From b777fb40c7359ffefa3a208a52bedc1203da6a79 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:13:14 +0200 Subject: [PATCH 01/24] Update config.sh --- tools/config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/config.sh b/tools/config.sh index 46dc36762..85bac20c4 100755 --- a/tools/config.sh +++ b/tools/config.sh @@ -6,7 +6,7 @@ if [ -z $IDF_PATH ]; then fi if [ -z $IDF_BRANCH ]; then - export IDF_BRANCH="release/v5.3" + export IDF_BRANCH="53_wifi" fi # Arduino branch to use From bba548625cdcde5c2b186590cfb5a104453df2ad Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:14:14 +0200 Subject: [PATCH 02/24] Update push.yml --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 064581d4d..56dfbe0f3 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,4 +1,4 @@ -name: IDF v5.3 with P4 +name: IDF v5.3 fix WPA3 on: workflow_dispatch: # Manually start a workflow From 95c10a6c219b0befd6902ca4cf369f9f0a2c186e Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 00:07:11 +0200 Subject: [PATCH 03/24] Update defconfig.common --- configs/defconfig.common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index e76d17ac6..fb42c52f9 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -50,7 +50,7 @@ CONFIG_ESP_WIFI_MBEDTLS_TLS_CLIENT=y # CONFIG_ESP_WIFI_SOFTAP_SAE_SUPPORT is not set # CONFIG_ESP_WIFI_ENABLE_WPA3_OWE_STA is not set CONFIG_ESP_WIFI_ESPNOW_MAX_ENCRYPT_NUM=0 -# CONFIG_ESP_WIFI_MBEDTLS_CRYPTO is not set +CONFIG_ESP_WIFI_MBEDTLS_CRYPTO=y # CONFIG_ESP_WIFI_IRAM_OPT is not set # CONFIG_ESP_WIFI_RX_IRAM_OPT is not set CONFIG_ESP_PHY_REDUCE_TX_POWER=y From b6285ca212712243d159606e404215772fd48c39 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 00:16:51 +0200 Subject: [PATCH 04/24] Update defconfig.common --- configs/defconfig.common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index fb42c52f9..dfb7a9bac 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -171,7 +171,7 @@ CONFIG_MBEDTLS_HARDWARE_SHA=y CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_ECDH_C=y CONFIG_MBEDTLS_ECDSA_C=y -CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED=y +# CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLE is not set # CONFIG_MBEDTLS_DHM_C is not set # CONFIG_MBEDTLS_ECJPAKE_C is not set # CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS is not set From d45fd9ea0f83dd40574784238d40b295cbf82174 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 12:21:38 +0200 Subject: [PATCH 05/24] Update defconfig.common --- configs/defconfig.common | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index dfb7a9bac..3a623d2cf 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -37,22 +37,22 @@ CONFIG_ESP_TASK_WDT_PANIC=y CONFIG_ESP_TIMER_TASK_STACK_SIZE=4096 CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y CONFIG_ESPTOOLPY_HEADER_FLASHSIZE_UPDATE=y +# CONFIG_ESP_WIFI_MBEDTLS_CRYPTO is not set # CONFIG_ESP_WIFI_FTM_ENABLE is not set # CONFIG_ESP_WIFI_GMAC_SUPPORT is not set -CONFIG_ESP_WIFI_STATIC_RX_BUFFER_NUM=8 -CONFIG_ESP_WIFI_STATIC_TX_BUFFER_NUM=8 -CONFIG_ESP_WIFI_CACHE_TX_BUFFER_NUM=16 # CONFIG_ESP_WIFI_CSI_ENABLED is not set -CONFIG_ESP_WIFI_ENABLE_WPA3_SAE=y -CONFIG_ESP_WIFI_ENABLE_SAE_PK=y +# CONFIG_ESP_WIFI_ENABLE_WPA3_SAE is not set +# CONFIG_ESP_WIFI_ENABLE_SAE_PK is not set # CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT is not set CONFIG_ESP_WIFI_MBEDTLS_TLS_CLIENT=y # CONFIG_ESP_WIFI_SOFTAP_SAE_SUPPORT is not set # CONFIG_ESP_WIFI_ENABLE_WPA3_OWE_STA is not set CONFIG_ESP_WIFI_ESPNOW_MAX_ENCRYPT_NUM=0 -CONFIG_ESP_WIFI_MBEDTLS_CRYPTO=y # CONFIG_ESP_WIFI_IRAM_OPT is not set # CONFIG_ESP_WIFI_RX_IRAM_OPT is not set +CONFIG_ESP_WIFI_STATIC_RX_BUFFER_NUM=8 +CONFIG_ESP_WIFI_STATIC_TX_BUFFER_NUM=8 +CONFIG_ESP_WIFI_CACHE_TX_BUFFER_NUM=16 CONFIG_ESP_PHY_REDUCE_TX_POWER=y CONFIG_ETH_TRANSMIT_MUTEX=y