT task blocks until the user initiates any action or until it receives + * any data from the broker. This macro controls the maximum time the MQTT task can + * block. It should be set to a low number for the platforms which do not have any + * mechanism to wake up the MQTT task whenever data is received on a connected socket. + * This ensures that the MQTT task keeps waking up frequently and processes the + * publish messages received from the broker, if any. + */ +#define mqttconfigMQTT_TASK_MAX_BLOCK_TICKS ( 100 ) + +/** + * @defgroup MQTTTask MQTT task configuration parameters. + */ +/** @{ */ +#define mqttconfigMQTT_TASK_STACK_DEPTH ( configMINIMAL_STACK_SIZE * 8 ) +#define mqttconfigMQTT_TASK_PRIORITY ( tskIDLE_PRIORITY + 5 ) +/** @} */ + +/** + * @brief Maximum number of MQTT clients that can exist simultaneously. + */ +#define mqttconfigMAX_BROKERS ( 2 ) + +/** + * @brief Maximum number of parallel operations per client. + */ +#define mqttconfigMAX_PARALLEL_OPS ( 5 ) + +/** + * @brief Time in milliseconds after which the TCP send operation should timeout. + */ +#define mqttconfigTCP_SEND_TIMEOUT_MS ( 2000 ) + +/** + * @brief Length of the buffer used to receive data. + */ +#define mqttconfigRX_BUFFER_SIZE ( 1024 + 128 ) + +#endif /* _AWS_MQTT_AGENT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_demos/partition-table.csv b/vendors/espressif/boards/esp32s2/aws_demos/partition-table.csv new file mode 100644 index 00000000000..081814ce410 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/partition-table.csv @@ -0,0 +1,8 @@ +# Name, Type, SubType, Offset, Size, Flags +# Note: if you change the phy_init or app partition offset, make sure to change the offset in Kconfig.projbuild +nvs, data, nvs, 0x10000, 0x6000 +otadata, data, ota, 0x16000, 0x2000 +phy_init, data, phy, 0x18000, 0x1000 +ota_0, 0, ota_0, 0x20000, 1500K +ota_1, 0, ota_1, , 1500K +storage, data, nvs, , 0x10000 diff --git a/vendors/espressif/boards/esp32s2/aws_demos/sdkconfig.defaults b/vendors/espressif/boards/esp32s2/aws_demos/sdkconfig.defaults new file mode 100644 index 00000000000..22f41c1b537 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_demos/sdkconfig.defaults @@ -0,0 +1,30 @@ +CONFIG_ESP_INT_WDT= +CONFIG_ESP_TASK_WDT= +CONFIG_FREERTOS_USE_TRACE_FACILITY=y +CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION=y +CONFIG_FREERTOS_ENABLE_STATIC_TASK_CLEAN_UP=y +CONFIG_PARTITION_TABLE_CUSTOM=y +CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partition-table.csv" +CONFIG_PARTITION_TABLE_FILENAME="partition-table.csv" +CONFIG_TIMER_TASK_STACK_DEPTH=3584 +CONFIG_FREERTOS_TIMER_TASK_PRIORITY=5 +CONFIG_FREERTOS_LEGACY_HOOKS=y +CONFIG_FREERTOS_LEGACY_IDLE_HOOK=y +CONFIG_FREERTOS_LEGACY_TICK_HOOK=y +CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y +CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y +CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=8192 +CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 +CONFIG_MBEDTLS_CMAC_C=y +CONFIG_MBEDTLS_ECP_RESTARTABLE=y +CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y +CONFIG_ESPTOOLPY_BAUD_921600B=y +CONFIG_BOOTLOADER_WDT_DISABLE_SKIP_FIRST_BOOT=y +CONFIG_BOOTLOADER_WDT_TIME_MS=90000 +CONFIG_BOOTLOADER_APP_ROLLBACK_ENABLE=y +CONFIG_MBEDTLS_THREADING_ALT=y +CONFIG_MBEDTLS_THREADING_C=y +CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=n +CONFIG_MBEDTLS_SHA512_C=n +CONFIG_ESP_NETIF_TCPIP_ADAPTER_COMPATIBLE_LAYER=n +CONFIG_COMPILER_DISABLE_GCC8_WARNINGS=y diff --git a/vendors/espressif/boards/esp32s2/aws_tests/application_code/espressif_code/amazon-freertos-tests/CMakeLists.txt b/vendors/espressif/boards/esp32s2/aws_tests/application_code/espressif_code/amazon-freertos-tests/CMakeLists.txt new file mode 100644 index 00000000000..cfde39e32c4 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/application_code/espressif_code/amazon-freertos-tests/CMakeLists.txt @@ -0,0 +1 @@ +# Nothing to be done here diff --git a/vendors/espressif/boards/esp32s2/aws_tests/application_code/main.c b/vendors/espressif/boards/esp32s2/aws_tests/application_code/main.c new file mode 100644 index 00000000000..7c226932a3e --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/application_code/main.c @@ -0,0 +1,337 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/* FreeRTOS includes. */ +#include "FreeRTOS.h" +#include "task.h" +#include "string.h" + +/* Test includes */ +#include "aws_test_runner.h" + +/* AWS library includes. */ +#include "iot_system_init.h" +#include "iot_logging_task.h" +#include "iot_wifi.h" +#include "aws_clientcredential.h" +#include "aws_dev_mode_key_provisioning.h" +#include "nvs_flash.h" +#if !AFR_ESP_LWIP +#include "FreeRTOS_IP.h" +#include "FreeRTOS_Sockets.h" +#endif +#include "esp_netif.h" +#include "aws_test_utils.h" +#include "esp_system.h" +#include "esp_wifi.h" +#include "esp_interface.h" +/* Logging Task Defines. */ +#define mainLOGGING_MESSAGE_QUEUE_LENGTH ( 32 ) +#define mainLOGGING_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 6 ) + +/* Unit test defines. */ +#define mainTEST_RUNNER_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 12 ) +#define mainDEVICE_NICK_NAME "Espressif_Demo" + + +/* Static arrays for FreeRTOS+TCP stack initialization for Ethernet network connections + * are use are below. If you are using an Ethernet connection on your MCU device it is + * recommended to use the FreeRTOS+TCP stack. The default values are defined in + * FreeRTOSConfig.h. */ + +/* Default MAC address configuration. The demo creates a virtual network + * connection that uses this MAC address by accessing the raw Ethernet data + * to and from a real network connection on the host PC. See the + * configNETWORK_INTERFACE_TO_USE definition for information on how to configure + * the real network connection to use. */ +uint8_t ucMACAddress[ 6 ] = +{ + configMAC_ADDR0, + configMAC_ADDR1, + configMAC_ADDR2, + configMAC_ADDR3, + configMAC_ADDR4, + configMAC_ADDR5 +}; + +/* The default IP and MAC address used by the demo. The address configuration + * defined here will be used if ipconfigUSE_DHCP is 0, or if ipconfigUSE_DHCP is + * 1 but a DHCP server could not be contacted. See the online documentation for + * more information. In both cases the node can be discovered using + * "ping RTOSDemo". */ +static const uint8_t ucIPAddress[ 4 ] = +{ + configIP_ADDR0, + configIP_ADDR1, + configIP_ADDR2, + configIP_ADDR3 +}; +static const uint8_t ucNetMask[ 4 ] = +{ + configNET_MASK0, + configNET_MASK1, + configNET_MASK2, + configNET_MASK3 +}; +static const uint8_t ucGatewayAddress[ 4 ] = +{ + configGATEWAY_ADDR0, + configGATEWAY_ADDR1, + configGATEWAY_ADDR2, + configGATEWAY_ADDR3 +}; +static const uint8_t ucDNSServerAddress[ 4 ] = +{ + configDNS_SERVER_ADDR0, + configDNS_SERVER_ADDR1, + configDNS_SERVER_ADDR2, + configDNS_SERVER_ADDR3 +}; + +/** + * @brief Application task startup hook for applications using Wi-Fi. If you are not + * using Wi-Fi, then start network dependent applications in the vApplicationIPNetorkEventHook + * function. If you are not using Wi-Fi, this hook can be disabled by setting + * configUSE_DAEMON_TASK_STARTUP_HOOK to 0. + */ +void vApplicationDaemonTaskStartupHook( void ); + +/** + * @brief Connects to WiFi. + */ +static void prvWifiConnect( void ); + +/** + * @brief Initializes the board. + */ +static void prvMiscInitialization( void ); + +/*-----------------------------------------------------------*/ + +/** + * @brief Application runtime entry point. + */ +int app_main( void ) +{ + /* Perform any hardware initialization that does not require the RTOS to be + * running. */ + prvMiscInitialization(); + + /* Create tasks that are not dependent on the WiFi being initialized. */ + xLoggingTaskInitialize( mainLOGGING_TASK_STACK_SIZE, + tskIDLE_PRIORITY + 5, + mainLOGGING_MESSAGE_QUEUE_LENGTH ); + +#if AFR_ESP_LWIP + configPRINTF( ("Initializing lwIP TCP stack\r\n") ); + esp_netif_init(); +#else /* AFR_ESP_LWIP */ + configPRINTF( ("Initializing FreeRTOS TCP stack\r\n") ); + FreeRTOS_IPInit( ucIPAddress, + ucNetMask, + ucGatewayAddress, + ucDNSServerAddress, + ucMACAddress ); +#endif /* !AFR_ESP_LWIP */ + + if( SYSTEM_Init() == pdPASS ) + { + /* Connect to the wifi before running the tests. */ + prvWifiConnect(); + + /* A simple example to demonstrate key and certificate provisioning in + * microcontroller flash using PKCS#11 interface. This should be replaced + * by production ready key provisioning mechanism. */ + vDevModeKeyProvisioning(); + + /* Create the task to run unit tests. */ + xTaskCreate( TEST_RUNNER_RunTests_task, + "RunTests_task", + mainTEST_RUNNER_TASK_STACK_SIZE, + NULL, + tskIDLE_PRIORITY + 5, + NULL ); + } + + /* Start the scheduler. Initialization that requires the OS to be running, + * including the WiFi initialization, is performed in the RTOS daemon task + * startup hook. */ + /* Following is taken care by initialization code in ESP IDF */ + /* vTaskStartScheduler(); */ + + return 0; +} +/*-----------------------------------------------------------*/ + +static void prvMiscInitialization( void ) +{ + /* Initialize NVS */ + esp_err_t ret = nvs_flash_init(); + + if( ( ret == ESP_ERR_NVS_NO_FREE_PAGES ) || ( ret == ESP_ERR_NVS_NEW_VERSION_FOUND ) ) + { + ESP_ERROR_CHECK( nvs_flash_erase() ); + ret = nvs_flash_init(); + } + + ESP_ERROR_CHECK( ret ); +} +/*-----------------------------------------------------------*/ + +void vApplicationDaemonTaskStartupHook( void ) +{ +} +/*-----------------------------------------------------------*/ + +void prvWifiConnect( void ) +{ + WIFINetworkParams_t xJoinAPParams; + WIFIReturnCode_t eWiFiStatus; + uint32_t ulInitialRetryPeriodMs = 500; + BaseType_t xMaxRetries = 6; + + eWiFiStatus = WIFI_On(); + + if( eWiFiStatus == eWiFiSuccess ) + { + configPRINTF( ( "WiFi module initialized. Connecting to AP %s\r\n", clientcredentialWIFI_SSID ) ); + } + else + { + configPRINTF( ( "WiFi module failed to initialize.\r\n" ) ); + + while( 1 ) + { + } + } + + /* Setup parameters. */ + xJoinAPParams.pcSSID = clientcredentialWIFI_SSID; + xJoinAPParams.ucSSIDLength = strlen( clientcredentialWIFI_SSID ); + xJoinAPParams.pcPassword = clientcredentialWIFI_PASSWORD; + xJoinAPParams.ucPasswordLength = strlen( clientcredentialWIFI_PASSWORD ); + xJoinAPParams.xSecurity = clientcredentialWIFI_SECURITY; + + RETRY_EXPONENTIAL( eWiFiStatus = WIFI_ConnectAP( &( xJoinAPParams ) ), + eWiFiSuccess, ulInitialRetryPeriodMs, xMaxRetries ); + + if( eWiFiStatus == eWiFiSuccess ) + { + configPRINTF( ( "WiFi Connected to AP. Creating tasks which use network...\r\n" ) ); + } + else + { + configPRINTF( ( "WiFi failed to connect to AP %s.\r\n", clientcredentialWIFI_SSID ) ); + + while( 1 ) + { + } + } +} +/*-----------------------------------------------------------*/ + +#if ( ipconfigUSE_LLMNR != 0 ) || ( ipconfigUSE_NBNS != 0 ) || ( ipconfigDHCP_REGISTER_HOSTNAME == 1 ) + + const char * pcApplicationHostnameHook( void ) + { + /* This function will be called during the DHCP: the machine will be registered + * with an IP address plus this name. */ + return clientcredentialIOT_THING_NAME; + } + +#endif +/*-----------------------------------------------------------*/ + +#if ( ipconfigUSE_LLMNR != 0 ) || ( ipconfigUSE_NBNS != 0 ) + + BaseType_t xApplicationDNSQueryHook( const char * pcName ) + { + BaseType_t xReturn; + + /* Determine if a name lookup is for this node. Two names are given + * to this node: that returned by pcApplicationHostnameHook() and that set + * by mainDEVICE_NICK_NAME. */ + if( strcmp( pcName, pcApplicationHostnameHook() ) == 0 ) + { + xReturn = pdPASS; + } + else if( strcmp( pcName, mainDEVICE_NICK_NAME ) == 0 ) + { + xReturn = pdPASS; + } + else + { + xReturn = pdFAIL; + } + + return xReturn; + } + +#endif /* if ( ipconfigUSE_LLMNR != 0 ) || ( ipconfigUSE_NBNS != 0 ) */ + +/*-----------------------------------------------------------*/ + +extern void esp_vApplicationTickHook(); +void IRAM_ATTR vApplicationTickHook() +{ + esp_vApplicationTickHook(); +} + +extern void esp_vApplicationIdleHook(); +void vApplicationIdleHook() +{ + esp_vApplicationIdleHook(); +} + +/*-----------------------------------------------------------*/ + +#if !AFR_ESP_LWIP +/*-----------------------------------------------------------*/ +void vApplicationIPNetworkEventHook( eIPCallbackEvent_t eNetworkEvent ) +{ + uint32_t ulIPAddress, ulNetMask, ulGatewayAddress, ulDNSServerAddress; + system_event_t evt; + + if( eNetworkEvent == eNetworkUp ) + { + /* Print out the network configuration, which may have come from a DHCP + * server. */ + FreeRTOS_GetAddressConfiguration( + &ulIPAddress, + &ulNetMask, + &ulGatewayAddress, + &ulDNSServerAddress ); + + evt.event_id = SYSTEM_EVENT_STA_GOT_IP; + evt.event_info.got_ip.ip_changed = true; + evt.event_info.got_ip.ip_info.ip.addr = ulIPAddress; + evt.event_info.got_ip.ip_info.netmask.addr = ulNetMask; + evt.event_info.got_ip.ip_info.gw.addr = ulGatewayAddress; + esp_event_send( &evt ); + } +} +#endif /* !AFR_ESP_LWIP */ + diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSConfig.