mirror/bl_iot_sdk
1
0
Fork 0
mirror of https://github.com/pine64/bl_iot_sdk.git synced 2024-10-06 06:50:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

bouffalolab_release_bl_iot_sdk_1.6.38

Browse Source 
Signed-off-by: qwang <qwang@bouffalolab.com>
This commit is contained in:
qwang 2022-08-09 10:40:23 +08:00
parent e51408c826
commit 68baa6b80d
No known key found for this signature in database
GPG Key ID: 88BF16D240F1E38A
273 changed files with 59344 additions and 5476 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
components/network/ble/ble_common.mk
View File

@ -122,6 +122,10 @@ CFLAGS += -DBL808
CONFIG_BT_RESET=0
endif
ifeq ($(CONFIG_CHIP_NAME),BL702L)
CFLAGS += -DBL702L
endif
ifeq ($(CONFIG_DBG_RUN_ON_FPGA), 1)
CFLAGS += -DCFG_DBG_RUN_ON_FPGA
endif
@ -182,6 +186,16 @@ CONFIG_BIS := 0
CONFIG_LE_PWR_CTRL ?= 0
endif
ifeq ($(CONFIG_CHIP_NAME),BL702L)
CONFIG_BT := 0
CONFIG_CIS := 0
CONFIG_ADV_EXTENSION := 0
CONFIG_BIS := 0
CONFIG_LE_PWR_CTRL := 0
CONFIG_CTE := 0
CONFIG_EM_SIZE := 16
endif
CONFIG_BT ?= 1
CONFIG_SCO_ESCO ?= 1
CONFIG_PCA ?= 1

BIN
components/network/ble/blecontroller_602_m0s1/lib/libblecontroller_602_m0s1.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_602_m0s1s/lib/libblecontroller_602_m0s1s.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_602_std/lib/libblecontroller_602_std.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_702_m0s0sp/lib/libblecontroller_702_m0s0sp.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_702_m0s1/lib/libblecontroller_702_m0s1.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_702_m0s1p/lib/libblecontroller_702_m0s1p.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_702_m0s1s/lib/libblecontroller_702_m0s1s.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_702_m16s1/lib/libblecontroller_702_m16s1.a
View File

Binary file not shown.

BIN
components/network/ble/blecontroller_702_std/lib/libblecontroller_702_std.a
View File

Binary file not shown.

37
components/network/ble/blestack/src/host/hci_core.c
View File

@ -6044,6 +6044,11 @@ bool le_check_valid_scan(void)
{
return atomic_test_bit(bt_dev.flags, BT_DEV_EXPLICIT_SCAN);
}
bool le_check_valid_adv(void)
{
return atomic_test_bit(bt_dev.flags, BT_DEV_ADVERTISING);
}
#endif
@ -6245,9 +6250,6 @@ int bt_set_name(const char *name)
if (IS_ENABLED(CONFIG_BT_SETTINGS)) {
#if defined(BFLB_BLE)
#if defined(CFG_SLEEP)
if(HBN_Get_Status_Flag() == 0)
#endif
bt_settings_save_name();
#else
err = settings_save_one("bt/name", bt_dev.name, len);
@ -6257,6 +6259,10 @@ int bt_set_name(const char *name)
#endif
}
#if defined(CONFIG_BT_BREDR)
bt_br_write_local_name(name);
#endif
return 0;
#else
return -ENOMEM;
@ -7898,13 +7904,21 @@ int bt_br_set_connectable(bool enable)
if (enable) {
if (atomic_test_bit(bt_dev.flags, BT_DEV_PSCAN)) {
return -EALREADY;
} else {
}
if(atomic_test_bit(bt_dev.flags, BT_DEV_ISCAN)){
return write_scan_enable(BT_BREDR_SCAN_INQUIRY | BT_BREDR_SCAN_PAGE);
}else{
return write_scan_enable(BT_BREDR_SCAN_PAGE);
}
} else {
if (!atomic_test_bit(bt_dev.flags, BT_DEV_PSCAN)) {
return -EALREADY;
} else {
}
if(atomic_test_bit(bt_dev.flags, BT_DEV_ISCAN)){
return write_scan_enable(BT_BREDR_SCAN_INQUIRY);
}else{
return write_scan_enable(BT_BREDR_SCAN_DISABLED);
}
}
@ -7918,17 +7932,22 @@ int bt_br_set_discoverable(bool enable)
}
if (!atomic_test_bit(bt_dev.flags, BT_DEV_PSCAN)) {
return -EPERM;
return write_scan_enable(BT_BREDR_SCAN_INQUIRY);
}else{
return write_scan_enable(BT_BREDR_SCAN_INQUIRY |
BT_BREDR_SCAN_PAGE);
}
return write_scan_enable(BT_BREDR_SCAN_INQUIRY |
BT_BREDR_SCAN_PAGE);
} else {
if (!atomic_test_bit(bt_dev.flags, BT_DEV_ISCAN)) {
return -EALREADY;
}
return write_scan_enable(BT_BREDR_SCAN_PAGE);
if (atomic_test_bit(bt_dev.flags, BT_DEV_PSCAN)) {
return write_scan_enable(BT_BREDR_SCAN_PAGE);
}else{
return write_scan_enable(BT_BREDR_SCAN_DISABLED);
}
}
}