CONFIG_ETH_SPI_ETHERNET_DM9051=y From f7355174754c63dce7bac26418bfbd4d28c61019 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 12:22:14 +0200 Subject: [PATCH 06/24] Update push.yml --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 56dfbe0f3..c5ed2141f 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,4 +1,4 @@ -name: IDF v5.3 fix WPA3 +name: IDF v5.3 no WPA3 on: workflow_dispatch: # Manually start a workflow From cf3454253a557fdfc850cf6fa440220128b3a419 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 12:50:39 +0200 Subject: [PATCH 07/24] Update defconfig.common --- configs/defconfig.common | 1 + 1 file changed, 1 insertion(+) diff --git a/configs/defconfig.common b/configs/defconfig.common index 3a623d2cf..22fcfce01 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -108,6 +108,7 @@ CONFIG_NEWLIB_NANO_FORMAT=y CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=y CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_DEFAULT_FULL=y CONFIG_MBEDTLS_TLS_DISABLED=y +# CONFIG_MBEDTLS_TLS_ENABLED is not set # CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN is not set CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS=10 # CONFIG_MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is not set From 9c9cdbb48e8460fa9f4154b2676d2b9742bccde1 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 13:05:06 +0200 Subject: [PATCH 08/24] Update defconfig.common --- configs/defconfig.common | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configs/defconfig.common b/configs/defconfig.common index 22fcfce01..df9f10947 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -1,3 +1,4 @@ +CONFIG_IDF_EXPERIMENTAL_FEATURES=y CONFIG_AUTOSTART_ARDUINO=y # CONFIG_WS2812_LED_ENABLE is not set CONFIG_APP_BUILD_TYPE_APP_2NDBOOT=y @@ -148,6 +149,7 @@ CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y # CONFIG_MBEDTLS_SSL_ALPN is not set # CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS is not set +CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL=y CONFIG_MBEDTLS_CMAC_C=y CONFIG_MBEDTLS_ROM_MD5=y CONFIG_MBEDTLS_HARDWARE_ECC=y From 461cae99a79f931fb39c6ed6bbeab907eb02b22f Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 13:13:04 +0200 Subject: [PATCH 09/24] remove disable `MBEDTLS_GCM_C` --- configs/defconfig.common | 1 - 1 file changed, 1 deletion(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index df9f10947..6d96a1370 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -125,7 +125,6 @@ CONFIG_MBEDTLS_AES_C=y # CONFIG_MBEDTLS_BLOWFISH_C is not set # CONFIG_MBEDTLS_XTEA_C is not set # CONFIG_MBEDTLS_CCM_C is not set -# CONFIG_MBEDTLS_GCM_C is not set # CONFIG_MBEDTLS_NIST_KW_C is not set # end of Symmetric Ciphers From ae6fd70ff21e1f4d0492a52782e0c01dd109c238 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 17:53:42 +0200 Subject: [PATCH 10/24] Create no_ECP_DP_SECP256R1.diff --- patches/no_ECP_DP_SECP256R1.diff | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 patches/no_ECP_DP_SECP256R1.diff diff --git a/patches/no_ECP_DP_SECP256R1.diff b/patches/no_ECP_DP_SECP256R1.diff new file mode 100644 index 000000000..1fd015111 --- /dev/null +++ b/patches/no_ECP_DP_SECP256R1.diff @@ -0,0 +1,12 @@ +diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h +index 35921412c6e6..d3abe4007b83 100644 +--- a/include/mbedtls/mbedtls_config.h ++++ b/include/mbedtls/mbedtls_config.h +@@ -759,7 +759,6 @@ + /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ + #define MBEDTLS_ECP_DP_SECP192R1_ENABLED + #define MBEDTLS_ECP_DP_SECP224R1_ENABLED +-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED + #define MBEDTLS_ECP_DP_SECP384R1_ENABLED + #define MBEDTLS_ECP_DP_SECP521R1_ENABLED + #define MBEDTLS_ECP_DP_SECP192K1_ENABLED From 3793323ceb2ac94ad567a71316215acc15420632 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 