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSConfig.h new file mode 100644 index 00000000000..a8bef9c64e1 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSConfig.h @@ -0,0 +1,403 @@ +/* + * FreeRTOS Kernel V10.2.0 + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#ifndef FREERTOS_CONFIG_H +#define FREERTOS_CONFIG_H + +/* The ESP32 development environment defines application configurations in this header. + * The configurations are updated in the "Espressif IDF Configuration" menu that appears + * when a "make menuconfig" is run from a 32 bit GNU compatible environment. + */ +#include "sdkconfig.h" + +/* Required for configuration-dependent settings */ +#include "xtensa_config.h" + +#ifndef __ASSEMBLER__ + #include /* for abort() */ + #include "esp32s2/rom/ets_sys.h" + #include + #include "soc/cpu.h" + #include "esp_attr.h" + + #if CONFIG_SYSVIEW_ENABLE + #include "SEGGER_SYSVIEW_FreeRTOS.h" + #undef INLINE // to avoid redefinition + #endif + + /* Unit testing include. */ + #include "unity_internals.h" +#endif /* def __ASSEMBLER__ */ + +#define pdTICKS_TO_MS( xTicks ) ( ( uint32_t ) ( xTicks ) * 1000 / configTICK_RATE_HZ ) + +/*----------------------------------------------------------- + * Application specific definitions. + * + * These definitions should be adjusted for your particular hardware and + * application requirements. + * + * Note that the default heap size is deliberately kept small so that + * the build is more likely to succeed for configurations with limited + * memory. + * + * THESE PARAMETERS ARE DESCRIBED WITHIN THE 'CONFIGURATION' SECTION OF THE + * FreeRTOS API DOCUMENTATION AVAILABLE ON THE FreeRTOS.org WEB SITE. + *----------------------------------------------------------*/ + +#define configUSE_PREEMPTION 1 +#define configUSE_IDLE_HOOK ( CONFIG_FREERTOS_LEGACY_IDLE_HOOK ) +#define configUSE_TICK_HOOK ( CONFIG_FREERTOS_LEGACY_TICK_HOOK ) +#define configTICK_RATE_HZ ( CONFIG_FREERTOS_HZ ) +#define configUSE_DAEMON_TASK_STARTUP_HOOK 1 + +/* Use the default clock rate for simulator. */ +/* #define configCPU_CLOCK_HZ 80000000 */ + +/* This has impact on speed of search for highest priority. */ +#ifdef SMALL_TEST + #define configMAX_PRIORITIES ( 7 ) +#else + #define configMAX_PRIORITIES ( 25 ) +#endif + +#ifndef CONFIG_ESP32_APPTRACE_ENABLE + #define configMINIMAL_STACK_SIZE 768 +#else + /* The apptrace module requires at least 2KB of stack per task. */ + #define configMINIMAL_STACK_SIZE 2048 +#endif + +#define configUSE_MUTEXES 1 +#define configUSE_RECURSIVE_MUTEXES 1 +#define configUSE_COUNTING_SEMAPHORES 1 +#define configUSE_16_BIT_TICKS 0 +#define configIDLE_SHOULD_YIELD 0 +#define configQUEUE_REGISTRY_SIZE CONFIG_FREERTOS_QUEUE_REGISTRY_SIZE +#define configMAX_TASK_NAME_LEN ( CONFIG_FREERTOS_MAX_TASK_NAME_LEN ) +#define configUSE_POSIX_ERRNO 1 +#define configUSE_APPLICATION_TASK_TAG 1 + +#if CONFIG_FREERTOS_CHECK_STACKOVERFLOW_NONE + #define configCHECK_FOR_STACK_OVERFLOW 0 +#elif CONFIG_FREERTOS_CHECK_STACKOVERFLOW_PTRVAL + #define configCHECK_FOR_STACK_OVERFLOW 1 +#elif CONFIG_FREERTOS_CHECK_STACKOVERFLOW_CANARY + #define configCHECK_FOR_STACK_OVERFLOW 2 +#endif + +/* We define the heap to span all of the non-statically-allocated shared RAM. + * TODO: Make sure there is some space left for the app and main cpu when running outside + * of a thread. */ +#define configAPPLICATION_ALLOCATED_HEAP 1 +#define configTOTAL_HEAP_SIZE (&_heap_end - &_heap_start)//( ( size_t ) (64 * 1024) ) + +#ifndef configIDLE_TASK_STACK_SIZE + #define configIDLE_TASK_STACK_SIZE CONFIG_FREERTOS_IDLE_TASK_STACKSIZE +#endif + +/* The Xtensa port uses a separate interrupt stack. Adjust the stack size */ +/* to suit the needs of your specific application. */ +#ifndef configISR_STACK_SIZE + #define configISR_STACK_SIZE CONFIG_FREERTOS_ISR_STACKSIZE +#endif + +#ifndef __ASSEMBLER__ + /* configASSERT behaviour */ + #define configASSERT( x ) if( ( x ) == 0 ) TEST_ABORT() + + /* The function that implements FreeRTOS printf style output, and the macro + * that maps the configPRINTF() macros to that function. */ + extern void vLoggingPrintf( const char * pcFormat, ... ); + #define configPRINTF( X ) vLoggingPrintf X + + /* Non-format version thread-safe print. */ + extern void vLoggingPrint( const char * pcMessage ); + #define configPRINT( X ) vLoggingPrint( X ) + + /* Map the logging task's printf to the board specific output function. */ + #define configPRINT_STRING( x ) printf( x ) +#endif /* #ifndef __ASSEMBER__ */ + +/* Sets the length of the buffers into which logging messages are written - so + * also defines the maximum length of each log message. */ +#define configLOGGING_MAX_MESSAGE_LENGTH 192 + +/* Set to 1 to prepend each log message with a message number, the task name, + * and a time stamp. */ +#define configLOGGING_INCLUDE_TIME_AND_TASK_NAME 1 + +/* Co-routine definitions. */ +#define configUSE_CO_ROUTINES 0 +#define configMAX_CO_ROUTINE_PRIORITIES ( 2 ) + +/* Test FreeRTOS timers (with timer task) and more. */ +/* Some files don't compile if this flag is disabled */ +#define configUSE_TIMERS 1 +#define configTIMER_TASK_PRIORITY CONFIG_FREERTOS_TIMER_TASK_PRIORITY +#define configTIMER_QUEUE_LENGTH CONFIG_FREERTOS_TIMER_QUEUE_LENGTH +#define configTIMER_TASK_STACK_DEPTH CONFIG_FREERTOS_TIMER_TASK_STACK_DEPTH + +#define INCLUDE_xTimerPendFunctionCall 1 +#define INCLUDE_eTaskGetState 1 +#define configUSE_QUEUE_SETS 1 + +#define configUSE_TICKLESS_IDLE CONFIG_FREERTOS_USE_TICKLESS_IDLE +#if configUSE_TICKLESS_IDLE +#define configEXPECTED_IDLE_TIME_BEFORE_SLEEP CONFIG_FREERTOS_IDLE_TIME_BEFORE_SLEEP +#endif //configUSE_TICKLESS_IDLE +#define configENABLE_TASK_SNAPSHOT 1 + +#define configINCLUDE_FREERTOS_TASK_C_ADDITIONS_H 1 + +/* Set the following definitions to 1 to include the API function, or zero + to exclude the API function. */ +#define INCLUDE_vTaskPrioritySet 1 +#define INCLUDE_uxTaskPriorityGet 1 +#define INCLUDE_vTaskDelete 1 +#define INCLUDE_vTaskCleanUpResources 0 +#define INCLUDE_vTaskSuspend 1 +#define INCLUDE_vTaskDelayUntil 1 +#define INCLUDE_vTaskDelay 1 +#define INCLUDE_uxTaskGetStackHighWaterMark 1 +#define INCLUDE_pcTaskGetTaskName 1 +#define INCLUDE_xTaskGetIdleTaskHandle 1 +#define INCLUDE_pxTaskGetStackStart 1 +#define INCLUDE_xSemaphoreGetMutexHolder 1 + +/* The priority at which the tick interrupt runs. This should probably be + kept at 1. */ +#define configKERNEL_INTERRUPT_PRIORITY 1 + +/* The maximum interrupt priority from which FreeRTOS.org API functions can + be called. Only API functions that end in ...FromISR() can be used within + interrupts. */ +#define configMAX_SYSCALL_INTERRUPT_PRIORITY XCHAL_EXCM_LEVEL + +#define configUSE_NEWLIB_REENTRANT 1 + +#define configSUPPORT_DYNAMIC_ALLOCATION 1 +#define configSUPPORT_STATIC_ALLOCATION CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION + +#ifndef __ASSEMBLER__ + extern void vPortCleanUpTCB ( void *pxTCB ); + #define portCLEAN_UP_TCB( pxTCB ) vPortCleanUpTCB( pxTCB ) +#endif + +#ifdef CONFIG_FREERTOS_USE_TRACE_FACILITY + #define configUSE_TRACE_FACILITY 1 /* Used by uxTaskGetSystemState(), and other trace facility functions */ +#endif + +#ifdef CONFIG_FREERTOS_USE_STATS_FORMATTING_FUNCTIONS + #define configUSE_STATS_FORMATTING_FUNCTIONS 1 /* Used by vTaskList() */ +#endif + +#ifdef CONFIG_FREERTOS_GENERATE_RUN_TIME_STATS + #define configGENERATE_RUN_TIME_STATS 1 /* Used by vTaskGetRunTimeStats() */ +#endif + + +/* This demo creates a virtual network connection by accessing the raw Ethernet + * or WiFi data to and from a real network connection. Many computers have more + * than one real network port, and configNETWORK_INTERFACE_TO_USE is used to tell + * the demo which real port should be used to create the virtual port. The ports + * available are displayed on the console when the application is executed. For + * example, on my development laptop setting configNETWORK_INTERFACE_TO_USE to 4 + * results in the wired network being used, while setting + * configNETWORK_INTERFACE_TO_USE to 2 results in the wireless network being + * used. */ +#define configNETWORK_INTERFACE_TO_USE 2L + +/* The address of an echo server that will be used by the two demo echo client + * tasks: + * http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_Echo_Clients.html, + * http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/UDP_Echo_Clients.html. */ +#define configECHO_SERVER_ADDR0 192 +#define configECHO_SERVER_ADDR1 168 +#define configECHO_SERVER_ADDR2 2 +#define configECHO_SERVER_ADDR3 7 +#define configTCP_ECHO_CLIENT_PORT 7 + +/* Default MAC address configuration. The demo creates a virtual network + * connection that uses this MAC address by accessing the raw Ethernet/WiFi data + * to and from a real network connection on the host PC. See the + * configNETWORK_INTERFACE_TO_USE definition above for information on how to + * configure the real network connection to use. */ +#define configMAC_ADDR0 0x00 +#define configMAC_ADDR1 0x11 +#define configMAC_ADDR2 0x22 +#define configMAC_ADDR3 0x33 +#define configMAC_ADDR4 0x44 +#define configMAC_ADDR5 0x21 + +/* Default IP address configuration. Used in ipconfigUSE_DHCP is set to 0, or + * ipconfigUSE_DHCP is set to 1 but a DNS server cannot be contacted. */ +#define configIP_ADDR0 192 +#define configIP_ADDR1 168 +#define configIP_ADDR2 0 +#define configIP_ADDR3 105 + +/* Default gateway IP address configuration. Used in ipconfigUSE_DHCP is set to + * 0, or ipconfigUSE_DHCP is set to 1 but a DNS server cannot be contacted. */ +#define configGATEWAY_ADDR0 192 +#define configGATEWAY_ADDR1 168 +#define configGATEWAY_ADDR2 0 +#define configGATEWAY_ADDR3 1 + +/* Default DNS server configuration. OpenDNS addresses are 208.67.222.222 and + * 208.67.220.220. Used in ipconfigUSE_DHCP is set to 0, or ipconfigUSE_DHCP is + * set to 1 but a DNS server cannot be contacted.*/ +#define configDNS_SERVER_ADDR0 208 +#define configDNS_SERVER_ADDR1 67 +#define configDNS_SERVER_ADDR2 222 +#define configDNS_SERVER_ADDR3 222 + +/* Default netmask configuration. Used in ipconfigUSE_DHCP is set to 0, or + * ipconfigUSE_DHCP is set to 1 but a DNS server cannot be contacted. */ +#define configNET_MASK0 255 +#define configNET_MASK1 255 +#define configNET_MASK2 255 +#define configNET_MASK3 0 + +/* The UDP port to which print messages are sent. */ +#define configPRINT_PORT ( 15000 ) + +#define configPROFILING ( 0 ) + +/* The platform FreeRTOS is running on. */ +#define configPLATFORM_NAME "EspressifESP32" + +#ifndef __ASSEMBLER__ +/*----------------------------------------------------------- + * Segger Sysview FreeRTOS configurations. + *-----------------------------------------------------------*/ + #ifndef traceISR_EXIT_TO_SCHEDULER + #define traceISR_EXIT_TO_SCHEDULER() + #endif + + #ifndef traceISR_EXIT + #define traceISR_EXIT() + #endif + + #ifndef traceISR_ENTER + #define traceISR_ENTER(_n_) + #endif + +/*----------------------------------------------------------- + * Extra ESP32 Specific Functions defined in extra.c + *-----------------------------------------------------------*/ + + int xTaskCreatePinnedToCore( void (*pxTaskCode)(void*), + const char * const pcName, + const uint32_t usStackDepth, + void * const pvParameters, + unsigned uxPriority, + void * const pxCreatedTask, + const int xCoreID ); + + static inline bool IRAM_ATTR xPortCanYield(void) + { + uint32_t ps_reg = 0; + + //Get the current value of PS (processor status) register + RSR(PS, ps_reg); + + /* + * intlevel = (ps_reg & 0xf); + * excm = (ps_reg >> 4) & 0x1; + * CINTLEVEL is max(excm * EXCMLEVEL, INTLEVEL), where EXCMLEVEL is 3. + * However, just return true, only intlevel is zero. + */ + + return ((ps_reg & PS_INTLEVEL_MASK) == 0); + } + + #define xTaskGetIdleTaskHandleForCPU(i) xTaskGetIdleTaskHandle() + + #define xTaskGetCurrentTaskHandleForCPU(i) xTaskGetCurrentTaskHandle() + + static inline int xTaskGetAffinity(void* arg) + { + return 0; + } + + #define tskNO_AFFINITY INT32_MAX + + extern struct _reent *_impure_ptr; + + extern void esp_tasks_c_additions_init(); + #define FREERTOS_TASKS_C_ADDITIONS_INIT() esp_tasks_c_additions_init() + +#endif /* #ifndef __ASSEMBLER__ */ + +/*----------------------------------------------------------- + * ESP32/Xtensa Specific configurations. + *-----------------------------------------------------------*/ + +/* ESP31 and ESP32 are dualcore processors. */ +#ifndef CONFIG_FREERTOS_UNICORE + #define portNUM_PROCESSORS 2 +#else + #define portNUM_PROCESSORS 1 +#endif + +#define configUSE_TRACE_FACILITY_2 0 /* Provided by Xtensa port patch */ +#define configBENCHMARK 0 /* Provided by Xtensa port patch */ + +#define XT_USE_THREAD_SAFE_CLIB 0 +#define configASSERT_2 0 +#define configUSE_MUTEX 1 +#undef XT_USE_SWPRI + +#if CONFIG_FREERTOS_CORETIMER_0 + #define XT_TIMER_INDEX 0 +#elif CONFIG_FREERTOS_CORETIMER_1 + #define XT_TIMER_INDEX 1 +#endif + +#define configNUM_THREAD_LOCAL_STORAGE_POINTERS CONFIG_FREERTOS_THREAD_LOCAL_STORAGE_POINTERS +#define configTHREAD_LOCAL_STORAGE_DELETE_CALLBACKS 1 + +#ifndef __ASSEMBLER__ + /** + * This function is defined to provide a deprecation warning whenever + * XT_CLOCK_FREQ macro is used. + * Update the code to use esp_clk_cpu_freq function instead. + * @return current CPU clock frequency, in Hz + */ + int xt_clock_freq(void) __attribute__((deprecated)); + #define XT_CLOCK_FREQ (xt_clock_freq()) +#endif // __ASSEMBLER__ + +#define configXT_BOARD 1 /* Board mode. */ +#define configXT_SIMULATOR 0 + +#if CONFIG_FREERTOS_ASSERT_ON_UNTESTED_FUNCTION + #define UNTESTED_FUNCTION() { ets_printf("Untested FreeRTOS function %s\r\n", __FUNCTION__); configASSERT(false); } while(0) +#else + #define UNTESTED_FUNCTION() +#endif + +#endif /* #define FREERTOS_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSIPConfig.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSIPConfig.h new file mode 100644 index 00000000000..9fed74eccd2 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/FreeRTOSIPConfig.h @@ -0,0 +1,318 @@ +/* + * FreeRTOS Kernel V10.2.0 + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/***************************************************************************** +* +* See the following URL for configuration information. +* http://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_IP_Configuration.html +* +*****************************************************************************/ + +#ifndef FREERTOS_IP_CONFIG_H +#define FREERTOS_IP_CONFIG_H + +/* Prototype for the function used to print out. In this case it prints to the + * console before the network is connected then a UDP port after the network has + * connected. */ +extern void vLoggingPrintf( const char * pcFormatString, + ... ); + +/* Set to 1 to print out debug messages. If ipconfigHAS_DEBUG_PRINTF is set to + * 1 then FreeRTOS_debug_printf should be defined to the function used to print + * out the debugging messages. */ +#define ipconfigHAS_DEBUG_PRINTF 0 +#if ( ipconfigHAS_DEBUG_PRINTF == 1 ) + #define FreeRTOS_debug_printf( X ) configPRINTF( X ) +#endif + +/* Set to 1 to print out non debugging messages, for example the output of the + * FreeRTOS_netstat() command, and ping replies. If ipconfigHAS_PRINTF is set to 1 + * then FreeRTOS_printf should be set to the function used to print out the + * messages. */ +#define ipconfigHAS_PRINTF 1 +#if ( ipconfigHAS_PRINTF == 1 ) + #define FreeRTOS_printf( X ) configPRINTF( X ) + /* Allow monitoring the message queue of the IP-task. */ + #define ipconfigCHECK_IP_QUEUE_SPACE 1 +#endif + +/* Define the byte order of the target MCU (the MCU FreeRTOS+TCP is executing + * on). Valid options are pdFREERTOS_BIG_ENDIAN and pdFREERTOS_LITTLE_ENDIAN. */ +#define ipconfigBYTE_ORDER pdFREERTOS_LITTLE_ENDIAN + +/* If the network card/driver includes checksum offloading (IP/TCP/UDP checksums) + * then set ipconfigDRIVER_INCLUDED_RX_IP_CHECKSUM to 1 to prevent the software + * stack repeating the checksum calculations. */ +#define ipconfigDRIVER_INCLUDED_RX_IP_CHECKSUM 1 + +/* TX checksum offloading has NOT been implemented in the Wi-Fi of ESP32. */ +#define ipconfigDRIVER_INCLUDED_TX_IP_CHECKSUM 0 + +/* Several API's will block until the result is known, or the action has been + * performed, for example FreeRTOS_send() and FreeRTOS_recv(). The timeouts can be + * set per socket, using setsockopt(). If not set, the times below will be + * used as defaults. */ +#define ipconfigSOCK_DEFAULT_RECEIVE_BLOCK_TIME ( 500 ) +#define ipconfigSOCK_DEFAULT_SEND_BLOCK_TIME ( 500 ) + +/* Include support for DNS caching. For TCP, having a small DNS cache is very + * useful. When a cache is present, ipconfigDNS_REQUEST_ATTEMPTS can be kept low + * and also DNS may use small timeouts. If a DNS reply comes in after the DNS + * socket has been destroyed, the result will be stored into the cache. The next + * call to FreeRTOS_gethostbyname() will return immediately, without even creating + * a socket. + */ +#define ipconfigUSE_DNS_CACHE ( 1 ) +#define ipconfigDNS_CACHE_ADDRESSES_PER_ENTRY ( 6 ) +#define ipconfigDNS_REQUEST_ATTEMPTS ( 2 ) + +/* The IP stack executes it its own task (although any application task can make + * use of its services through the published sockets API). ipconfigUDP_TASK_PRIORITY + * sets the priority of the task that executes the IP stack. The priority is a + * standard FreeRTOS task priority so can take any value from 0 (the lowest + * priority) to (configMAX_PRIORITIES - 1) (the highest priority). + * configMAX_PRIORITIES is a standard FreeRTOS configuration parameter defined in + * FreeRTOSConfig.h, not FreeRTOSIPConfig.h. Consideration needs to be given as to + * the priority assigned to the task executing the IP stack relative to the + * priority assigned to tasks that use the IP stack. */ +#define ipconfigIP_TASK_PRIORITY ( configMAX_PRIORITIES - 7 ) + +/* The size, in words (not bytes), of the stack allocated to the FreeRTOS+TCP + * task. This setting is less important when the FreeRTOS Win32 simulator is used + * as the Win32 simulator only stores a fixed amount of information on the task + * stack. FreeRTOS includes optional stack overflow detection, see: + * http://www.freertos.org/Stacks-and-stack-overflow-checking.html. */ +#define ipconfigIP_TASK_STACK_SIZE_WORDS ( configMINIMAL_STACK_SIZE * 5 ) + +/* ipconfigRAND32() is called by the IP stack to generate random numbers for + * things such as a DHCP transaction number or initial sequence number. Random + * number generation is performed via this macro to allow applications to use their + * own random number generation method. For example, it might be possible to + * generate a random number by sampling noise on an analogue input. */ +extern uint32_t ulRand(); +#define ipconfigRAND32() ulRand() + +/* If ipconfigUSE_NETWORK_EVENT_HOOK is set to 1 then FreeRTOS+TCP will call the + * network event hook at the appropriate times. If ipconfigUSE_NETWORK_EVENT_HOOK + * is not set to 1 then the network event hook will never be called. See: + * http://www.FreeRTOS.org/FreeRTOS-Plus/FreeRTOS_Plus_UDP/API/vApplicationIPNetworkEventHook.shtml. + */ +#define ipconfigUSE_NETWORK_EVENT_HOOK 1 + +/* Sockets have a send block time attribute. If FreeRTOS_sendto() is called but + * a network buffer cannot be obtained then the calling task is held in the Blocked + * state (so other tasks can continue to executed) until either a network buffer + * becomes available or the send block time expires. If the send block time expires + * then the send operation is aborted. The maximum allowable send block time is + * capped to the value set by ipconfigMAX_SEND_BLOCK_TIME_TICKS. Capping the + * maximum allowable send block time prevents prevents a deadlock occurring when + * all the network buffers are in use and the tasks that process (and subsequently + * free) the network buffers are themselves blocked waiting for a network buffer. + * ipconfigMAX_SEND_BLOCK_TIME_TICKS is specified in RTOS ticks. A time in + * milliseconds can be converted to a time in ticks by dividing the time in + * milliseconds by portTICK_PERIOD_MS. */ +#define ipconfigUDP_MAX_SEND_BLOCK_TIME_TICKS ( 5000 / portTICK_PERIOD_MS ) + +/* If ipconfigUSE_DHCP is 1 then FreeRTOS+TCP will attempt to retrieve an IP + * address, netmask, DNS server address and gateway address from a DHCP server. If + * ipconfigUSE_DHCP is 0 then FreeRTOS+TCP will use a static IP address. The + * stack will revert to using the static IP address even when ipconfigUSE_DHCP is + * set to 1 if a valid configuration cannot be obtained from a DHCP server for any + * reason. The static configuration used is that passed into the stack by the + * FreeRTOS_IPInit() function call. */ +#define ipconfigUSE_DHCP 1 +#define ipconfigDHCP_REGISTER_HOSTNAME 1 +#define ipconfigDHCP_USES_UNICAST 1 + +/* If ipconfigDHCP_USES_USER_HOOK is set to 1 then the application writer must + * provide an implementation of the DHCP callback function, + * xApplicationDHCPUserHook(). */ +#define ipconfigUSE_DHCP_HOOK 0 + +/* When ipconfigUSE_DHCP is set to 1, DHCP requests will be sent out at + * increasing time intervals until either a reply is received from a DHCP server + * and accepted, or the interval between transmissions reaches + * ipconfigMAXIMUM_DISCOVER_TX_PERIOD. The IP stack will revert to using the + * static IP address passed as a parameter to FreeRTOS_IPInit() if the + * re-transmission time interval reaches ipconfigMAXIMUM_DISCOVER_TX_PERIOD without + * a DHCP reply being received. */ +#define ipconfigMAXIMUM_DISCOVER_TX_PERIOD \ + ( 120000 / portTICK_PERIOD_MS ) + +/* The ARP cache is a table that maps IP addresses to MAC addresses. The IP + * stack can only send a UDP message to a remove IP address if it knowns the MAC + * address associated with the IP address, or the MAC address of the router used to + * contact the remote IP address. When a UDP message is received from a remote IP + * address the MAC address and IP address are added to the ARP cache. When a UDP + * message is sent to a remote IP address that does not already appear in the ARP + * cache then the UDP message is replaced by a ARP message that solicits the + * required MAC address information. ipconfigARP_CACHE_ENTRIES defines the maximum + * number of entries that can exist in the ARP table at any one time. */ +#define ipconfigARP_CACHE_ENTRIES 6 + +/* ARP requests that do not result in an ARP response will be re-transmitted a + * maximum of ipconfigMAX_ARP_RETRANSMISSIONS times before the ARP request is + * aborted. */ +#define ipconfigMAX_ARP_RETRANSMISSIONS ( 5 ) + +/* ipconfigMAX_ARP_AGE defines the maximum time between an entry in the ARP + * table being created or refreshed and the entry being removed because it is stale. + * New ARP requests are sent for ARP cache entries that are nearing their maximum + * age. ipconfigMAX_ARP_AGE is specified in tens of seconds, so a value of 150 is + * equal to 1500 seconds (or 25 minutes). */ +#define ipconfigMAX_ARP_AGE 150 + +/* Implementing FreeRTOS_inet_addr() necessitates the use of string handling + * routines, which are relatively large. To save code space the full + * FreeRTOS_inet_addr() implementation is made optional, and a smaller and faster + * alternative called FreeRTOS_inet_addr_quick() is provided. FreeRTOS_inet_addr() + * takes an IP in decimal dot format (for example, "192.168.0.1") as its parameter. + * FreeRTOS_inet_addr_quick() takes an IP address as four separate numerical octets + * (for example, 192, 168, 0, 1) as its parameters. If + * ipconfigINCLUDE_FULL_INET_ADDR is set to 1 then both FreeRTOS_inet_addr() and + * FreeRTOS_indet_addr_quick() are available. If ipconfigINCLUDE_FULL_INET_ADDR is + * not set to 1 then only FreeRTOS_indet_addr_quick() is available. */ +#define ipconfigINCLUDE_FULL_INET_ADDR 1 + +/* ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS defines the total number of network buffer that + * are available to the IP stack. The total number of network buffers is limited + * to ensure the total amount of RAM that can be consumed by the IP stack is capped + * to a pre-determinable value. */ +#define ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS 60 + +/* A FreeRTOS queue is used to send events from application tasks to the IP + * stack. ipconfigEVENT_QUEUE_LENGTH sets the maximum number of events that can + * be queued for processing at any one time. The event queue must be a minimum of + * 5 greater than the total number of network buffers. */ +#define ipconfigEVENT_QUEUE_LENGTH \ + ( ipconfigNUM_NETWORK_BUFFER_DESCRIPTORS + 5 ) + +/* The address of a socket is the combination of its IP address and its port + * number. FreeRTOS_bind() is used to manually allocate a port number to a socket + * (to 'bind' the socket to a port), but manual binding is not normally necessary + * for client sockets (those sockets that initiate outgoing connections rather than + * wait for incoming connections on a known port number). If + * ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND is set to 1 then calling + * FreeRTOS_sendto() on a socket that has not yet been bound will result in the IP + * stack automatically binding the socket to a port number from the range + * socketAUTO_PORT_ALLOCATION_START_NUMBER to 0xffff. If + * ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND is set to 0 then calling FreeRTOS_sendto() + * on a socket that has not yet been bound will result in the send operation being + * aborted. */ +#define ipconfigALLOW_SOCKET_SEND_WITHOUT_BIND 1 + +/* Defines the Time To Live (TTL) values used in outgoing UDP packets. */ +#define ipconfigUDP_TIME_TO_LIVE 128 +/* Also defined in FreeRTOSIPConfigDefaults.h. */ +#define ipconfigTCP_TIME_TO_LIVE 128 + +/* USE_TCP: Use TCP and all its features. */ +#define ipconfigUSE_TCP ( 1 ) + +/* USE_WIN: Let TCP use windowing mechanism. */ +#define ipconfigUSE_TCP_WIN ( 1 ) + +/* The MTU is the maximum number of bytes the payload of a network frame can + * contain. For normal Ethernet V2 frames the maximum MTU is 1500. Setting a + * lower value can save RAM. */ +#define ipconfigNETWORK_MTU 1460 + +/* Set ipconfigUSE_DNS to 1 to include a basic DNS client/resolver. DNS is used + * through the FreeRTOS_gethostbyname() API function. */ +#define ipconfigUSE_DNS 1 + +/* If ipconfigREPLY_TO_INCOMING_PINGS is set to 1 then the IP stack will + * generate replies to incoming ICMP echo (ping) requests. */ +#define ipconfigREPLY_TO_INCOMING_PINGS 1 + +/* If ipconfigSUPPORT_OUTGOING_PINGS is set to 1 then the + * FreeRTOS_SendPingRequest() API function is available. */ +#define ipconfigSUPPORT_OUTGOING_PINGS 0 + +/* If ipconfigSUPPORT_SELECT_FUNCTION is set to 1 then the FreeRTOS_select() + * (and associated) API function is available. */ +#define ipconfigSUPPORT_SELECT_FUNCTION 0 + +/* If ipconfigFILTER_OUT_NON_ETHERNET_II_FRAMES is set to 1 then Ethernet frames + * that are not in Ethernet II format will be dropped. This option is included for + * potential future IP stack developments. */ +#define ipconfigFILTER_OUT_NON_ETHERNET_II_FRAMES 1 + +/* If ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES is set to 1 then it is the + * responsibility of the Ethernet interface to filter out packets that are of no + * interest. If the Ethernet interface does not implement this functionality, then + * set ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES to 0 to have the IP stack + * perform the filtering instead (it is much less efficient for the stack to do it + * because the packet will already have been passed into the stack). If the + * Ethernet driver does all the necessary filtering in hardware then software + * filtering can be removed by using a value other than 1 or 0. */ +#define ipconfigETHERNET_DRIVER_FILTERS_FRAME_TYPES 1 + +/* The windows simulator cannot really simulate MAC interrupts, and needs to + * block occasionally to allow other tasks to run. */ +#define configWINDOWS_MAC_INTERRUPT_SIMULATOR_DELAY ( 20 / portTICK_PERIOD_MS ) + +/* Advanced only: in order to access 32-bit fields in the IP packets with + * 32-bit memory instructions, all packets will be stored 32-bit-aligned, + * plus 16-bits. This has to do with the contents of the IP-packets: all + * 32-bit fields are 32-bit-aligned, plus 16-bit. */ +#define ipconfigPACKET_FILLER_SIZE 2 + +/* Define the size of the pool of TCP window descriptors. On the average, each + * TCP socket will use up to 2 x 6 descriptors, meaning that it can have 2 x 6 + * outstanding packets (for Rx and Tx). When using up to 10 TP sockets + * simultaneously, one could define TCP_WIN_SEG_COUNT as 120. */ +#define ipconfigTCP_WIN_SEG_COUNT 240 + +/* Each TCP socket has a circular buffers for Rx and Tx, which have a fixed + * maximum size. Define the size of Rx buffer for TCP sockets. */ +#define ipconfigTCP_RX_BUFFER_LENGTH ( 3000 ) + +/* Define the size of Tx buffer for TCP sockets. */ +#define ipconfigTCP_TX_BUFFER_LENGTH ( 3000 ) + +/* When using call-back handlers, the driver may check if the handler points to + * real program memory (RAM or flash) or just has a random non-zero value. */ +#define ipconfigIS_VALID_PROG_ADDRESS( x ) ( ( x ) != NULL ) + +/* Include support for TCP keep-alive messages. */ +#define ipconfigTCP_KEEP_ALIVE ( 1 ) +#define ipconfigTCP_KEEP_ALIVE_INTERVAL ( 20 ) /* Seconds. */ + +/* The socket semaphore is used to unblock the MQTT task. */ +#define ipconfigSOCKET_HAS_USER_SEMAPHORE ( 0 ) + +#define ipconfigSOCKET_HAS_USER_WAKE_CALLBACK ( 1 ) +#define ipconfigUSE_CALLBACKS ( 0 ) + + +#define portINLINE __inline + +void vApplicationMQTTGetKeys( const char ** ppcRootCA, + const char ** ppcClientCert, + const char ** ppcClientPrivateKey ); + +#endif /* FREERTOS_IP_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_bufferpool_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_bufferpool_config.h new file mode 100644 index 00000000000..e85a3536f32 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_bufferpool_config.h @@ -0,0 +1,44 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_bufferpool_config.h + * @brief Buffer Pool config options. + */ + +#ifndef _AWS_BUFFER_POOL_CONFIG_H_ +#define _AWS_BUFFER_POOL_CONFIG_H_ + +/** + * @brief The number of buffers in the static buffer pool. + */ +#define bufferpoolconfigNUM_BUFFERS ( 8 ) + +/** + * @brief The size of each buffer in the static buffer pool. + */ +#define bufferpoolconfigBUFFER_SIZE ( 2048 + 128 ) + +#endif /* _AWS_BUFFER_POOL_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_demo_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_demo_config.h new file mode 100644 index 00000000000..1ff2c91a680 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_demo_config.h @@ -0,0 +1,66 @@ +/* + * FreeRTOS V1.4.7 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#ifndef _AWS_DEMO_CONFIG_H_ +#define _AWS_DEMO_CONFIG_H_ + +/* To run a particular demo you need to define one of these. + * Only one demo can be configured at a time + * + * CONFIG_MQTT_DEMO_ENABLED + * CONFIG_SHADOW_DEMO_ENABLED + * CONFIG_MQTT_BLE_DEMO_ENABLED + * CONFIG_GREENGRASS_DISCOVERY_DEMO_ENABLED + * CONFIG_TCP_ECHO_CLIENT_DEMO_ENABLED + * CONFIG_DEFENDER_DEMO_ENABLED + * CONFIG_POSIX_DEMO_ENABLED + * CONFIG_OTA_UPDATE_DEMO_ENABLED + * CONFIG_BLE_GATT_SERVER_DEMO_ENABLED + * CONFIG_BLE_NUMERIC_COMPARISON_DEMO_ENABLED + * + * These defines are used in iot_demo_runner.h for demo selection */ + +#define CONFIG_MQTT_DEMO_ENABLED + +/* Default configuration for all demos. Individual demos can override these below */ +#define democonfigDEMO_STACKSIZE ( configMINIMAL_STACK_SIZE * 8 ) +#define democonfigDEMO_PRIORITY ( tskIDLE_PRIORITY + 5 ) + +#define democonfigSHADOW_DEMO_NUM_TASKS ( 1 ) +#define democonfigSHADOW_DEMO_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 4 ) +#define democonfigSHADOW_DEMO_TASK_PRIORITY ( tskIDLE_PRIORITY + 5 ) +#define shadowDemoUPDATE_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 5 ) + +#define democonfigMQTT_ECHO_TLS_NEGOTIATION_TIMEOUT pdMS_TO_TICKS( 12000 ) +#define democonfigMQTT_ECHO_TASK_PRIORITY ( tskIDLE_PRIORITY ) + +/* Timeout used when performing MQTT operations that do not need extra time + * to perform a TLS negotiation. */ +#define democonfigMQTT_TIMEOUT pdMS_TO_TICKS( 3000 ) + +/* Send AWS IoT MQTT traffic encrypted to destination port 443. */ +#define democonfigMQTT_AGENT_CONNECT_FLAGS ( mqttagentREQUIRE_TLS | mqttagentUSE_AWS_IOT_ALPN_443 ) + +#endif /* _AWS_DEMO_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ggd_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ggd_config.h new file mode 100644 index 00000000000..a7f4acbf40b --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ggd_config.h @@ -0,0 +1,46 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_ggd_config.h + * @brief GGD config options. + */ + +#ifndef _AWS_GGD_CONFIG_H_ +#define _AWS_GGD_CONFIG_H_ + + +/** + * @brief The number of your network interface here. + */ +#define ggdconfigCORE_NETWORK_INTERFACE ( 0 ) + +/** + * @brief Size of the array used by jsmn to store the tokens. + */ +#define ggdconfigJSON_MAX_TOKENS ( 128 ) + +#endif /* _AWS_GGD_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_iot_network_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_iot_network_config.h new file mode 100644 index 00000000000..044ad007c62 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_iot_network_config.h @@ -0,0 +1,57 @@ +/* +* FreeRTOS + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_iot_network_config.h + * @brief Configuration file which enables different network types. + */ +#ifndef AWS_IOT_NETWORK_CONFIG_H_ +#define AWS_IOT_NETWORK_CONFIG_H_ + +/** + * @brief Configuration flag used to specify all supported network types by the board. + * + * The configuration is fixed per board and should never be changed. + * More than one network interfaces can be enabled by using 'OR' operation with flags for + * each network types supported. Flags for all supported network types can be found + * in "aws_iot_network.h" + */ + +#define configSUPPORTED_NETWORKS ( AWSIOT_NETWORK_TYPE_WIFI ) + +/** + * @brief Configuration flag which is used to enable one or more network interfaces for a board. + * + * The configuration can be changed any time to keep one or more network enabled or disabled. + * More than one network interfaces can be enabled by using 'OR' operation with flags for + * each network types supported. Flags for all supported network types can be found + * in "aws_iot_network.h" + * + */ + +#define configENABLED_NETWORKS ( AWSIOT_NETWORK_TYPE_WIFI ) + +#endif /* CONFIG_FILES_AWS_IOT_NETWORK_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_mqtt_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_mqtt_config.h new file mode 100644 index 00000000000..f6a5be89a75 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_mqtt_config.h @@ -0,0 +1,72 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_mqtt_config.h + * @brief MQTT config options. + */ + +#ifndef _AWS_MQTT_CONFIG_H_ +#define _AWS_MQTT_CONFIG_H_ + +#include + +/** + * @brief Enable subscription management. + * + * This gives the user flexibility of registering a callback per topic. + */ +#define mqttconfigENABLE_SUBSCRIPTION_MANAGEMENT ( 1 ) + +/** + * @brief Maximum length of the topic which can be stored in subscription + * manager. + */ +#define mqttconfigSUBSCRIPTION_MANAGER_MAX_TOPIC_LENGTH ( 128 ) + +/** + * @brief Maximum number of subscriptions which can be stored in subscription + * manager. + */ +#define mqttconfigSUBSCRIPTION_MANAGER_MAX_SUBSCRIPTIONS ( 8 ) + +/* + * Uncomment the following two lines to enable asserts. + */ +/* extern void vAssertCalled( const char *pcFile, uint32_t ulLine ); */ +/* #define mqttconfigASSERT( x ) if( ( x ) == 0 ) vAssertCalled( __FILE__, __LINE__ ) */ + +#if defined(AMAZON_FREERTOS_ENABLE_UNIT_TESTS) +#include "unity_internals.h" +#define mqttconfigASSERT( x ) if( ( x ) == 0 ) TEST_ABORT() +#endif /* AMAZON_FREERTOS_ENABLE_UNIT_TESTS */ + +/** + * @brief Set this macro to 1 for enabling debug logs. + */ +#define mqttconfigENABLE_DEBUG_LOGS 0 + +#endif /* _AWS_MQTT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ota_agent_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ota_agent_config.h new file mode 100644 index 00000000000..463ea8ad3ca --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_ota_agent_config.h @@ -0,0 +1,151 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_ota_agent_config.h + * @brief OTA user configurable settings. + */ + +#ifndef _AWS_OTA_AGENT_CONFIG_H_ +#define _AWS_OTA_AGENT_CONFIG_H_ + +/** + * @brief The number of words allocated to the stack for the OTA agent. + */ +#define otaconfigSTACK_SIZE 3000U + +/** + * @brief Log base 2 of the size of the file data block message (excluding the header). + * + * 10 bits yields a data block size of 1KB. + */ +#define otaconfigLOG2_FILE_BLOCK_SIZE 12UL + +/** + * @brief Milliseconds to wait for the self test phase to succeed before we force reset. + */ +#define otaconfigSELF_TEST_RESPONSE_WAIT_MS 16000U + +/** + * @brief Milliseconds to wait before requesting data blocks from the OTA service if nothing is happening. + * + * The wait timer is reset whenever a data block is received from the OTA service so we will only send + * the request message after being idle for this amount of time. + */ +#define otaconfigFILE_REQUEST_WAIT_MS 10000U + +/** + * @brief The OTA agent task priority. Normally it runs at a low priority. + */ +#define otaconfigAGENT_PRIORITY tskIDLE_PRIORITY + 5U + +/** + * @brief The maximum allowed length of the thing name used by the OTA agent. + * + * AWS IoT requires Thing names to be unique for each device that connects to the broker. + * Likewise, the OTA agent requires the developer to construct and pass in the Thing name when + * initializing the OTA agent. The agent uses this size to allocate static storage for the + * Thing name used in all OTA base topics. Namely $aws/things/ + */ +#define otaconfigMAX_THINGNAME_LEN 64U + +/** + * @brief The maximum number of data blocks requested from OTA streaming service. + * + * This configuration parameter is sent with data requests and represents the maximum number of + * data blocks the service will send in response. The maximum limit for this must be calculated + * from the maximum data response limit (128 KB from service) divided by the block size. + * For example if block size is set as 1 KB then the maximum number of data blocks that we can + * request is 128/1 = 128 blocks. Configure this parameter to this maximum limit or lower based on + * how many data blocks response is expected for each data requests. + * Please note that this must be set larger than zero. + * + */ +#define otaconfigMAX_NUM_BLOCKS_REQUEST 8U + +/** + * @brief The maximum number of requests allowed to send without a response before we abort. + * + * This configuration parameter sets the maximum number of times the requests are made over + * the selected communication channel before aborting and returning error. + * + */ +#define otaconfigMAX_NUM_REQUEST_MOMENTUM 32U + +/** + * @brief The number of data buffers reserved by the OTA agent. + * + * This configurations parameter sets the maximum number of static data buffers used by + * the OTA agent for job and file data blocks received. + */ +#define otaconfigMAX_NUM_OTA_DATA_BUFFERS 2U + +/** + * @brief Allow update to same or lower version. + * + * Set this to 1 to allow downgrade or same version update.This configurations parameter + * disables version check and allows update to a same or lower version.This is provided for + * testing purpose and it is recommended to always update to higher version and keep this + * configuration disabled. + */ +#define otaconfigAllowDowngrade 0U + +/** + * @brief The protocol selected for OTA control operations. + + * This configurations parameter sets the default protocol for all the OTA control + * operations like requesting OTA job, updating the job status etc. + * + * Note - Only MQTT is supported at this time for control operations. + */ +#define configENABLED_CONTROL_PROTOCOL ( OTA_CONTROL_OVER_MQTT ) + +/** + * @brief The protocol selected for OTA data operations. + + * This configurations parameter sets the protocols selected for the data operations + * like requesting file blocks from the service. + * + * Note - Both MQTT and HTTP is supported for data transfer. This configuration parameter + * can be set to following - + * Enable data over MQTT - ( OTA_DATA_OVER_MQTT ) + * Enable data over HTTP - ( OTA_DATA_OVER_HTTP) + * Enable data over both MQTT & HTTP ( OTA_DATA_OVER_MQTT | OTA_DATA_OVER_HTTP ) + */ +#define configENABLED_DATA_PROTOCOLS ( OTA_DATA_OVER_MQTT ) + + /** + * @brief The preferred protocol selected for OTA data operations. + * + * Primary data protocol will be the protocol used for downloading file if more than + * one protocol is selected while creating OTA job. Default primary data protocol is MQTT + * and following update here to switch to HTTP as primary. + * + * Note - use OTA_DATA_OVER_HTTP for HTTP as primary data protocol. + */ + +#define configOTA_PRIMARY_DATA_PROTOCOL ( OTA_DATA_OVER_MQTT ) + +#endif /* _AWS_OTA_AGENT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_secure_sockets_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_secure_sockets_config.h new file mode 100644 index 00000000000..ac128cc8d6d --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_secure_sockets_config.h @@ -0,0 +1,72 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_secure_sockets_config.h + * @brief Secure sockets configuration options. + */ + +#ifndef _AWS_SECURE_SOCKETS_CONFIG_H_ +#define _AWS_SECURE_SOCKETS_CONFIG_H_ + +/** + * @brief Byte order of the target MCU. + * + * Valid values are pdLITTLE_ENDIAN and pdBIG_ENDIAN. + */ +#define socketsconfigBYTE_ORDER pdLITTLE_ENDIAN + +/** + * @brief Default socket send timeout. + */ +#define socketsconfigDEFAULT_SEND_TIMEOUT ( 10000 ) + +/** + * @brief Default socket receive timeout. + */ +#define socketsconfigDEFAULT_RECV_TIMEOUT ( 10000 ) + +/** + * @brief Enable metrics of secure socket. + */ +#define AWS_IOT_SECURE_SOCKETS_METRICS_ENABLED ( 1 ) + +/** + * @brief Stack depth for the task that runs the receive callback function + * + * When SOCKETS_SetSockOpt() is called with SOCKETS_SO_WAKEUP_CALLBACK and + * a function pointer, a task is created to run the callback each time the + * socket becomes ready. This is the number of words (not bytes!) to allocate + * for use as the task’s stack. + */ +#define socketsconfigRECEIVE_CALLBACK_TASK_STACK_DEPTH 1024u + +/** + * @brief Default max socket number support + */ +#define socketsconfigDEFAULT_MAX_NUM_SECURE_SOCKETS 10 + +#endif /* _AWS_SECURE_SOCKETS_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_shadow_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_shadow_config.h new file mode 100644 index 00000000000..65347dc3bf4 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_shadow_config.h @@ -0,0 +1,108 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_shadow_config.h + * @brief specify shadow config + */ + +#ifndef _AWS_SHADOW_CONFIG_H_ +#define _AWS_SHADOW_CONFIG_H_ + +/** + * @brief Number of jsmn tokens to use in parsing. Each jsmn token contains 4 ints. + * Ensure that the number of tokens does not overflow the calling task's stack, + * but is also sufficient to parse the largest expected JSON documents. */ +#define shadowConfigJSON_JSMN_TOKENS ( 64 ) + + +/** + * @brief + * The JSON key to search for when looking for client tokens. + */ +#define shadowConfigJSON_CLIENT_TOKEN "clientToken" + + + /** + * @brief + * enable/disable shadowConfigUNIQUE_CLIENT_TOKEN_CHECK check. + */ +#define shadowConfigUNIQUE_CLIENT_TOKEN_CHECK 0 + + + /** + * @brief Maximum number of Shadow Clients. + * + * Up to this number of Shadow Clients may be successfully created with + * #SHADOW_ClientCreate. Shadow clients are allocated in the global data + * segment. Ensure that there is enough memory to accommodate the Shadow + * Clients. + * + * @note Should be less than 256. + */ +#define shadowMAX_CLIENTS ( ( BaseType_t ) ( 1 ) ) + + /** + * @brief Shadow debug message setting. + * + * Set this value to @c 0 to disable Shadow Client debug messages; or set it to + * @c 1 to enable debug messages. Ensure that the macro @c configPRINTF is + * available if debugging is enabled. + */ +#define shadowENABLE_DEBUG_LOGS ( 1 ) + + /** + * @brief Number of unique Things for which user notify callbacks can be + * registered. + * + * Each Shadow Client stores the Things with user notify callbacks registered. + * Define how many unique Things require user notify callbacks here. + * + * @note Should be less than 256. + */ +#define shadowCLIENT_MAX_THINGS_WITH_CALLBACKS ( ( BaseType_t ) ( 1 ) ) + + /** + * @brief Time (in milliseconds) a Shadow Client may block during cleanup @b IF + * a timeout occurs. + * + * Should a Shadow API call time out, the Shadow Client will stop its current + * operation and cleanup before returning. The time below (in milliseconds) is + * the amount of additional time that the Shadow Client may block to cleanup @b + * IF the user's given timeout is inadequate. In general, 5000 ms is sufficient + * for cleanup on a good connection; more time should be given if the connection + * is unreliable. + * + * @note If a user gives a Shadow API call @a x milliseconds of block time but + * @a x is insufficient time to complete the API call, then function may block + * for up to (@a x + #shadowCLEANUP_TIME_MS) milliseconds. However, if @a x is + * sufficient time for the API call, then block time will be at most @a x + * milliseconds. + * @warning If cleanup doesn't fully complete, users may be billed for MQTT + * messages on topics that weren't properly cleaned up! + */ +#define shadowCLEANUP_TIME_MS 5000 +#endif /* _AWS_SHADOW_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_ota_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_ota_config.h new file mode 100644 index 00000000000..d03965fe8d5 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_ota_config.h @@ -0,0 +1,81 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_test_ota_config.h + * @brief Port-specific variables for firmware Over-the-Air Update tests. */ + +#ifndef _AWS_TEST_OTA_CONFIG_H_ +#define _AWS_TEST_OTA_CONFIG_H_ + +/** + * @brief Path to cert for OTA test PAL. Used to verify signature. + * If applicable, the device must be pre-provisioned with this certificate. Please see + * test/common/ota/test_files for the set of certificates. + */ +#define otatestpalCERTIFICATE_FILE "ecdsa-sha256-signer.crt.pem" + +/** + * @brief Some devices have a hard-coded name for the firmware image to boot. + */ +#define otatestpalFIRMWARE_FILE "dummy.bin" + +/** + * @brief Some boards OTA PAL layers will use the file names passed into it for the + * image and the certificates because their non-volatile memory is abstracted by a + * file system. Set this to 1 if that is the case for your device. + */ +#define otatestpalUSE_FILE_SYSTEM 0 + +/** + * @brief 1 if prvPAL_CheckFileSignature() is implemented in aws_ota_pal.c. + */ +#define otatestpalCHECK_FILE_SIGNATURE_SUPPORTED 1 + +/** + * @brief 1 if prvPAL_ReadAndAssumeCertificate() is implemented in aws_ota_pal.c. + */ +#define otatestpalREAD_AND_ASSUME_CERTIFICATE_SUPPORTED 1 + +/** + * @brief 1 if using PKCS #11 to access the code sign certificate from NVM. + */ +#define otatestpalREAD_CERTIFICATE_FROM_NVM_WITH_PKCS11 1 + +/** + * @brief Include of signature