2
components/network/ble/blestack/src/port/include/config.h
View File

@ -371,6 +371,8 @@
#define CONFIG_BT_DEVICE_NAME "BL602-BLE-DEV"
#elif defined(BL702)
#define CONFIG_BT_DEVICE_NAME "BL702-BLE-DEV"
#elif defined(BL702L)
#define CONFIG_BT_DEVICE_NAME "BL702L-BLE-DEV"
#else
#define CONFIG_BT_DEVICE_NAME "BTBLE-DEV"
#endif

35
components/network/lmac154/include/lmac154.h
View File

@ -108,6 +108,20 @@ typedef enum {
LMAC154_TX_STATUS_HW_ERROR = 3,
}lmac154_tx_status_t;
typedef enum {
LMAC154_RX_ACCEPT_CRC_ERR = 0x00000001, // able to receive packets that CRC check error
LMAC154_RX_ACCEPT_FRAME_TYPE_RVSD = 0x00000002, // able to receive packets that the value of frame type filed is reserved in 802.15.4 spec
LMAC154_RX_ACCEPT_FRAME_VER_RVSD = 0x00000004, // able to receive packets that the value of frame version filed is reserved in 802.15.4 spec
LMAC154_RX_ACCEPT_DST_ADDR_M_RVSD = 0x00000008, // able to receive packets that the value of dest address mode filed is reserved in 802.15.4 spec
LMAC154_RX_ACCEPT_SRC_ADDR_M_RVSD = 0x00000010, // able to receive packets that the value of src address mode filed is reserved in 802.15.4 spec
LMAC154_RX_ACCEPT_DST_PANID_MISMATCH = 0x00000020, // able to receive packets that the value of dest PANID does not match with local device
LMAC154_RX_ACCEPT_DST_ADDR_MISMATCH = 0x00000040, // able to receive packets that the value of dest address does not match with local device
LMAC154_RX_ACCEPT_SRC_PANID_MISMATCH = 0x00000080, // able to receive packets that the value of src PANID does not match with local device
LMAC154_RX_ACCEPT_NONE = 0x00000000, // not able to receive all packets above
LMAC154_RX_ACCEPT_ALL = 0x000000ff, // able to receive all packets above
}lmac154_rx_accept_policy_t;
/****************************************************************************//**
* @brief Initialize the hardware module
@ -521,30 +535,27 @@ void lmac154_enableFrameTypeFiltering(uint8_t frame_types);
*******************************************************************************/
void lmac154_disableFrameTypeFiltering(void);
/****************************************************************************//**
* @brief Enable crc filtering (default enabled)
* Will only receive frames that pass crc check
* @brief set rx accept policy
*
*
* @param None
* @param policy : enum lmac154_rx_accept_policy_t
*
* @return None
*
*******************************************************************************/
void lmac154_enableCrcFiltering(void);
void lmac154_setRxAcceptPolicy(lmac154_rx_accept_policy_t policy);
/****************************************************************************//**
* @brief Disable crc filtering (default enabled)
* Will receive all frames ignoring crc check
* @brief get rx accept policy
*
*
* @param None
* @param None
*
* @return None
* @return lmac154_rx_accept_policy : enum lmac154_rx_accept_policy_t
*
*******************************************************************************/
void lmac154_disableCrcFiltering(void);
lmac154_rx_accept_policy_t lmac154_getRxAcceptPolicy(void);
/****************************************************************************//**
* @brief Set external PA

BIN
components/network/lmac154/lib/liblmac154.a
View File

Binary file not shown.