18:00:50 +0200 Subject: [PATCH 11/24] Update and rename no_ECP_DP_SECP256R1.diff to no_ecp_dp_secp256r1.diff --- patches/{no_ECP_DP_SECP256R1.diff => no_ecp_dp_secp256r1.diff} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename patches/{no_ECP_DP_SECP256R1.diff => no_ecp_dp_secp256r1.diff} (77%) diff --git a/patches/no_ECP_DP_SECP256R1.diff b/patches/no_ecp_dp_secp256r1.diff similarity index 77% rename from patches/no_ECP_DP_SECP256R1.diff rename to patches/no_ecp_dp_secp256r1.diff index 1fd015111..9bf7d79e1 100644 --- a/patches/no_ECP_DP_SECP256R1.diff +++ b/patches/no_ecp_dp_secp256r1.diff @@ -1,4 +1,4 @@ -diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h +diff --git a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h b/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h index 35921412c6e6..d3abe4007b83 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h From 1a4b16b7c3fc3faa0d54d36979d9666e639f3440 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 18:01:33 +0200 Subject: [PATCH 12/24] Update no_ecp_dp_secp256r1.diff --- patches/no_ecp_dp_secp256r1.diff | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/patches/no_ecp_dp_secp256r1.diff b/patches/no_ecp_dp_secp256r1.diff index 9bf7d79e1..2ac236817 100644 --- a/patches/no_ecp_dp_secp256r1.diff +++ b/patches/no_ecp_dp_secp256r1.diff @@ -1,7 +1,7 @@ diff --git a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h b/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h index 35921412c6e6..d3abe4007b83 100644 ---- a/include/mbedtls/mbedtls_config.h -+++ b/include/mbedtls/mbedtls_config.h +--- a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h ++++ a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h @@ -759,7 +759,6 @@ /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ #define MBEDTLS_ECP_DP_SECP192R1_ENABLED From 485198d72d46834dbdaf8d4377e50aecc3ee8f24 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 18:04:05 +0200 Subject: [PATCH 13/24] patch to remove cipher --- tools/install-esp-idf.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/install-esp-idf.sh b/tools/install-esp-idf.sh index 0994c09b7..3df566939 100755 --- a/tools/install-esp-idf.sh +++ b/tools/install-esp-idf.sh @@ -70,6 +70,7 @@ if [ ! -x $idf_was_installed ] || [ ! -x $commit_predefined ]; then patch -p1 -N -i $AR_PATCHES/esp32s2_i2c_ll_master_init.diff patch -p1 -N -i $AR_PATCHES/mmu_map.diff patch -p1 -N -i $AR_PATCHES/lwip_max_tcp_pcb.diff + patch -p1 -N -i $AR_PATCHES/no_ecp_dp_secp256r1.diff cd - # Get the exact IDF version from file "version.txt" From 5f7736823b34657d73f026e67183dbedbea1a491 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 19:11:31 +0200 Subject: [PATCH 14/24] Update no_ecp_dp_secp256r1.diff --- patches/no_ecp_dp_secp256r1.diff | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/patches/no_ecp_dp_secp256r1.diff b/patches/no_ecp_dp_secp256r1.diff index 2ac236817..fd2c57109 100644 --- a/patches/no_ecp_dp_secp256r1.diff +++ b/patches/no_ecp_dp_secp256r1.diff @@ -1,7 +1,36 @@ +diff --git a/components/mbedtls/mbedtls/include/mbedtls/check_config.h b/components/mbedtls/mbedtls/include/mbedtls/check_config.h +--- a/components/mbedtls/mbedtls/include/mbedtls/check_config.h ++++ b/components/mbedtls/mbedtls/include/mbedtls/check_config.h +@@ -142,7 +142,6 @@ + ( !defined(MBEDTLS_ECP_C) || \ + !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ +@@ -193,7 +192,6 @@ + #if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ + !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ +@@ -361,8 +359,7 @@ + #endif + #else /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ +- ( !defined(MBEDTLS_ECJPAKE_C) || \ +- !