testing data applicable to this device. + */ +#include "aws_test_ota_pal_ecdsa_sha256_signature.h" + + + +/** + * @brief Define a valid and invalid signature verification method for this + * platform (Microchip). These are used for generating test JSON docs. + */ +#define otatestVALID_SIG_METHOD "sig-sha256-ecdsa" +#define otatestINVALID_SIG_METHOD "sig-sha256-rsa" + +#endif /* ifndef _AWS_TEST_OTA_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_runner_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_runner_config.h new file mode 100644 index 00000000000..874258e0639 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_runner_config.h @@ -0,0 +1,68 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#ifndef AWS_TEST_RUNNER_CONFIG_H +#define AWS_TEST_RUNNER_CONFIG_H + +/* Uncomment this line if you want to run DQP_FR tests only. */ +/* #define testrunnerAFQP_ENABLED */ + +#define testrunnerUNSUPPORTED 0 + +/* Unsupported tests */ +#define testrunnerFULL_OTA_CBOR_ENABLED testrunnerUNSUPPORTED +#define testrunnerFULL_POSIX_ENABLED testrunnerUNSUPPORTED + +/* Enable tests by setting defines to 1 */ +#define testrunnerFULL_OTA_AGENT_ENABLED 0 +#define testrunnerFULL_OTA_PAL_ENABLED 0 +#define testrunnerFULL_MQTT_ALPN_ENABLED 0 +#define testrunnerFULL_PKCS11_ENABLED 0 +#define testrunnerFULL_DEFENDER_ENABLED 0 +#define testrunnerFULL_CRYPTO_ENABLED 0 +#define testrunnerFULL_MQTT_STRESS_TEST_ENABLED 0 +#define testrunnerFULL_MQTT_AGENT_ENABLED 0 +#define testrunnerFULL_TCP_ENABLED 1 +#define testrunnerFULL_GGD_ENABLED 0 +#define testrunnerFULL_GGD_HELPER_ENABLED 0 +#define testrunnerFULL_SHADOW_ENABLED 0 +#define testrunnerFULL_SHADOWv4_ENABLED 0 +#define testrunnerFULL_MQTTv4_ENABLED 0 +#define testrunnerFULL_WIFI_ENABLED 0 +#define testrunnerFULL_MEMORYLEAK_ENABLED 0 +#define testrunnerFULL_TLS_ENABLED 0 +#define testrunnerFULL_BLE_END_TO_END_TEST_ENABLED 0 +#define testrunnerFULL_BLE_ENABLED 0 +#define testrunnerFULL_BLE_STRESS_TEST_ENABLED 0 +#define testrunnerFULL_BLE_KPI_TEST_ENABLED 0 +#define testrunnerFULL_BLE_INTEGRATION_TEST_ENABLED 0 +#define testrunnerFULL_WIFI_PROVISIONING_ENABLED 0 +#define testrunnerUTIL_PLATFORM_CLOCK_ENABLED 0 +#define testrunnerFULL_LINEAR_CONTAINERS_ENABLED 0 +#define testrunnerUTIL_PLATFORM_THREADS_ENABLED 0 +#define testrunnerFULL_SERIALIZER_ENABLED 0 +#define testrunnerFULL_HTTPS_CLIENT_ENABLED 0 + +#endif /* AWS_TEST_RUNNER_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_tcp_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_tcp_config.h new file mode 100644 index 00000000000..4d1985402b9 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_tcp_config.h @@ -0,0 +1,80 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +#ifndef AWS_INTEGRATION_TEST_TCP_CONFIG_H +#define AWS_INTEGRATION_TEST_TCP_CONFIG_H + +/** + * @file aws_integration_test_tcp_portable.h + * @brief Port-specific variables for TCP tests. */ + +/** + * @brief Indicates how much longer than the specified timeout is acceptable for + * RCVTIMEO tests. + * + * This value can be used to compensate for clock differences, and other + * code overhead. + */ +#define integrationtestportableTIMEOUT_OVER_TOLERANCE 20 + +/** + * @brief Indicates how much less time than the specified timeout is acceptable for + * RCVTIMEO tests. + * + * This value must be 0 unless networking is performs on a separate processor. + * If networking and tests are on different CPUs, an "under tolerance" is acceptable. + * For tests where same clock is used for networking and tests. + */ +#define integrationtestportableTIMEOUT_UNDER_TOLERANCE 0 + +/** + * @brief Indicates how long receive needs to wait for data before Timeout happens. + * + */ +#define integrationtestportableRECEIVE_TIMEOUT 10000 + +/** + * @brief Indicates how long send needs to wait before Timeout happens. + * + */ +#define integrationtestportableSEND_TIMEOUT 10000 + +/** + * @brief The timeout for all TCP echo multi-task tests. + */ +#define tcptestECHO_TEST_SYNC_TIMEOUT 80000 + +/** + * @brief The stack size of the tasks created in all TCP echo multi-task tests. + */ +#define tcptestTCP_ECHO_TASKS_STACK_SIZE ( configMINIMAL_STACK_SIZE * 8 ) + +/** + * @brief The priority of the tasks created in all TCP echo multi-task tests. + */ +#define tcptestTCP_ECHO_TASKS_PRIORITY ( tskIDLE_PRIORITY + 5 ) + + +#endif /*AWS_INTEGRATION_TEST_TCP_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_wifi_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_wifi_config.h new file mode 100644 index 00000000000..84e6769dbb6 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_test_wifi_config.h @@ -0,0 +1,53 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_test_wifi_config.h + * @brief Port-specific variables for Wi-Fi tests. + */ +#ifndef _AWS_TEST_WIFI_CONFIG_H_ +#define _AWS_TEST_WIFI_CONFIG_H_ + +/** + * @brief The task stack size used in all Wi-Fi multi-task tests. + */ +#define testwifiTASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 4 ) + +/** + * @brief The task priority used in all Wi-Fi mulit-task tests. + */ +#define testwifiTASK_PRIORITY ( tskIDLE_PRIORITY ) + +/** + * @brief The timeout for all tasks to finish in the Wi-Fi multi-task tests. + */ +#define testwifiMULTITASK_TEST_TIMEOUT pdMS_TO_TICKS( 240000 ) + +/** + * @brief The timeout to wait for tasks to synchronize with the other in the Wi-Fi mult-task tests. + */ +#define testwifiTASK_SYNC_TIMEOUT pdMS_TO_TICKS( 60000 ) + +#endif /* _AWS_TEST_WIFI_CONFIG_H_ */ \ No newline at end of file diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_wifi_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_wifi_config.h new file mode 100644 index 00000000000..b994cb0037d --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/aws_wifi_config.h @@ -0,0 +1,97 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_wifi_config.h + * @brief WiFi module configuration parameters. + */ + +#ifndef _AWS_WIFI_CONFIG_H_ +#define _AWS_WIFI_CONFIG_H_ + +/** + * @brief Maximum number of sockets that can be created simultaneously. + */ +#define wificonfigMAX_SOCKETS ( 4 ) + +/** + * @brief Maximum number of connection retries. + */ +#define wificonfigNUM_CONNECTION_RETRY ( 3 ) + +/** + * @brief Maximum number of connected station in Access Point mode. + */ +#define wificonfigMAX_CONNECTED_STATIONS ( 4 ) + +/** + * @brief Max SSID length + */ +#define wificonfigMAX_SSID_LEN ( 32 ) + +/** + * @brief Max BSSID length + */ +#define wificonfigMAX_BSSID_LEN ( 6 ) + +/** + * @brief Max passphrase length + * Maximum allowed WPA2 passphrase length (per specification) is 63 + */ +#define wificonfigMAX_PASSPHRASE_LEN ( 63 ) + +/** + * @brief Soft Access point SSID + */ +#define wificonfigACCESS_POINT_SSID_PREFIX ( "ConfigureMe" ) + +/** + * @brief Soft Access point Passkey + */ +#define wificonfigACCESS_POINT_PASSKEY ( "awsiotdevice" ) + +/** + * @brief Soft Access point Channel + */ +#define wificonfigACCESS_POINT_CHANNEL ( 11 ) + +/** + * @brief Maximum number of network profiles stored. + */ +#define wificonfigMAX_NETWORK_PROFILES ( 8 ) + +/** + * @brief WiFi semaphore timeout + */ +#define wificonfigMAX_SEMAPHORE_WAIT_TIME_MS ( 60000 ) + +/** + * @brief Soft Access point security + * WPA2 Security, see WIFISecurity_t + * other values are - eWiFiSecurityOpen, eWiFiSecurityWEP, eWiFiSecurityWPA + */ +#define wificonfigACCESS_POINT_SECURITY ( eWiFiSecurityWPA2 ) + +#endif /* _AWS_WIFI_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_pkcs11_config.h new file mode 100644 index 00000000000..b7d91742e35 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_pkcs11_config.h @@ -0,0 +1,171 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + + +/** + * @file aws_pkcs11_config.h + * @brief PCKS#11 config options. + */ + + +#ifndef _AWS_PKCS11_CONFIG_H_ +#define _AWS_PKCS11_CONFIG_H_ + +/**************************************************/ +/******* DO NOT CHANGE the following order ********/ +/**************************************************/ + +/* Include logging header files and define logging macros in the following order: + * 1. Include the header file "logging_levels.h". + * 2. Define the LIBRARY_LOG_NAME and LIBRARY_LOG_LEVEL macros depending on + * the logging configuration for PKCS #11. + * 3. Include the header file "logging_stack.h", if logging is enabled for PKCS #11. + */ +#include "logging_levels.h" + +/* Logging configuration for the PKCS #11 library. */ +#ifndef LIBRARY_LOG_NAME + #define LIBRARY_LOG_NAME "PKCS11" +#endif + +#ifndef LIBRARY_LOG_LEVEL + #define LIBRARY_LOG_LEVEL LOG_ERROR +#endif + +#include "logging_stack.h" + +/** + * @brief ESP32 NVS Partition where PKCS #11 data is stored + */ +#define pkcs11configSTORAGE_PARTITION "storage" + +/** + * @brief ESP32 NVS namespace for PKCS #11 data + */ +#define pkcs11configSTORAGE_NS "creds" + +/** + * @brief PKCS #11 default user PIN. + * + * The PKCS #11 standard specifies the presence of a user PIN. That feature is + * sensible for applications that have an interactive user interface and memory + * protections. However, since typical microcontroller applications lack one or + * both of those, the user PIN is assumed to be used herein for interoperability + * purposes only, and not as a security feature. + * + * Note: Do not cast this to a pointer! The library calls sizeof to get the length + * of this string. + */ +#define configPKCS11_DEFAULT_USER_PIN "0000" + +/** + * @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL + * attribute. + */ +#define pkcs11configMAX_LABEL_LENGTH 32 + +/** + * @brief Maximum number of token objects that can be stored + * by the PKCS #11 module. + */ +#define pkcs11configMAX_NUM_OBJECTS 6 + +/** + * @brief Maximum number of sessions that can be stored + * by the PKCS #11 module. + */ +#define pkcs11configMAX_SESSIONS 10 + +/** + * @brief Set to 1 if a PAL destroy object is implemented. + * + * If set to 0, no PAL destroy object is implemented, and this functionality + * is implemented in the common PKCS #11 layer. + */ +#define pkcs11configPAL_DESTROY_SUPPORTED 0 + +/** + * @brief Set to 1 if OTA image verification via PKCS #11 module is supported. + * + * If set to 0, OTA code signing certificate is built in via + * aws_ota_codesigner_certificate.h. + */ +#define pkcs11configOTA_SUPPORTED 1 + +/** + * @brief Set to 1 if PAL supports storage for JITP certificate, + * code verify certificate, and trusted server root certificate. + * + * If set to 0, PAL does not support storage mechanism for these, and + * they are accessed via headers compiled into the code. + */ +#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 + +/** + * @brief The PKCS #11 label for device private key. + * + * Private key for connection to AWS IoT endpoint. The corresponding + * public key should be registered with the AWS IoT endpoint. + */ +#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS ( "Device Priv TLS Key" ) + +/** + * @brief The PKCS #11 label for device public key. + * + * The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS ( "Device Pub TLS Key" ) + +/** + * @brief The PKCS #11 label for the device certificate. + * + * Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS ( "Device Cert" ) + +/** + * @brief The PKCS #11 label for the object to be used for code verification. + * + * Used by over-the-air update code to verify an incoming signed image. + */ +#define pkcs11configLABEL_CODE_VERIFICATION_KEY ( "Code Verify Key" ) + +/** + * @brief The PKCS #11 label for Just-In-Time-Provisioning. + * + * The certificate corresponding to the issuer of the device certificate + * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or + * JITP flow. + */ +#define pkcs11configLABEL_JITP_CERTIFICATE ( "JITP Cert" ) + +/** + * @brief The PKCS #11 label for the AWS Trusted Root Certificate. + * + * @see aws_default_root_certificates.h + */ +#define pkcs11configLABEL_ROOT_CERTIFICATE ( "Root Cert" ) + +#endif /* _AWS_PKCS11_CONFIG_H_ include guard. */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_test_pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_test_pkcs11_config.h new file mode 100644 index 00000000000..0543fd9aa1b --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/default_pkcs11_config/iot_test_pkcs11_config.h @@ -0,0 +1,146 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file iot_test_pkcs11_config.h + * @brief Port-specific variables for PKCS11 tests. */ + +#ifndef _AWS_TEST_PKCS11_CONFIG_H_ +#define _AWS_TEST_PKCS11_CONFIG_H_ + +/** + * @brief Number of simultaneous tasks for multithreaded tests. + * + * Each task consumes both stack and heap space, which may cause memory allocation + * failures if too many tasks are created. + */ +#define pkcs11testMULTI_THREAD_TASK_COUNT ( 2 ) + +/** + * @brief The number of iterations of the test that will run in multithread tests. + * + * A single iteration of Signing and Verifying may take up to a minute on some + * boards. Ensure that pkcs11testEVENT_GROUP_TIMEOUT is long enough to accommodate + * all iterations of the loop. + */ +#define pkcs11testMULTI_THREAD_LOOP_COUNT ( 10 ) + +/** + * @brief + * + * All tasks of the SignVerifyRoundTrip_MultitaskLoop test must finish within + * this timeout, or the test will fail. + */ +#define pkcs11testEVENT_GROUP_TIMEOUT_MS ( pdMS_TO_TICKS( 1000000UL ) ) + +/** + * @brief The index of the slot that should be used to open sessions for PKCS #11 tests. + */ +#define pkcs11testSLOT_NUMBER ( 0 ) + +/* + * @brief Set to 1 if RSA private keys are supported by the platform. 0 if not. + */ +#define pkcs11testRSA_KEY_SUPPORT ( 1 ) + +/* + * @brief Set to 1 if elliptic curve private keys are supported by the platform. 0 if not. + */ +#define pkcs11testEC_KEY_SUPPORT ( 1 ) + +/* + * @brief Set to 1 if importing device private key via C_CreateObject is supported. 0 if not. + */ +#define pkcs11testIMPORT_PRIVATE_KEY_SUPPORT ( pkcs11configIMPORT_PRIVATE_KEYS_SUPPORTED ) + +/* + * @brief Set to 1 if generating a device private-public key pair via C_GenerateKeyPair. 0 if not. + */ +#define pkcs11testGENERATE_KEYPAIR_SUPPORT ( 1 ) + +/** + * @brief The PKCS #11 label for device private key for test. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_DEVICE_PRIVATE_KEY_FOR_TLS pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS + +/** + * @brief The PKCS #11 label for device public key. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_DEVICE_PUBLIC_KEY_FOR_TLS pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS + +/** + * @brief The PKCS #11 label for the device certificate. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_DEVICE_CERTIFICATE_FOR_TLS pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS + +/** + * @brief The PKCS #11 label for the object to be used for code verification. + * + * Used by over-the-air update code to verify an incoming signed image. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_CODE_VERIFICATION_KEY pkcs11configLABEL_CODE_VERIFICATION_KEY + +/** + * @brief The PKCS #11 label for Just-In-Time-Provisioning. + * + * The certificate corresponding to the issuer of the device certificate + * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or + * JITP flow. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_JITP_CERTIFICATE pkcs11configLABEL_JITP_CERTIFICATE + +/** + * @brief The PKCS #11 label for the AWS Trusted Root Certificate. + * + * @see aws_default_root_certificates.h + */ +#define pkcs11testLABEL_ROOT_CERTIFICATE pkcs11configLABEL_ROOT_CERTIFICATE + +/** + * @brief The size of the stack used for multithread tests. + */ +#define pkcs11testMULTI_TASK_STACK_SIZE 4096 + +#endif /* _AWS_TEST_PKCS11_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_cert_chain.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_cert_chain.h new file mode 100644 index 00000000000..7f88a456c0b --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_cert_chain.h @@ -0,0 +1,18 @@ +#ifndef CERT_DEF_2_DEVICE_H +#define CERT_DEF_2_DEVICE_H + +#include "atcacert/atcacert_def.h" + +#ifdef __cplusplus +extern "C" { +#endif + +extern const atcacert_def_t g_cert_def_1_signer; +extern const atcacert_def_t g_cert_def_2_device; +extern const atcacert_def_t g_cert_def_3_test; + +#ifdef __cplusplus +} +#endif + +#endif // CERT_DEF_2_DEVICE_H diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_config.h new file mode 100644 index 00000000000..ad134af1bd3 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/atca_config.h @@ -0,0 +1,44 @@ +/** + * \file + * \brief Cryptoauthlib Configuration Defines + * + * \copyright (c) 2015-2018 Microchip Technology Inc. and its subsidiaries. + * + * \page License + * + * Subject to your compliance with these terms, you may use Microchip software + * and any derivatives exclusively with Microchip products. It is your + * responsibility to comply with third party license terms applicable to your + * use of third party software (including open source software) that may + * accompany Microchip software. + * + * THIS SOFTWARE IS SUPPLIED BY MICROCHIP "AS IS". NO WARRANTIES, WHETHER + * EXPRESS, IMPLIED OR STATUTORY, APPLY TO THIS SOFTWARE, INCLUDING ANY IMPLIED + * WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A + * PARTICULAR PURPOSE. IN NO EVENT WILL MICROCHIP BE LIABLE FOR ANY INDIRECT, + * SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL LOSS, DAMAGE, COST OR EXPENSE + * OF ANY KIND WHATSOEVER RELATED TO THE SOFTWARE, HOWEVER CAUSED, EVEN IF + * MICROCHIP HAS BEEN ADVISED OF THE POSSIBILITY OR THE DAMAGES ARE + * FORESEEABLE. TO THE FULLEST EXTENT ALLOWED BY LAW, MICROCHIP'S TOTAL + * LIABILITY ON ALL CLAIMS IN ANY WAY RELATED TO THIS SOFTWARE WILL NOT EXCEED + * THE AMOUNT OF FEES, IF ANY, THAT YOU HAVE PAID DIRECTLY TO MICROCHIP FOR + * THIS SOFTWARE. + */ + +#ifndef _ATCA_CONFIG_H +#define _ATCA_CONFIG_H + +/** Use HID */ +#define ATCA_HAL_I2C + +/** Use the following address for ECC devices */ +#define ATCA_I2C_ECC_ADDRESS 0x6C + +/** Define if cryptoauthlib is to use the maximum execution time method */ +#define ATCA_NO_POLL + +/** Use RTOS timers (i.e. delays that yield) */ +#define ATCA_USE_RTOS_TIMER + + +#endif diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h new file mode 100644 index 00000000000..8292f3c6395 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_pkcs11_config.h @@ -0,0 +1,136 @@ +/* + * Amazon FreeRTOS V1.1.4 + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file aws_pkcs11_config.h + * @brief PCKS#11 config options. + */ + + +#ifndef _AWS_PKCS11_CONFIG_H_ +#define _AWS_PKCS11_CONFIG_H_ + +/** + * @brief PKCS #11 default user PIN. + * + * The PKCS #11 standard specifies the presence of a user PIN. That feature is + * sensible for applications that have an interactive user interface and memory + * protections. However, since typical microcontroller applications lack one or + * both of those, the user PIN is assumed to be used herein for interoperability + * purposes only, and not as a security feature. + * + * Note: Do not cast this to a pointer! The library calls sizeof to get the length + * of this string. + */ +#define configPKCS11_DEFAULT_USER_PIN "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF" + +/** + * @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL + * attribute. + */ +#define pkcs11configMAX_LABEL_LENGTH 32 + +/** + * @brief Maximum number of token objects that can be stored + * by the PKCS #11 module. + */ +#define pkcs11configMAX_NUM_OBJECTS 6 + +/** + * @brief Set to 1 if a PAL destroy object is implemented. + * + * If set to 0, no PAL destroy object is implemented, and this functionality + * is implemented in the common PKCS #11 layer. + */ +#define pkcs11configPAL_DESTROY_SUPPORTED 0 + +/* + * @brief Set to 1 if importing device private key via C_CreateObject is supported. 0 if not. + */ +#define pkcs11configIMPORT_PRIVATE_KEYS_SUPPORTED 0 + +/** + * @brief Set to 1 if OTA image verification via PKCS #11 module is supported. + * + * If set to 0, OTA code signing certificate is built in via + * aws_ota_codesigner_certificate.h. + */ +#define pkcs11configOTA_SUPPORTED 0 + +/** + * @brief Set to 1 if PAL supports storage for JITP certificate, + * code verify certificate, and trusted server root certificate. + * + * If set to 0, PAL does not support storage mechanism for these, and + * they are accessed via headers compiled into the code. + */ +#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 + +/** + * @brief The PKCS #11 label for device private key. + * + * Private key for connection to AWS IoT endpoint. The corresponding + * public key should be registered with the AWS IoT endpoint. + */ +#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Device Priv TLS Key" + +/** + * @brief The PKCS #11 label for device public key. + * + * The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Device Pub TLS Key" + +/** + * @brief The PKCS #11 label for the device certificate. + * + * Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. + */ +#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS "Device Cert" + +/** + * @brief The PKCS #11 label for the object to be used for code verification. + * + * Used by over-the-air update code to verify an incoming signed image. + */ +#define pkcs11configLABEL_CODE_VERIFICATION_KEY "Code Verify Key" + +/** + * @brief The PKCS #11 label for Just-In-Time-Provisioning. + * + * The certificate corresponding to the issuer of the device certificate + * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or + * JITP flow. + */ +#define pkcs11configLABEL_JITP_CERTIFICATE "JITP Cert" + +/** + * @brief The PKCS #11 label for the AWS Trusted Root Certificate. + * + * @see aws_default_root_certificates.h + */ +#define pkcs11configLABEL_ROOT_CERTIFICATE "Root Cert" + +#endif /* _AWS_PKCS11_CONFIG_H_ include guard. */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_test_pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_test_pkcs11_config.h new file mode 100644 index 00000000000..4448ccaf036 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/iot_test_pkcs11_config.h @@ -0,0 +1,147 @@ +/* + * Amazon FreeRTOS V1.1.4 + * Copyright (C) 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file iot_test_pkcs11_config.h + * @brief Port-specific variables for PKCS11 tests. + */ + +#ifndef _AWS_TEST_PKCS11_CONFIG_H_ +#define _AWS_TEST_PKCS11_CONFIG_H_ + +/** + * @brief Number of simultaneous tasks for multithreaded tests. + * + * Each task consumes both stack and heap space, which may cause memory allocation + * failures if too many tasks are created. + */ +#define pkcs11testMULTI_THREAD_TASK_COUNT ( 2 ) + +/** + * @brief The number of iterations of the test that will run in multithread tests. + * + * A single iteration of Signing and Verifying may take up to a minute on some + * boards. Ensure that pkcs11testEVENT_GROUP_TIMEOUT is long enough to accommodate + * all iterations of the loop. + */ +#define pkcs11testMULTI_THREAD_LOOP_COUNT ( 10 ) + +/** + * @brief + * + * All tasks of the SignVerifyRoundTrip_MultitaskLoop test must finish within + * this timeout, or the test will fail. + */ +#define pkcs11testEVENT_GROUP_TIMEOUT_MS ( pdMS_TO_TICKS( 1000000UL ) ) + +/** + * @brief The index of the slot that should be used to open sessions for PKCS #11 tests. + */ +#define pkcs11testSLOT_NUMBER ( 0 ) + +/* + * @brief Set to 1 if RSA private keys are supported by the platform. 0 if not. + */ +#define pkcs11testRSA_KEY_SUPPORT ( 0 ) + +/* + * @brief Set to 1 if elliptic curve private keys are supported by the platform. 0 if not. + */ +#define pkcs11testEC_KEY_SUPPORT ( 1 ) + +/* + * @brief Set to 1 if importing device private key via C_CreateObject is supported. 0 if not. + */ +#define pkcs11testIMPORT_PRIVATE_KEY_SUPPORT ( 0 ) + +/* + * @brief Set to 1 if generating a device private-public key pair via C_GenerateKeyPair. 0 if not. + */ +#define pkcs11testGENERATE_KEYPAIR_SUPPORT ( 1 ) + +/** + * @brief The PKCS #11 label for device private key for test. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Test Priv Key" + +/** + * @brief The PKCS #11 label for device public key. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Test Pub TLS Key" + +/** + * @brief The PKCS #11 label for the device certificate. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_DEVICE_CERTIFICATE_FOR_TLS "Test Cert" + +/** + * @brief The PKCS #11 label for the object to be used for code verification. + * + * Used by over-the-air update code to verify an incoming signed image. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_CODE_VERIFICATION_KEY pkcs11configLABEL_CODE_VERIFICATION_KEY + +/** + * @brief The PKCS #11 label for Just-In-Time-Provisioning. + * + * The certificate corresponding to the issuer of the device certificate + * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or + * JITP flow. + * + * For devices with on-chip storage, this should match the non-test label. + * For devices with secure elements or hardware limitations, this may be defined + * to a different label to preserve AWS IoT credentials for other test suites. + */ +#define pkcs11testLABEL_JITP_CERTIFICATE pkcs11configLABEL_JITP_CERTIFICATE + +/** + * @brief The PKCS #11 label for the AWS Trusted Root Certificate. + * + * @see aws_default_root_certificates.h + */ +#define pkcs11testLABEL_ROOT_CERTIFICATE pkcs11configLABEL_ROOT_CERTIFICATE + +/** + * @brief The size of the stack used for multithread tests. + */ +#define pkcs11testMULTI_TASK_STACK_SIZE ( configMINIMAL_STACK_SIZE * 8 ) + +#endif /* _AWS_TEST_PKCS11_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/pkcs11_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/pkcs11_config.h new file mode 100644 index 00000000000..1f7d96d594a --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/ecc608a_pkcs11_config/pkcs11_config.h @@ -0,0 +1,160 @@ + +/** + * \file + * \brief PKCS11 Library Configuration + * + * Copyright (c) 2017 Microchip Technology Inc. All rights reserved. + * + * \atmel_crypto_device_library_license_start + * + * \page License + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. The name of Atmel may not be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * 4. This software may only be redistributed and used in connection with an + * Atmel integrated circuit. + * + * THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE + * EXPRESSLY AND SPECIFICALLY DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * \atmel_crypto_device_library_license_stop + */ + +#ifndef PKCS11_CONFIG_H_ +#define PKCS11_CONFIG_H_ + + +/* Cryptoauthlib at the time of this module development is not versioned */ +#ifndef ATCA_LIB_VER_MAJOR +#define ATCA_LIB_VER_MAJOR 3 +#endif + +#ifndef ATCA_LIB_VER_MINOR +#define ATCA_LIB_VER_MINOR 2 +#endif + +/** If an Auth-key or IoProtection Secret is to be used this is the + * slot number of it */ +#ifndef PKCS11_PIN_SLOT +#define PKCS11_PIN_SLOT 6 +#endif + +/** Define to lock the PIN slot after writing */ +#ifndef PKCS11_LOCK_PIN_SLOT +#define PKCS11_LOCK_PIN_SLOT 0 +#endif + +/** Enable PKCS#11 Debugging Messages */ +#ifndef PKCS11_DEBUG_ENABLE +#define PKCS11_DEBUG_ENABLE 0 +#endif + +/** Use Static or Dynamic Allocation */ +#ifndef PKCS11_USE_STATIC_MEMORY +#define PKCS11_USE_STATIC_MEMORY 1 +#endif + +/** Use a compiled configuration rather than loading from a filestore */ +#ifndef PKCS11_USE_STATIC_CONFIG +#define PKCS11_USE_STATIC_CONFIG 1 +#endif + +/** Maximum number of slots allowed in the system - if static memory this will + always be the number of slots */ +#ifndef PKCS11_MAX_SLOTS_ALLOWED +#define PKCS11_MAX_SLOTS_ALLOWED 1 +#endif + +/** Maximum number of total sessions allowed in the system - if using static + memory then this many session contexts will be allocated */ +#ifndef PKCS11_MAX_SESSIONS_ALLOWED +#define PKCS11_MAX_SESSIONS_ALLOWED 10 +#endif + +/** Maximum number of cryptographic objects allowed to be cached */ +#ifndef PKCS11_MAX_OBJECTS_ALLOWED +#define PKCS11_MAX_OBJECTS_ALLOWED 16 +#endif + +/** Maximum label size in characters */ +#ifndef PKCS11_MAX_LABEL_SIZE +#define PKCS11_MAX_LABEL_SIZE 30 +#endif + +/****************************************************************************/ +/* The following configuration options are for fine tuning of the library */ +/****************************************************************************/ + +/** Defines if the library will produce a static function list or use an + externally defined one. This is an optimization that allows for a statically + linked library to include only the PKCS#11 functions that the application + intends to use. Otherwise compilers will not be able to optimize out the unusued + functions */ +#ifndef PKCS11_EXTERNAL_FUNCTION_LIST +#define PKCS11_EXTERNAL_FUNCTION_LIST 1 +#endif + +/** Static Search Attribute Cache in bytes (variable number of attributes based + on size and memory requirements) */ +#ifndef PKCS11_SEARCH_CACHE_SIZE +#define PKCS11_SEARCH_CACHE_SIZE 128 +#endif + +/** Device Support for ATECC508A */ +#ifndef PKCS11_508_SUPPORT +#define PKCS11_508_SUPPORT 0 +#endif + +/** Device Support for ATECC608A */ +#ifndef PKCS11_608_SUPPORT +#define PKCS11_608_SUPPORT 1 +#endif + +/** Support for configuring a "blank" or new device */ +#ifndef PKCS11_TOKEN_INIT_SUPPORT +#define PKCS11_TOKEN_INIT_SUPPORT 1 +#endif + +/** Include the monotonic hardware feature as an object */ +#ifndef PKCS11_MONOTONIC_ENABLE +#define PKCS11_MONOTONIC_ENABLE 0 +#endif + + +#include "pkcs11/cryptoki.h" +#include +typedef struct _pkcs11_slot_ctx *pkcs11_slot_ctx_ptr; +typedef struct _pkcs11_lib_ctx *pkcs11_lib_ctx_ptr; +typedef struct _pkcs11_object *pkcs11_object_ptr; + +CK_RV pkcs11_config_load_objects(pkcs11_slot_ctx_ptr pSlot); +CK_RV pkcs11_config_load(pkcs11_slot_ctx_ptr slot_ctx); +CK_RV pkcs11_config_cert(pkcs11_lib_ctx_ptr pLibCtx, pkcs11_slot_ctx_ptr pSlot, pkcs11_object_ptr pObject, CK_ATTRIBUTE_PTR pcLabel); +CK_RV pkcs11_config_key(pkcs11_lib_ctx_ptr pLibCtx, pkcs11_slot_ctx_ptr pSlot, pkcs11_object_ptr pObject, CK_ATTRIBUTE_PTR pcLabel); +CK_RV pkcs11_config_remove_object(pkcs11_lib_ctx_ptr pLibCtx, pkcs11_slot_ctx_ptr pSlot, pkcs11_object_ptr pObject); + +void pkcs11_config_init_private(pkcs11_object_ptr pObject, char * label, size_t len); +void pkcs11_config_init_public(pkcs11_object_ptr pObject, char * label, size_t len); +void