22
components/network/lwip/lwip-port/config/lwipopts.h
View File

@ -43,6 +43,8 @@
*/
#if defined(CFG_CHIP_BL808)
#define LWIP_TCPIP_CORE_LOCKING_INPUT 1
#elif defined(CFG_CHIP_BL606P)
#define LWIP_TCPIP_CORE_LOCKING_INPUT 1
#else
#define LWIP_TCPIP_CORE_LOCKING_INPUT 0
#endif
@ -57,6 +59,8 @@
a lot of data that needs to be copied, this should be set high. */
#if defined(CFG_CHIP_BL808)
#define MEM_SIZE (60*1024)
#elif defined(CFG_CHIP_BL606P)
#define MEM_SIZE (60*1024)
#elif defined(CFG_SDIOWIFI)
#define MEM_SIZE (24*1024)
#else
@ -81,6 +85,8 @@ a lot of data that needs to be copied, this should be set high. */
segments. */
#if defined(CFG_CHIP_BL808)
#define MEMP_NUM_TCP_SEG 100
#elif defined(CFG_CHIP_BL606P)
#define MEMP_NUM_TCP_SEG 100
#else
#define MEMP_NUM_TCP_SEG 32
#endif
@ -95,6 +101,8 @@ a lot of data that needs to be copied, this should be set high. */
#if !defined PBUF_POOL_SIZE
#if defined(CFG_CHIP_BL808)
#define PBUF_POOL_SIZE 200
#elif defined(CFG_CHIP_BL606P)
#define PBUF_POOL_SIZE 200
#else
#ifdef CFG_ETHERNET_ENABLE
#define PBUF_POOL_SIZE 12
@ -107,6 +115,8 @@ a lot of data that needs to be copied, this should be set high. */
/* PBUF_POOL_BUFSIZE: the size of each pbuf in the pbuf pool. */
#if defined(CFG_CHIP_BL808)||defined(CFG_ETHERNET_ENABLE)
#define PBUF_POOL_BUFSIZE 1600
#elif defined(CFG_CHIP_BL606P)
#define PBUF_POOL_BUFSIZE 1600
#else
#define PBUF_POOL_BUFSIZE 760
#endif /* CFG_ETHERNET_ENABLE */
@ -129,6 +139,8 @@ a lot of data that needs to be copied, this should be set high. */
/* TCP sender buffer space (bytes). */
#if defined(CFG_CHIP_BL808)
#define TCP_SND_BUF (12*TCP_MSS)
#elif defined(CFG_CHIP_BL606P)
#define TCP_SND_BUF (12*TCP_MSS)
#else
#ifdef CFG_ETHERNET_ENABLE
#define TCP_SND_BUF (11*TCP_MSS)
@ -154,6 +166,8 @@ a lot of data that needs to be copied, this should be set high. */
/* TCP receive window. */
#if defined(CFG_CHIP_BL808)
#define TCP_WND (30*TCP_MSS)
#elif defined(CFG_CHIP_BL606P)
#define TCP_WND (30*TCP_MSS)
#else
#ifdef CFG_ETHERNET_ENABLE
#define TCP_WND (6*TCP_MSS)
@ -166,12 +180,18 @@ a lot of data that needs to be copied, this should be set high. */
#define LWIP_DECLARE_MEMORY_ALIGNED(variable_name, size) u8_t variable_name[LWIP_MEM_ALIGN_BUFFER(size)]
#endif
#if defined(CFG_CHIP_BL606P)
#define LWIP_DECLARE_MEMORY_ALIGNED(variable_name, size) u8_t variable_name[LWIP_MEM_ALIGN_BUFFER(size)]
#endif
/**
* TCP_WND_UPDATE_THRESHOLD: difference in window to trigger an
* explicit window update
*/
#if defined(CFG_CHIP_BL808)
#define TCP_WND_UPDATE_THRESHOLD LWIP_MIN((TCP_WND / 2), (TCP_MSS * 16))
#elif defined(CFG_CHIP_BL606P)
#define TCP_WND_UPDATE_THRESHOLD LWIP_MIN((TCP_WND / 2), (TCP_MSS * 16))
#else
#define TCP_WND_UPDATE_THRESHOLD LWIP_MIN((TCP_WND / 2), (TCP_MSS * 6))
#endif
@ -319,6 +339,8 @@ a lot of data that needs to be copied, this should be set high. */
#define LWIP_COMPAT_MUTEX 0
#if defined(CFG_CHIP_BL808)
#define LWIP_TCPIP_CORE_LOCKING 1
#elif defined(CFG_CHIP_BL606P)
#define LWIP_TCPIP_CORE_LOCKING 1
#else
#define LWIP_TCPIP_CORE_LOCKING 0
#endif