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ) ++ ( !defined(MBEDTLS_ECJPAKE_C) ) + #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" + #endif + #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h b/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h index 35921412c6e6..d3abe4007b83 100644 --- a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h -+++ a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h ++++ b/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h @@ -759,7 +759,6 @@ /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ #define MBEDTLS_ECP_DP_SECP192R1_ENABLED From ab92c69427df4b2dedf6bb42dcd83b002b2cc9c5 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 19:17:46 +0200 Subject: [PATCH 15/24] Update defconfig.common --- configs/defconfig.common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index 6d96a1370..9be0e6143 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -170,7 +170,7 @@ CONFIG_MBEDTLS_HARDWARE_SHA=y # CONFIG_MBEDTLS_X509_CSR_PARSE_C is not set # end of Certificates -CONFIG_MBEDTLS_ECP_C=y +# CONFIG_MBEDTLS_ECP_C is not set CONFIG_MBEDTLS_ECDH_C=y CONFIG_MBEDTLS_ECDSA_C=y # CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLE is not set From 5a54b906de4e1b820155d78a5c8e7b9ce025575b Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 19:31:12 +0200 Subject: [PATCH 16/24] Update defconfig.common --- configs/defconfig.common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index 9be0e6143..6d96a1370 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -170,7 +170,7 @@ CONFIG_MBEDTLS_HARDWARE_SHA=y # CONFIG_MBEDTLS_X509_CSR_PARSE_C is not set # end of Certificates -# CONFIG_MBEDTLS_ECP_C is not set +CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_ECDH_C=y CONFIG_MBEDTLS_ECDSA_C=y # CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLE is not set From c42a67fb94981355e4d6170487f87a68fffc5b71 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 19:36:47 +0200 Subject: [PATCH 17/24] Update no_ecp_dp_secp256r1.diff --- patches/no_ecp_dp_secp256r1.diff | 64 ++++++++++++++++++++++++-------- 1 file changed, 49 insertions(+), 15 deletions(-) diff --git a/patches/no_ecp_dp_secp256r1.diff b/patches/no_ecp_dp_secp256r1.diff index fd2c57109..4574a343c 100644 --- a/patches/no_ecp_dp_secp256r1.diff +++ b/patches/no_ecp_dp_secp256r1.diff @@ -1,23 +1,57 @@ diff --git a/components/mbedtls/mbedtls/include/mbedtls/check_config.h b/components/mbedtls/mbedtls/include/mbedtls/check_config.h +index b3c038dd2e93..34cabd1f9463 100644 --- a/components/mbedtls/mbedtls/include/mbedtls/check_config.h +++ b/components/mbedtls/mbedtls/include/mbedtls/check_config.h -@@ -142,7 +142,6 @@ - ( !defined(MBEDTLS_ECP_C) || \ - !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ +@@ -138,24 +138,6 @@ + #error "MBEDTLS_ECDH_C defined, but not all prerequisites" + #endif + +-#if defined(MBEDTLS_ECDSA_C) && \ +- ( !defined(MBEDTLS_ECP_C) || \ +- !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ -@@ -193,7 +192,6 @@ - #if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ - !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ +- defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ +- defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \ +- !defined(MBEDTLS_ASN1_PARSE_C) || \ +- !defined(MBEDTLS_ASN1_WRITE_C) ) +-#error "MBEDTLS_ECDSA_C defined, but not all prerequisites" +-#endif +- + #if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) + #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C) + #error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature" +@@ -190,23 +172,6 @@ + #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" + #endif + +-#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ +- !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ -@@ -361,8 +359,7 @@ +- !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ +- !