pkcs11_config_init_cert(pkcs11_object_ptr pObject, char * label, size_t len); + +#endif /* PKCS11_CONFIG_H_ */ \ No newline at end of file diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_ble_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_ble_config.h new file mode 100644 index 00000000000..aec875f19bd --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_ble_config.h @@ -0,0 +1,52 @@ +/* + * FreeRTOS V1.4.2 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file iot_ble_config.h + * @brief BLE configuration overrides for ESP32 board. + */ + + +#ifndef _IOT_BLE_CONFIG_H_ +#define _IOT_BLE_CONFIG_H_ + +/* Device name for this peripheral device. */ +#define IOT_BLE_DEVICE_COMPLETE_LOCAL_NAME "TEST_ESP32_S2" + +/* Enable WIFI provisioning GATT service. */ +#define IOT_BLE_ENABLE_WIFI_PROVISIONING ( 0 ) +#define IOT_BLE_ENABLE_GATT_DEMO ( 0 ) + +/* Disable numeric comparison */ +#define IOT_BLE_ENABLE_NUMERIC_COMPARISON ( 0 ) +#define IOT_BLE_ENABLE_SECURE_CONNECTION ( 0 ) +#define IOT_BLE_INPUT_OUTPUT ( eBTIONone ) + +#define IOT_BLE_ENCRYPTION_REQUIRED ( 0 ) + +/* Include BLE default config at bottom to set the default values for the configurations which are not overridden */ +#include "iot_ble_config_defaults.h" + +#endif /* _IOT_BLE_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_config.h new file mode 100644 index 00000000000..4e93bf827c0 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_config.h @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +/* This file contains configuration settings for the demos. */ + +#ifndef IOT_CONFIG_H_ +#define IOT_CONFIG_H_ + +/* Standard include. */ +#include + +/* Platform thread stack size and priority. */ +#define IOT_THREAD_DEFAULT_STACK_SIZE 5000 +#define IOT_THREAD_DEFAULT_PRIORITY 5 + +/* Network type configuration for this board. */ +#define DEFAULT_NETWORK AWSIOT_NETWORK_TYPE_WIFI +#define BLE_SUPPORTED ( 0 ) +#define WIFI_SUPPORTED ( 1 ) + +#define iotconfigUSE_PORT_SPECIFIC_HOOKS + +/* Include the common configuration file for FreeRTOS. */ +#include "iot_config_common.h" + +#endif /* ifndef IOT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_mqtt_agent_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_mqtt_agent_config.h new file mode 100644 index 00000000000..93a24fcd2f1 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/iot_mqtt_agent_config.h @@ -0,0 +1,113 @@ +/* + * FreeRTOS V1.1.4 + * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. If you wish to use our Amazon + * FreeRTOS name, please do so in a fair use way that does not cause confusion. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * http://aws.amazon.com/freertos + * http://www.FreeRTOS.org + */ + +/** + * @file iot_mqtt_agent_config.h + * @brief MQTT agent config options. + */ + +#ifndef _AWS_MQTT_AGENT_CONFIG_H_ +#define _AWS_MQTT_AGENT_CONFIG_H_ + +#include "FreeRTOS.h" + +/** + * @brief Controls whether or not to report usage metrics to the + * AWS IoT broker. + * + * If mqttconfigENABLE_METRICS is set to 1, a string containing + * metric information will be included in the "username" field of + * the MQTT connect messages. + */ +#define mqttconfigENABLE_METRICS ( 1 ) + +/** + * @brief The maximum time interval in seconds allowed to elapse between 2 consecutive + * control packets. + */ +#define mqttconfigKEEP_ALIVE_INTERVAL_SECONDS ( 1200 ) + +/** + * @brief Defines the frequency at which the client should send Keep Alive messages. + * + * Even though the maximum time allowed between 2 consecutive control packets + * is defined by the mqttconfigKEEP_ALIVE_INTERVAL_SECONDS macro, the user + * can and should send Keep Alive messages at a slightly faster rate to ensure + * that the connection is not closed by the server because of network delays. + * This macro defines the interval of inactivity after which a keep alive messages + * is sent. + */ +#define mqttconfigKEEP_ALIVE_ACTUAL_INTERVAL_TICKS ( pdMS_TO_TICKS(300000) ) + +/** + * @brief The maximum interval in ticks to wait for PINGRESP. + * + * If PINGRESP is not received within this much time after sending PINGREQ, + * the client assumes that the PINGREQ timed out. + */ +#define mqttconfigKEEP_ALIVE_TIMEOUT_TICKS ( 1000 ) + +/** + * @brief The maximum time in ticks for which the MQTT task is permitted to block. + * + * The MQTT task blocks until the user initiates any action or until it receives + * any data from the broker. This macro controls the maximum time the MQTT task can + * block. It should be set to a low number for the platforms which do not have any + * mechanism to wake up the MQTT task whenever data is received on a connected socket. + * This ensures that the MQTT task keeps waking up frequently and processes the + * publish messages received from the broker, if any. + */ +#define mqttconfigMQTT_TASK_MAX_BLOCK_TICKS ( 100 ) + +/** + * @defgroup MQTTTask MQTT task configuration parameters. + */ +/** @{ */ +#define mqttconfigMQTT_TASK_STACK_DEPTH ( configMINIMAL_STACK_SIZE * 8 ) +#define mqttconfigMQTT_TASK_PRIORITY ( tskIDLE_PRIORITY + 5 ) +/** @} */ + +/** + * @brief Maximum number of MQTT clients that can exist simultaneously. + */ +#define mqttconfigMAX_BROKERS ( 2 ) + +/** + * @brief Maximum number of parallel operations per client. + */ +#define mqttconfigMAX_PARALLEL_OPS ( 5 ) + +/** + * @brief Time in milliseconds after which the TCP send operation should timeout. + */ +#define mqttconfigTCP_SEND_TIMEOUT_MS ( 2000 ) + +/** + * @brief Length of the buffer used to receive data. + */ +#define mqttconfigRX_BUFFER_SIZE ( 1024 + 128 ) + +#endif /* _AWS_MQTT_AGENT_CONFIG_H_ */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/config_files/unity_config.h b/vendors/espressif/boards/esp32s2/aws_tests/config_files/unity_config.h new file mode 100644 index 00000000000..62b617e1f33 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/config_files/unity_config.h @@ -0,0 +1,242 @@ +/* Unity Configuration + * As of May 11th, 2016 at ThrowTheSwitch/Unity commit 837c529 + * Update: December 29th, 2016 + * See Also: Unity/docs/UnityConfigurationGuide.pdf + * + * Unity is designed to run on almost anything that is targeted by a C compiler. + * It would be awesome if this could be done with zero configuration. While + * there are some targets that come close to this dream, it is sadly not + * universal. It is likely that you are going to need at least a couple of the + * configuration options described in this document. + * + * All of Unity's configuration options are `#defines`. Most of these are simple + * definitions. A couple are macros with arguments. They live inside the + * unity_internals.h header file. We don't necessarily recommend opening that + * file unless you really need to. That file is proof that a cross-platform + * library is challenging to build. From a more positive perspective, it is also + * proof that a great deal of complexity can be centralized primarily to one + * place in order to provide a more consistent and simple experience elsewhere. + * + * Using These Options + * It doesn't matter if you're using a target-specific compiler and a simulator + * or a native compiler. In either case, you've got a couple choices for + * configuring these options: + * + * 1. Because these options are specified via C defines, you can pass most of + * these options to your compiler through command line compiler flags. Even + * if you're using an embedded target that forces you to use their + * overbearing IDE for all configuration, there will be a place somewhere in + * your project to configure defines for your compiler. + * 2. You can create a custom `unity_config.h` configuration file (present in + * your toolchain's search paths). In this file, you will list definitions + * and macros specific to your target. All you must do is define + * `UNITY_INCLUDE_CONFIG_H` and Unity will rely on `unity_config.h` for any + * further definitions it may need. + */ + +#ifndef UNITY_CONFIG_H +#define UNITY_CONFIG_H + +/* ************************* AUTOMATIC INTEGER TYPES *************************** + * C's concept of an integer varies from target to target. The C Standard has + * rules about the `int` matching the register size of the target + * microprocessor. It has rules about the `int` and how its size relates to + * other integer types. An `int` on one target might be 16 bits while on another + * target it might be 64. There are more specific types in compilers compliant + * with C99 or later, but that's certainly not every compiler you are likely to + * encounter. Therefore, Unity has a number of features for helping to adjust + * itself to match your required integer sizes. It starts off by trying to do it + * automatically. + **************************************************************************** */ + +/* The first attempt to guess your types is to check `limits.h`. Some compilers + * that don't support `stdint.h` could include `limits.h`. If you don't + * want Unity to check this file, define this to make it skip the inclusion. + * Unity looks at UINT_MAX & ULONG_MAX, which were available since C89. + */ +/* #define UNITY_EXCLUDE_LIMITS_H */ + +/* The second thing that Unity does to guess your types is check `stdint.h`. + * This file defines `UINTPTR_MAX`, since C99, that Unity can make use of to + * learn about your system. It's possible you don't want it to do this or it's + * possible that your system doesn't support `stdint.h`. If that's the case, + * you're going to want to define this. That way, Unity will know to skip the + * inclusion of this file and you won't be left with a compiler error. + */ +/* #define UNITY_EXCLUDE_STDINT_H */ + +/* ********************** MANUAL INTEGER TYPE DEFINITION *********************** + * If you've disabled all of the automatic options above, you're going to have + * to do the configuration yourself. There are just a handful of defines that + * you are going to specify if you don't like the defaults. + **************************************************************************** */ + +/* Define this to be the number of bits an `int` takes up on your system. The + * default, if not auto-detected, is 32 bits. + * + * Example: + */ +/* #define UNITY_INT_WIDTH 16 */ + +/* Define this to be the number of bits a `long` takes up on your system. The + * default, if not autodetected, is 32 bits. This is used to figure out what + * kind of 64-bit support your system can handle. Does it need to specify a + * `long` or a `long long` to get a 64-bit value. On 16-bit systems, this option + * is going to be ignored. + * + * Example: + */ +/* #define UNITY_LONG_WIDTH 16 */ + +/* Define this to be the number of bits a pointer takes up on your system. The + * default, if not autodetected, is 32-bits. If you're getting ugly compiler + * warnings about casting from pointers, this is the one to look at. + * + * Example: + */ +/* #define UNITY_POINTER_WIDTH 64 */ + +/* Unity will automatically include 64-bit support if it auto-detects it, or if + * your `int`, `long`, or pointer widths are greater than 32-bits. Define this + * to enable 64-bit support if none of the other options already did it for you. + * There can be a significant size and speed impact to enabling 64-bit support + * on small targets, so don't define it if you don't need it. + */ +/* #define UNITY_INCLUDE_64 */ + + +/* *************************** FLOATING POINT TYPES **************************** + * In the embedded world, it's not uncommon for targets to have no support for + * floating point operations at all or to have support that is limited to only + * single precision. We are able to guess integer sizes on the fly because + * integers are always available in at least one size. Floating point, on the + * other hand, is sometimes not available at all. Trying to include `float.h` on + * these platforms would result in an error. This leaves manual configuration as + * the only option. + **************************************************************************** */ + +/* By default, Unity guesses that you will want single precision floating point + * support, but not double precision. It's easy to change either of these using + * the include and exclude options here. You may include neither, just float, + * or both, as suits your needs. + */ +/* #define UNITY_EXCLUDE_FLOAT */ +/* #define UNITY_INCLUDE_DOUBLE */ +/* #define UNITY_EXCLUDE_DOUBLE */ + +/* For features that are enabled, the following floating point options also + * become available. + */ + +/* Unity aims for as small of a footprint as possible and avoids most standard + * library calls (some embedded platforms don't have a standard library!). + * Because of this, its routines for printing integer values are minimalist and + * hand-coded. To keep Unity universal, though, we eventually chose to develop + * our own floating point print routines. Still, the display of floating point + * values during a failure are optional. By default, Unity will print the + * actual results of floating point assertion failures. So a failed assertion + * will produce a message like "Expected 4.0 Was 4.25". If you would like less + * verbose failure messages for floating point assertions, use this option to + * give a failure message `"Values Not Within Delta"` and trim the binary size. + */ +/* #define UNITY_EXCLUDE_FLOAT_PRINT */ + +/* If enabled, Unity assumes you want your `FLOAT` asserts to compare standard C + * floats. If your compiler supports a specialty floating point type, you can + * always override this behavior by using this definition. + * + * Example: + */ +/* #define UNITY_FLOAT_TYPE float16_t */ + +/* If enabled, Unity assumes you want your `DOUBLE` asserts to compare standard + * C doubles. If you would like to change this, you can specify something else + * by using this option. For example, defining `UNITY_DOUBLE_TYPE` to `long + * double` could enable gargantuan floating point types on your 64-bit processor + * instead of the standard `double`. + * + * Example: + */ +/* #define UNITY_DOUBLE_TYPE long double */ + +/* If you look up `UNITY_ASSERT_EQUAL_FLOAT` and `UNITY_ASSERT_EQUAL_DOUBLE` as + * documented in the Unity Assertion Guide, you will learn that they are not + * really asserting that two values are equal but rather that two values are + * "close enough" to equal. "Close enough" is controlled by these precision + * configuration options. If you are working with 32-bit floats and/or 64-bit + * doubles (the normal on most processors), you should have no need to change + * these options. They are both set to give you approximately 1 significant bit + * in either direction. The float precision is 0.00001 while the double is + * 10^-12. For further details on how this works, see the appendix of the Unity + * Assertion Guide. + * + * Example: + */ +/* #define UNITY_FLOAT_PRECISION 0.001f */ +/* #define UNITY_DOUBLE_PRECISION 0.001f */ + + +/* *************************** TOOLSET CUSTOMIZATION *************************** + * In addition to the options listed above, there are a number of other options + * which will come in handy to customize Unity's behavior for your specific + * toolchain. It