2
components/network/netutils/iperf/iperf.c
View File

@ -52,6 +52,8 @@
#define IPERF_PORT 5001
#if defined(CFG_CHIP_BL808)
#define IPERF_BUFSZ (16 * 1300)
#elif defined(CFG_CHIP_BL606P)
#define IPERF_BUFSZ (16 * 1300)
#else
#define IPERF_BUFSZ (4 * 1300)
#endif

2
components/network/sntp/sntp.c
View File

@ -335,7 +335,7 @@ sntp_process(const struct sntp_timestamps *timestamps)
ntp_sec = sec + DIFF_SEC_1970_2036;
ntp_frag = frac;
time_obtained = xTaskGetTickCount();
bl_sys_time_update(((uint64_t)ntp_sec) * 1000 + ntp_frag / 1000);
bl_sys_time_update(((uint64_t)ntp_sec) * 1000 + SNTP_FRAC_TO_US(ntp_frag) / 1000);
taskEXIT_CRITICAL();
LWIP_UNUSED_ARG(frac); /* might be unused if only seconds are set */

1
components/network/wifi/include/bl60x_fw_api.h
View File

@ -439,6 +439,7 @@ typedef enum wifi_fw_event_id
#define WLAN_FW_DISCONNECT_BY_USER_WITH_DEAUTH 19
#define WLAN_FW_DISCONNECT_BY_USER_NO_DEAUTH 20
#define WLAN_FW_DISCONNECT_BY_FW_PS_TX_NULLFRAME_FAILURE 21
#define WLAN_FW_TRAFFIC_LOSS 22
/*--------------------------------------------------------------------*/

1
components/network/wifi/include/supplicant_api.h
View File

@ -214,6 +214,7 @@ struct wpa_funcs {
/* int (*wpa_michael_mic_failure)(uint16_t is_unicast); */
uint8_t *(*wpa3_build_sae_msg)(uint8_t *bssid, uint8_t *mac, uint8_t *passphrase, uint32_t sae_msg_type, size_t *sae_msg_len);
int (*wpa3_parse_sae_msg)(uint8_t *buf, size_t len, uint32_t type, uint16_t status);
void (*wpa3_clear_sae)(void);
};
struct wps_scan_ie {

BIN
components/network/wifi/lib/libwifi.a
View File

Binary file not shown.

20
components/network/wifi_manager/bl60x_wifi_driver/bl_main.c
View File

@ -469,13 +469,25 @@ int bl_main_cfg_task_req(uint32_t ops, uint32_t task, uint32_t element, uint32_t
return bl_send_cfg_task_req(&wifi_hw, ops, task, element, type, arg1, arg2);
}
int bl_main_scan(struct netif *netif, uint16_t *fixed_channels, uint16_t channel_num, struct mac_addr *bssid, struct mac_ssid *ssid)
int bl_main_scan(struct netif *netif, uint16_t *fixed_channels, uint16_t channel_num, struct mac_addr *bssid, struct mac_ssid *ssid, uint8_t scan_mode, uint32_t duration_scan)
{
struct bl_send_scanu_para scanu_para;
scanu_para.channels = fixed_channels;
scanu_para.channel_num = channel_num;
scanu_para.bssid = bssid;
scanu_para.ssid = ssid;
scanu_para.mac = netif->hwaddr;
scanu_para.scan_mode = scan_mode;
scanu_para.duration_scan = duration_scan;
if (0 == channel_num) {
bl_send_scanu_req(&wifi_hw, NULL, 0, bssid, ssid, netif->hwaddr);
scanu_para.channels = NULL;
scanu_para.channel_num = 0;
bl_send_scanu_req(&wifi_hw, &scanu_para);
} else {
if (bl_get_fixed_channels_is_valid(fixed_channels, channel_num)) {
bl_send_scanu_req(&wifi_hw, fixed_channels, channel_num, bssid, ssid, netif->hwaddr);
bl_send_scanu_req(&wifi_hw, &scanu_para);
} else {
bl_os_printf("---->unvalid channel");
}
@ -605,4 +617,4 @@ int bl_main_rtthread_start(struct bl_hw **bl_hw)
//TODO check ret from cfg80211_init
ret = bl_open(*bl_hw);
return ret;
}
}