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) +-#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites" +-#endif +- + #if defined(MBEDTLS_ENTROPY_C) && \ + !(defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA256)) + #error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" +@@ -361,8 +326,7 @@ #endif #else /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ From 6909d7abbf6b859578fe934136c0b257e7b63b2f Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 19:48:59 +0200 Subject: [PATCH 18/24] Update install-esp-idf.sh --- tools/install-esp-idf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/install-esp-idf.sh b/tools/install-esp-idf.sh index 3df566939..a1351a497 100755 --- a/tools/install-esp-idf.sh +++ b/tools/install-esp-idf.sh @@ -70,7 +70,7 @@ if [ ! -x $idf_was_installed ] || [ ! -x $commit_predefined ]; then patch -p1 -N -i $AR_PATCHES/esp32s2_i2c_ll_master_init.diff patch -p1 -N -i $AR_PATCHES/mmu_map.diff patch -p1 -N -i $AR_PATCHES/lwip_max_tcp_pcb.diff - patch -p1 -N -i $AR_PATCHES/no_ecp_dp_secp256r1.diff + # patch -p1 -N -i $AR_PATCHES/no_ecp_dp_secp256r1.diff cd - # Get the exact IDF version from file "version.txt" From 85b6fdd3e11a2162dc8cf9658c01e60704dc072c Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 20:05:30 +0200 Subject: [PATCH 19/24] Update config.sh --- tools/config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/config.sh b/tools/config.sh index 85bac20c4..46dc36762 100755 --- a/tools/config.sh +++ b/tools/config.sh @@ -6,7 +6,7 @@ if [ -z $IDF_PATH ]; then fi if [ -z $IDF_BRANCH ]; then - export IDF_BRANCH="53_wifi" + export IDF_BRANCH="release/v5.3" fi # Arduino branch to use From 3d2249a9b94c676338e1135d0bb9c4dc80eddb24 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 21:25:40 +0200 Subject: [PATCH 20/24] Update defconfig.common --- configs/defconfig.common | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index 6d96a1370..74e2181ab 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -1,4 +1,3 @@ -CONFIG_IDF_EXPERIMENTAL_FEATURES=y CONFIG_AUTOSTART_ARDUINO=y # CONFIG_WS2812_LED_ENABLE is not set CONFIG_APP_BUILD_TYPE_APP_2NDBOOT=y @@ -125,6 +124,7 @@ CONFIG_MBEDTLS_AES_C=y # CONFIG_MBEDTLS_BLOWFISH_C is not set # CONFIG_MBEDTLS_XTEA_C is not set # CONFIG_MBEDTLS_CCM_C is not set +# CONFIG_MBEDTLS_GCM_C is not set # CONFIG_MBEDTLS_NIST_KW_C is not set # end of Symmetric Ciphers @@ -173,7 +173,7 @@ CONFIG_MBEDTLS_HARDWARE_SHA=y CONFIG_MBEDTLS_ECP_C=y CONFIG_MBEDTLS_ECDH_C=y CONFIG_MBEDTLS_ECDSA_C=y -# CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLE is not set +CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLE=y # CONFIG_MBEDTLS_DHM_C is not set # CONFIG_MBEDTLS_ECJPAKE_C is not set # CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS is not set From a29e9a309e315a16e80fc694aa119e277d500682 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 21:50:54 +0200 Subject: [PATCH 21/24] Update defconfig.common --- configs/defconfig.common | 1 - 1 file changed, 1 deletion(-) diff --git a/configs/defconfig.common b/configs/defconfig.common index 74e2181ab..c6ef4ea89 100644 --- a/configs/defconfig.common +++ b/configs/defconfig.common @@ -148,7 +148,6 @@ CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y # CONFIG_MBEDTLS_SSL_ALPN is not set # CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS is not set -CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL=y CONFIG_MBEDTLS_CMAC_C=y CONFIG_MBEDTLS_ROM_MD5=y CONFIG_MBEDTLS_HARDWARE_ECC=y From be8a5d6cb0043defdb10b7af620bb39c25858eb6 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 21:54:18 +0200 Subject: [PATCH 22/24] Delete patches/no_ecp_dp_secp256r1.diff --- patches/no_ecp_dp_secp256r1.diff | 75 -------------------------------- 1 file changed, 75 deletions(-) delete mode 100644 patches/no_ecp_dp_secp256r1.diff diff --git