is possible that you may not need to touch any of these but + * certain platforms, particularly those running in simulators, may need to jump + * through extra hoops to operate properly. These macros will help in those + * situations. + **************************************************************************** */ + +/* By default, Unity prints its results to `stdout` as it runs. This works + * perfectly fine in most situations where you are using a native compiler for + * testing. It works on some simulators as well so long as they have `stdout` + * routed back to the command line. There are times, however, where the + * simulator will lack support for dumping results or you will want to route + * results elsewhere for other reasons. In these cases, you should define the + * `UNITY_OUTPUT_CHAR` macro. This macro accepts a single character at a time + * (as an `int`, since this is the parameter type of the standard C `putchar` + * function most commonly used). You may replace this with whatever function + * call you like. + * + * Example: + * Say you are forced to run your test suite on an embedded processor with no + * `stdout` option. You decide to route your test result output to a custom + * serial `RS232_putc()` function you wrote like thus: + */ +/* #define UNITY_OUTPUT_CHAR(a) RS232_putc(a) */ +/* #define UNITY_OUTPUT_CHAR_HEADER_DECLARATION RS232_putc(int) */ +/* #define UNITY_OUTPUT_FLUSH() RS232_flush() */ +/* #define UNITY_OUTPUT_FLUSH_HEADER_DECLARATION RS232_flush(void) */ +/* #define UNITY_OUTPUT_START() RS232_config(115200,1,8,0) */ +/* #define UNITY_OUTPUT_COMPLETE() RS232_close() */ + +/* For some targets, Unity can make the otherwise required `setUp()` and + * `tearDown()` functions optional. This is a nice convenience for test writers + * since `setUp` and `tearDown` don't often actually _do_ anything. If you're + * using gcc or clang, this option is automatically defined for you. Other + * compilers can also support this behavior, if they support a C feature called + * weak functions. A weak function is a function that is compiled into your + * executable _unless_ a non-weak version of the same function is defined + * elsewhere. If a non-weak version is found, the weak version is ignored as if + * it never existed. If your compiler supports this feature, you can let Unity + * know by defining `UNITY_SUPPORT_WEAK` as the function attributes that would + * need to be applied to identify a function as weak. If your compiler lacks + * support for weak functions, you will always need to define `setUp` and + * `tearDown` functions (though they can be and often will be just empty). The + * most common options for this feature are: + */ +/* #define UNITY_SUPPORT_WEAK weak */ +/* #define UNITY_SUPPORT_WEAK __attribute__((weak)) */ +/* #define UNITY_NO_WEAK */ + +/* Some compilers require a custom attribute to be assigned to pointers, like + * `near` or `far`. In these cases, you can give Unity a safe default for these + * by defining this option with the attribute you would like. + * + * Example: + */ +/* #define UNITY_PTR_ATTRIBUTE __attribute__((far)) */ +/* #define UNITY_PTR_ATTRIBUTE near */ + +/* Default unity config. Define your own macros above this include to overwrite. */ +#include "aws_unity_config.h" + +#endif /* UNITY_CONFIG_H */ diff --git a/vendors/espressif/boards/esp32s2/aws_tests/partition-table.csv b/vendors/espressif/boards/esp32s2/aws_tests/partition-table.csv new file mode 100644 index 00000000000..081814ce410 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/partition-table.csv @@ -0,0 +1,8 @@ +# Name, Type, SubType, Offset, Size, Flags +# Note: if you change the phy_init or app partition offset, make sure to change the offset in Kconfig.projbuild +nvs, data, nvs, 0x10000, 0x6000 +otadata, data, ota, 0x16000, 0x2000 +phy_init, data, phy, 0x18000, 0x1000 +ota_0, 0, ota_0, 0x20000, 1500K +ota_1, 0, ota_1, , 1500K +storage, data, nvs, , 0x10000 diff --git a/vendors/espressif/boards/esp32s2/aws_tests/sdkconfig.defaults b/vendors/espressif/boards/esp32s2/aws_tests/sdkconfig.defaults new file mode 100644 index 00000000000..22f099cad80 --- /dev/null +++ b/vendors/espressif/boards/esp32s2/aws_tests/sdkconfig.defaults @@ -0,0 +1,31 @@ +CONFIG_ESP_INT_WDT= +CONFIG_ESP_TASK_WDT= +CONFIG_FREERTOS_SUPPORT_STATIC_ALLOCATION=y +CONFIG_FREERTOS_ENABLE_STATIC_TASK_CLEAN_UP=y +CONFIG_PARTITION_TABLE_CUSTOM=y +CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partition-table.csv" +CONFIG_PARTITION_TABLE_FILENAME="partition-table.csv" +CONFIG_ESP32_WIFI_STATIC_RX_BUFFER_NUM=16 +CONFIG_ESP32_WIFI_DYNAMIC_RX_BUFFER_NUM=64 +CONFIG_ESP32_WIFI_DYNAMIC_TX_BUFFER_NUM=64 +CONFIG_TIMER_TASK_STACK_DEPTH=3584 +CONFIG_FREERTOS_TIMER_TASK_PRIORITY=6 +CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y +CONFIG_PTHREAD_MUTEX_TIMEDLOCK= +CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y +CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=8192 +CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=4096 +CONFIG_MBEDTLS_CMAC_C=y +CONFIG_MBEDTLS_ECP_RESTARTABLE=y +CONFIG_FREERTOS_LEGACY_IDLE_HOOK= +CONFIG_FREERTOS_LEGACY_TICK_HOOK= +CONFIG_FREERTOS_USE_TRACE_FACILITY=y +CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y +CONFIG_ESPTOOLPY_BAUD_921600B=y +CONFIG_LWIP_MAX_ACTIVE_TCP=32 +CONFIG_MBEDTLS_THREADING_ALT=y +CONFIG_MBEDTLS_THREADING_C=y +CONFIG_MBEDTLS_ECDSA_DETERMINISTIC=n +CONFIG_MBEDTLS_SHA512_C=n +CONFIG_ESP_NETIF_TCPIP_ADAPTER_COMPATIBLE_LAYER=n +CONFIG_COMPILER_DISABLE_GCC8_WARNINGS=y diff --git a/vendors/espressif/boards/esp32s2/esp32s2_saola_1.cmake b/vendors/espressif/boards/esp32s2/esp32s2_saola_1.cmake new file mode 100644 index 00000000000..e4d8aa894ff --- /dev/null +++ b/vendors/espressif/boards/esp32s2/esp32s2_saola_1.cmake @@ -0,0 +1,20 @@ +# ------------------------------------------------------------------------------------------------- +# FreeRTOS Console metadata +# ------------------------------------------------------------------------------------------------- +afr_set_board_metadata(ID "ESP32S2-Saola-1") +afr_set_board_metadata(DISPLAY_NAME "ESP32S2-Saola-1") +afr_set_board_metadata(DESCRIPTION "Development board produced by Espressif that comes in two variants either with ESP32-S2-WROOM or ESP32-S2-WROVER module") +afr_set_board_metadata(VENDOR_NAME "Espressif") +afr_set_board_metadata(FAMILY_NAME "ESP32S2") +afr_set_board_metadata(IS_ACTIVE "TRUE") +afr_set_board_metadata(DATA_RAM_MEMORY "320KB") +afr_set_board_metadata(PROGRAM_MEMORY "4MB") +afr_set_board_metadata(CODE_SIGNER "null") +afr_set_board_metadata(SUPPORTED_IDE "CMakeBuildSystem") +afr_set_board_metadata(RECOMMENDED_IDE "CMakeBuildSystem") +afr_set_board_metadata(IDE_CMakeBuildSystem_NAME "CMakeBuildSystem") +afr_set_board_metadata(IDE_CMakeBuildSystem_COMPILER "GCC") +afr_set_board_metadata(KEY_IMPORT_PROVISIONING "TRUE") + +afr_set_board_metadata(IDE_CMakeBuildSystem_PROJECT_LOCATION "null") +afr_set_board_metadata(AWS_DEMOS_CONFIG_FILES_LOCATION "${CMAKE_CURRENT_LIST_DIR}/aws_demos/config_files") diff --git a/vendors/espressif/boards/esp32s2/run_idf_monitor.cmake b/vendors/espressif/boards/esp32s2/run_idf_monitor.cmake new file mode 100644 index 00000000000..fc2d003b8fe --- /dev/null +++ b/vendors/espressif/boards/esp32s2/run_idf_monitor.cmake @@ -0,0 +1,46 @@ +# or another cmake-based build runner +# +# (Needed to expand environment variables, for backwards compatibility.) +# +# It is recommended to NOT USE this CMake script if you have the option of +# running idf_monitor.py directly. This script exists only for use inside CMake builds. +# +cmake_minimum_required(VERSION 3.5) + +if(NOT IDF_PATH OR NOT PROJECT_ELF OR NOT ELF_DIR) + message(FATAL_ERROR "IDF_PATH, PROJECT_ELF and ELF_DIR must " + "be specified on the CMake command line. For direct monitor execution, it is " + "strongly recommended to run idf_monitor.py directly.") +endif() + +# Note: we can't expand these environment variables in the main IDF CMake build, +# because we want to expand them when running monitor not at CMake runtime (so they can change +# without needing a CMake re-run) +set(ESPPORT $ENV{ESPPORT}) +if(NOT ESPPORT) + message("Note: Using default serial port /dev/ttyUSB0. To modify, set ESPPORT environment variable.") +else() + set(port_arg "--port ${ESPPORT}") +endif() + +set(MONITORBAUD $ENV{MONITORBAUD}) +if(NOT MONITORBAUD) + message("Note: Using default baud rate 115200. To modify, set MONITORBAUD environment variable.") +else() + set(baud_arg "--baud ${MONITORBAUD}") +endif() + +include("${IDF_PATH}/tools/cmake/utilities.cmake") + +set(cmd "${IDF_PATH}/tools/idf_monitor.py ${port_arg} ${baud_arg} ${PROJECT_ELF}") +spaces2list(cmd) + +execute_process(COMMAND ${cmd} + WORKING_DIRECTORY "${ELF_DIR}" + RESULT_VARIABLE result + ) + +if(${result}) + # No way to have CMake silently fail, unfortunately + message(FATAL_ERROR "idf_monitor.py failed") +endif() diff --git a/vendors/espressif/manifest.cmake b/vendors/espressif/manifest.cmake index 54a7c3644a8..6fecf08f1c6 100644 --- a/vendors/espressif/manifest.cmake +++ b/vendors/espressif/manifest.cmake @@ -3,6 +3,7 @@ set( esp32_plus_ecc608a_devkitc esp32_devkitc esp32_wrover_kit + esp32s2_saola_1 CACHE INTERNAL "Supported boards list." ) @@ -10,3 +11,4 @@ set(AFR_MANIFEST_BOARD_DIR "boards") set(AFR_MANIFEST_BOARD_DIR_esp32_devkitc "boards/esp32") set(AFR_MANIFEST_BOARD_DIR_esp32_wrover_kit "boards/esp32") set(AFR_MANIFEST_BOARD_DIR_esp32_plus_ecc608a_devkitc "boards/esp32") +set(AFR_MANIFEST_BOARD_DIR_esp32s2_saola_1 "boards/esp32s2") From e0dad4437e72e27d415fdc25ebf196008c0c6548 Mon Sep 17 00:00:00 2001 From: Shubham Kulkarni Date: Mon, 7 Sep 2020 19:13:44 +0530 Subject: [PATCH 7/7] Updates in CMakeLists.txt to fix build issues when AFR is build as a library --- vendors/espressif/boards/esp32/CMakeLists.txt | 64 ++++++++++--------- .../espressif/boards/esp32s2/CMakeLists.txt | 59 +++++++++-------- 2 files changed, 68 insertions(+), 55 deletions(-) diff --git a/vendors/espressif/boards/esp32/CMakeLists.txt b/vendors/espressif/boards/esp32/CMakeLists.txt index a4c09b94df4..b1e41c22499 100644 --- a/vendors/espressif/boards/esp32/CMakeLists.txt +++ b/vendors/espressif/boards/esp32/CMakeLists.txt @@ -360,32 +360,37 @@ target_link_libraries( # ------------------------------------------------------------------------------------------------- afr_glob_src(config_files DIRECTORY "${board_dir}/config_files") -# Do not add demos or tests if they're turned off. -if(AFR_ENABLE_DEMOS OR AFR_ENABLE_TESTS) - add_executable( - ${exe_target} - "${board_dir}/application_code/main.c" - ${extra_exe_sources} - ) - idf_build_set_property(PROJECT_DIR ${AFR_ROOT_DIR}) - idf_build_executable(${exe_target}) - target_include_directories( - ${exe_target} - PUBLIC - "${esp_idf_dir}/components/esp_ringbuf/include" - $ - $ - $ - ) - target_link_libraries( - ${exe_target} - PRIVATE - AFR::wifi - AFR::utils - AFR::ble - ) +# If external project is set do not link IDF components to aws target +if (NOT IDF_PROJECT_EXECUTABLE) + set(IDF_PROJECT_EXECUTABLE ${exe_target}) +endif() + +if (NOT IDF_EXECUTABLE_SRCS) + set(IDF_EXECUTABLE_SRCS "${board_dir}/application_code/main.c" ${extra_exe_sources}) endif() +add_executable( + ${IDF_PROJECT_EXECUTABLE} + ${IDF_EXECUTABLE_SRCS} +) + +target_include_directories( + ${IDF_PROJECT_EXECUTABLE} + PUBLIC + "${esp_idf_dir}/components/esp_ringbuf/include" + $ + $ + $ +) + +target_link_libraries( + ${IDF_PROJECT_EXECUTABLE} + PRIVATE + AFR::wifi + AFR::utils + AFR::ble +) + if(AFR_METADATA_MODE) return() endif() @@ -460,11 +465,6 @@ set(IDF_BUILD_ARTIFACTS_DIR ${CMAKE_BINARY_DIR}) set(CMAKE_STATIC_LIBRARY_PREFIX "lib") -# If external project is set do not link IDF components to aws target -if (NOT IDF_PROJECT_EXECUTABLE) - set(IDF_PROJECT_EXECUTABLE ${exe_target}) -endif() - set_property(GLOBAL PROPERTY IDF_PROJECT_EXECUTABLE ${IDF_PROJECT_EXECUTABLE}) get_filename_component( @@ -534,7 +534,13 @@ target_compile_options( ${idf_compile_options} ) +idf_build_set_property(PROJECT_NAME ${IDF_PROJECT_EXECUTABLE}) +idf_build_set_property(EXECUTABLE_NAME ${IDF_PROJECT_EXECUTABLE}) +idf_build_set_property(PROJECT_DIR ${AFR_ROOT_DIR}) +idf_build_set_property(EXECUTABLE ${IDF_PROJECT_EXECUTABLE}) idf_project_generate_description_file(${CMAKE_BINARY_DIR}/project_description.json) +idf_build_executable(${IDF_PROJECT_EXECUTABLE}) +idf_build_set_property(EXECUTABLE_DIR ${CMAKE_BINARY_DIR}) # This is a hack to have IDF build system use PRIVATE keyword when # calling target_link_libraries() on aws_demos target. This is necessary diff --git a/vendors/espressif/boards/esp32s2/CMakeLists.txt b/vendors/espressif/boards/esp32s2/CMakeLists.txt index 1553871c81b..803d3c54fed 100644 --- a/vendors/espressif/boards/esp32s2/CMakeLists.txt +++ b/vendors/espressif/boards/esp32s2/CMakeLists.txt @@ -289,30 +289,35 @@ target_link_libraries( # ------------------------------------------------------------------------------------------------- afr_glob_src(config_files DIRECTORY "${board_dir}/config_files") -# Do not add demos or tests if they're turned off. -if(AFR_ENABLE_DEMOS OR AFR_ENABLE_TESTS) - add_executable( - ${exe_target} - "${board_dir}/application_code/main.c" - ${extra_exe_sources} - ) - idf_build_set_property(PROJECT_DIR ${AFR_ROOT_DIR}) - idf_build_executable(${exe_target}) - target_include_directories( - ${exe_target} - PUBLIC - "${esp_idf_dir}/components/esp_ringbuf/include" - $ - $ - ) - target_link_libraries( - ${exe_target} - PRIVATE - AFR::wifi - AFR::utils - ) +# If external project is set do not link IDF components to aws target +if (NOT IDF_PROJECT_EXECUTABLE) + set(IDF_PROJECT_EXECUTABLE ${exe_target}) +endif() + +if (NOT IDF_EXECUTABLE_SRCS) + set(IDF_EXECUTABLE_SRCS "${board_dir}/application_code/main.c" ${extra_exe_sources}) endif() +add_executable( + ${IDF_PROJECT_EXECUTABLE} + ${IDF_EXECUTABLE_SRCS} +) + +target_include_directories( + ${IDF_PROJECT_EXECUTABLE} + PUBLIC + "${esp_idf_dir}/components/esp_ringbuf/include" + $ + $ +) + +target_link_libraries( + ${IDF_PROJECT_EXECUTABLE} + PRIVATE + AFR::wifi + AFR::utils +) + if(AFR_METADATA_MODE) return() endif() @@ -387,10 +392,6 @@ set(IDF_BUILD_ARTIFACTS_DIR ${CMAKE_BINARY_DIR}) set(CMAKE_STATIC_LIBRARY_PREFIX "lib") -# If external project is set do not link IDF components to aws target -if (NOT IDF_PROJECT_EXECUTABLE) - set(IDF_PROJECT_EXECUTABLE ${exe_target}) -endif() set_property(GLOBAL PROPERTY IDF_PROJECT_EXECUTABLE ${IDF_PROJECT_EXECUTABLE}) @@ -461,7 +462,13 @@ target_compile_options( ${idf_compile_options} ) +idf_build_set_property(PROJECT_NAME ${IDF_PROJECT_EXECUTABLE}) +idf_build_set_property(EXECUTABLE_NAME ${IDF_PROJECT_EXECUTABLE}) +idf_build_set_property(PROJECT_DIR ${AFR_ROOT_DIR}) +idf_build_set_property(EXECUTABLE ${IDF_PROJECT_EXECUTABLE}) idf_project_generate_description_file(${CMAKE_BINARY_DIR}/project_description.json) +idf_build_executable(${IDF_PROJECT_EXECUTABLE}) +idf_build_set_property(EXECUTABLE_DIR ${CMAKE_BINARY_DIR}) # This is a hack to have IDF build system use PRIVATE keyword when # calling target_link_libraries() on aws_demos target. This is necessary