4
components/network/wifi_manager/bl60x_wifi_driver/bl_main.h
View File

@ -64,7 +64,7 @@ int bl_main_apm_sta_delete(uint8_t sta_idx);
int bl_main_apm_remove_all_sta();
int bl_main_conf_max_sta(uint8_t max_sta_supported);
int bl_main_cfg_task_req(uint32_t ops, uint32_t task, uint32_t element, uint32_t type, void *arg1, void *arg2);
int bl_main_scan(struct netif *netif, uint16_t *fixed_channels, uint16_t channel_num, struct mac_addr *bssid, struct mac_ssid *ssid);
int bl_main_scan(struct netif *netif, uint16_t *fixed_channels, uint16_t channel_num, struct mac_addr *bssid, struct mac_ssid *ssid, uint8_t scan_mode, uint32_t duration_scan);
int bl_main_raw_send(uint8_t *pkt , int len);
int bl_main_set_country_code(char *country_code);
int bl_main_get_channel_nums();
@ -144,6 +144,7 @@ typedef struct
struct wifi_event_beacon_ind
{
int mode;
uint8_t bssid[6];
uint8_t ssid[33];
int8_t rssi;
@ -158,6 +159,7 @@ struct wifi_event_beacon_ind
wifi_cipher_t rsn_ucstCipher;
wifi_secmode_t sec_mode;
int ssid_len;
uint8_t wps;
};
#pragma pack(push,1)

34
components/network/wifi_manager/bl60x_wifi_driver/bl_msg_tx.c
View File

@ -616,7 +616,7 @@ int bl_send_remove_if(struct bl_hw *bl_hw, uint8_t inst_nbr)
return bl_send_msg(bl_hw, remove_if_req_param, 1, MM_REMOVE_IF_CFM, NULL);
}
int bl_send_scanu_req(struct bl_hw *bl_hw, uint16_t *channels, uint16_t channel_num, struct mac_addr *bssid, struct mac_ssid *ssid, const uint8_t *mac)
int bl_send_scanu_req(struct bl_hw *bl_hw, struct bl_send_scanu_para *scanu_para)
{
struct scanu_start_req *req;
int i, index;
@ -633,30 +633,30 @@ int bl_send_scanu_req(struct bl_hw *bl_hw, uint16_t *channels, uint16_t channel_
}
/* Set parameters */
//FIXME should we use vif_index_sta when NO sta is added or just use 0?
req->vif_idx = bl_hw->vif_index_sta;
if (0 == channel_num) {
// Always use idx 0, because vif_idx in vif_entry could be 0, leading to probe_rep tx fail
req->vif_idx = 0;
if (0 == scanu_para->channel_num) {
req->chan_cnt = channel_num_default;
} else {
req->chan_cnt = channel_num;
req->chan_cnt = scanu_para->channel_num;
}
req->ssid_cnt = 1;
if (ssid != NULL && ssid->length) {
req->ssid[0].length = ssid->length;
memcpy(req->ssid[0].array, ssid->array, req->ssid[0].length);
if (scanu_para->ssid != NULL && scanu_para->ssid->length) {
req->ssid[0].length = scanu_para->ssid->length;
memcpy(req->ssid[0].array, scanu_para->ssid->array, req->ssid[0].length);
} else {
req->ssid[0].length = 0;
//if specfied ssid, ignore user setting passive mode
if (req->ssid_cnt == 0 || scanu_para->scan_mode == SCAN_PASSIVE)
{
chan_flags |= SCAN_PASSIVE_BIT;
}
}
memcpy((uint8_t *)&(req->bssid), (uint8_t *)bssid, ETH_ALEN);
memcpy(&(req->mac), mac, ETH_ALEN);
memcpy((uint8_t *)&(req->bssid), (uint8_t *)scanu_para->bssid, ETH_ALEN);
memcpy(&(req->mac), scanu_para->mac, ETH_ALEN);
req->no_cck = true;//FIXME params? talk with firmware guys
if (req->ssid_cnt == 0)
{
chan_flags |= SCAN_PASSIVE_BIT;
}
#if 0
for (i = 0; i < req->ssid_cnt; i++) {
int j;
@ -671,7 +671,7 @@ int bl_send_scanu_req(struct bl_hw *bl_hw, uint16_t *channels, uint16_t channel_
req->add_ies = 0;
for (i = 0; i < req->chan_cnt; i++) {
index = (channel_num_default == req->chan_cnt) ? i : (channels[i] - 1);
index = (channel_num_default == req->chan_cnt) ? i : (scanu_para->channels[i] - 1);
chan = &(channels_default[index]);
req->chan[i].band = chan->band;
@ -680,6 +680,8 @@ int bl_send_scanu_req(struct bl_hw *bl_hw, uint16_t *channels, uint16_t channel_
req->chan[i].tx_power = chan->max_reg_power;
}
req->duration_scan = scanu_para->duration_scan;
/* Send the SCANU_START_REQ message to LMAC FW */
return bl_send_msg(bl_hw, req, 0, 0, NULL);
}