a/patches/no_ecp_dp_secp256r1.diff b/patches/no_ecp_dp_secp256r1.diff deleted file mode 100644 index 4574a343c..000000000 --- a/patches/no_ecp_dp_secp256r1.diff +++ /dev/null @@ -1,75 +0,0 @@ -diff --git a/components/mbedtls/mbedtls/include/mbedtls/check_config.h b/components/mbedtls/mbedtls/include/mbedtls/check_config.h -index b3c038dd2e93..34cabd1f9463 100644 ---- a/components/mbedtls/mbedtls/include/mbedtls/check_config.h -+++ b/components/mbedtls/mbedtls/include/mbedtls/check_config.h -@@ -138,24 +138,6 @@ - #error "MBEDTLS_ECDH_C defined, but not all prerequisites" - #endif - --#if defined(MBEDTLS_ECDSA_C) && \ -- ( !defined(MBEDTLS_ECP_C) || \ -- !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ -- defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \ -- !defined(MBEDTLS_ASN1_PARSE_C) || \ -- !defined(MBEDTLS_ASN1_WRITE_C) ) --#error "MBEDTLS_ECDSA_C defined, but not all prerequisites" --#endif -- - #if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) - #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C) - #error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature" -@@ -190,23 +172,6 @@ - #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" - #endif - --#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ -- !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ -- !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) --#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites" --#endif -- - #if defined(MBEDTLS_ENTROPY_C) && \ - !(defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA256)) - #error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" -@@ -361,8 +326,7 @@ - #endif - #else /* MBEDTLS_USE_PSA_CRYPTO */ - #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ -- ( !defined(MBEDTLS_ECJPAKE_C) || \ -- !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ) -+ ( !defined(MBEDTLS_ECJPAKE_C) ) - #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" - #endif - #endif /* MBEDTLS_USE_PSA_CRYPTO */ -diff --git a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h b/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h -index 35921412c6e6..d3abe4007b83 100644 ---- a/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h -+++ b/components/mbedtls/mbedtls/include/mbedtls/mbedtls_config.h -@@ -759,7 +759,6 @@ - /* Short Weierstrass curves (supporting ECP, ECDH, ECDSA) */ - #define MBEDTLS_ECP_DP_SECP192R1_ENABLED - #define MBEDTLS_ECP_DP_SECP224R1_ENABLED --#define MBEDTLS_ECP_DP_SECP256R1_ENABLED - #define MBEDTLS_ECP_DP_SECP384R1_ENABLED - #define MBEDTLS_ECP_DP_SECP521R1_ENABLED - #define MBEDTLS_ECP_DP_SECP192K1_ENABLED From 2c60b8da66138a0b7fefafb920330b833f4e2e64 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 21:55:04 +0200 Subject: [PATCH 23/24] Update install-esp-idf.sh --- tools/install-esp-idf.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/tools/install-esp-idf.sh b/tools/install-esp-idf.sh index a1351a497..0994c09b7 100755 --- a/tools/install-esp-idf.sh +++ b/tools/install-esp-idf.sh @@ -70,7 +70,6 @@ if [ ! -x $idf_was_installed ] || [ ! -x $commit_predefined ]; then patch -p1 -N -i $AR_PATCHES/esp32s2_i2c_ll_master_init.diff patch -p1 -N -i $AR_PATCHES/mmu_map.diff patch -p1 -N -i $AR_PATCHES/lwip_max_tcp_pcb.diff - # patch -p1 -N -i $AR_PATCHES/no_ecp_dp_secp256r1.diff cd - # Get the exact IDF version from file "version.txt" From 897df70dfd33e75eac73f70f7d8e3b45ca366aa7 Mon Sep 17 00:00:00 2001 From: Jason2866 <24528715+Jason2866@users.noreply.github.com> Date: Fri, 6 Sep 2024 21:57:30 +0200 Subject: [PATCH 24/24] Update push.yml --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index c5ed2141f..064581d4d 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,4 +1,4 @@ -name: IDF v5.3 no WPA3 +name: IDF v5.3 with P4 on: workflow_dispatch: # Manually start a workflow