12
components/network/wifi_manager/bl60x_wifi_driver/bl_msg_tx.h
View File

@ -31,6 +31,16 @@
#define __RWNX_MSG_TX_H__
#include "bl_defs.h"
struct bl_send_scanu_para {
uint16_t *channels;
uint16_t channel_num;
struct mac_addr *bssid;
struct mac_ssid *ssid;
uint8_t *mac;
uint8_t scan_mode;
uint32_t duration_scan;
};
int bl_send_reset(struct bl_hw *bl_hw);
int bl_send_monitor_enable(struct bl_hw *bl_hw, struct mm_monitor_cfm *cfm);
/*
@ -48,7 +58,7 @@ int bl_send_start(struct bl_hw *bl_hw);
int bl_send_add_if(struct bl_hw *bl_hw, const unsigned char *mac,
enum nl80211_iftype iftype, bool p2p, struct mm_add_if_cfm *cfm);
int bl_send_remove_if(struct bl_hw *bl_hw, uint8_t inst_nbr);
int bl_send_scanu_req(struct bl_hw *bl_hw, uint16_t *channels, uint16_t channel_num, struct mac_addr *bssid, struct mac_ssid *ssid, const uint8_t *mac);
int bl_send_scanu_req(struct bl_hw *bl_hw, struct bl_send_scanu_para *scanu_para);
int bl_send_scanu_raw_send(struct bl_hw *bl_hw, uint8_t *pkt, int len);
int bl_send_sm_connect_req(struct bl_hw *bl_hw, struct cfg80211_connect_params *sme, struct sm_connect_cfm *cfm);
int bl_send_sm_disconnect_req(struct bl_hw *bl_hw);

29
components/network/wifi_manager/bl60x_wifi_driver/bl_rx.c
View File

@ -88,6 +88,7 @@ static const struct reason_code sm_reason_list[] = {
{WLAN_FW_DISCONNECT_BY_USER_WITH_DEAUTH, "user disconnect and send deauth"},
{WLAN_FW_DISCONNECT_BY_USER_NO_DEAUTH, "user disconnect but no send deauth"},
{WLAN_FW_DISCONNECT_BY_FW_PS_TX_NULLFRAME_FAILURE, "fw disconnect(tx nullframe failures)"},
{WLAN_FW_TRAFFIC_LOSS, "fw disconnect(traffic loss)"},
};
static const struct reason_code apm_reason_list[] = {
@ -424,6 +425,34 @@ static void _rx_handle_beacon(struct scanu_result_ind *ind, struct ieee80211_mgm
find_ie_ssid(mgmt->u.beacon.variable, ind->length, ind_new.ssid, &ind_new.ssid_len);
find_ie_ds(mgmt->u.beacon.variable, ind->length, &ind_new.channel);
elmt_addr = mac_vsie_find(var_part_addr, var_part_len, (const uint8_t *) "\x00\x50\xF2\x04", 4);
if (elmt_addr != 0)
{
/*wps is suoported*/
ind_new.wps = 1;
} else {
/*wps isn't supported*/
ind_new.wps = 0;
}
/* TODO: Only consider 2.4G and bgn mode
* (NO 5G and a/ac/ax) / (NO g-only and n-only difference)
*/
#define MAC_ELTID_HT_CAPA 45
#define MAC_ELTID_EXT_RATES 50
if (mac_ie_find(var_part_addr, var_part_len, MAC_ELTID_HT_CAPA))
{
ind_new.mode = (WIFI_MODE_802_11B | WIFI_MODE_802_11G | WIFI_MODE_802_11N_2_4);
}
else if (mac_ie_find(var_part_addr, var_part_len, MAC_ELTID_EXT_RATES))
{
ind_new.mode = (WIFI_MODE_802_11B | WIFI_MODE_802_11G);
}
else
{
ind_new.mode = (WIFI_MODE_802_11B);
}
if (WLAN_CAPABILITY_PRIVACY & (le16_to_cpu(mgmt->u.beacon.capab_info))) {
wifi_wpa_ie_t *parsed_wpa_ie[2] = {};
int parsed_wpa_ie_len = 0;

2
components/network/wifi_manager/bl60x_wifi_driver/bl_tx.c
View File

@ -49,7 +49,7 @@ static struct bl_hw *bl_hw_static = &wifi_hw;
#define ARRAY_LEN(a) (sizeof(a) / sizeof((a)[0]))
#endif
#if defined(CFG_CHIP_BL808)
#if defined(CFG_CHIP_BL808) || defined(CFG_CHIP_BL606P)
void bl_tx_push(struct bl_hw *bl_hw, struct bl_txhdr *txhdr)
{
volatile struct hostdesc *host;

3
components/network/wifi_manager/bl60x_wifi_driver/bl_utils.c
View File

@ -406,6 +406,9 @@ int tcpip_stack_input(void *swdesc, uint8_t status, void *hwhdr, unsigned int ms
#if defined(CFG_CHIP_BL808)
h = _handle_frame_from_stack_with_mempool(swdesc, msdu_offset, pkt);
zerocopy = false;
#elif defined(CFG_CHIP_BL606P)
h = _handle_frame_from_stack_with_mempool(swdesc, msdu_offset, pkt);
zerocopy = false;
#else
h = _handle_frame_from_stack_with_zerocopy(swdesc, msdu_offset, pkt);
zerocopy = true;

7
components/network/wifi_manager/bl60x_wifi_driver/include/wifi_mgmr_ext.h
View File

@ -77,7 +77,11 @@ struct ap_connect_adv {
/* MISC flags */
/* XXX following flag values and connection flags defined in mac.h should be identical */
#define WIFI_CONNECT_STOP_SCAN_ALL_CHANNEL_IF_TARGET_AP_FOUND (1 << 6)
#define WIFI_CONNECT_PCI_EN (1 << 7)
#define WIFI_CONNECT_STOP_SCAN_CURRENT_CHANNEL_IF_TARGET_AP_FOUND (1 << 8)
#define WIFI_CONNECT_PMF_CAPABLE (1 << 9)
#define WIFI_CONNECT_PMF_REQUIRED (1 << 10)
uint32_t flags;
};
@ -245,6 +249,7 @@ int wifi_mgmr_ap_ip_get(uint32_t *ip, uint32_t *gw, uint32_t *mask);
int wifi_mgmr_ap_stop(wifi_interface_t *interface);
int wifi_mgmr_ap_start(wifi_interface_t *interface, char *ssid, int hidden_ssid, char *passwd, int channel);
int wifi_mgmr_ap_start_adv(wifi_interface_t *interface, char *ssid, int hidden_ssid, char *passwd, int channel, uint8_t use_dhcp);
int wifi_mgmr_ap_start_atcmd(wifi_interface_t *interface, char *ssid, int hidden_ssid, char *passwd, int channel, int max_sta_supported);
int wifi_mgmr_ap_sta_cnt_get(uint8_t *sta_cnt);
int wifi_mgmr_ap_sta_info_get(struct wifi_sta_basic_info *sta_info, uint8_t idx);
int wifi_mgmr_ap_sta_delete(uint8_t sta_idx);
@ -268,7 +273,7 @@ int wifi_mgmr_channel_set(int channel, int use_40Mhz);
int wifi_mgmr_all_ap_scan(wifi_mgmr_ap_item_t **ap_ary, uint32_t *num);
int wifi_mgmr_scan_filter_hidden_ssid(int filter);
int wifi_mgmr_scan(void *data, scan_complete_cb_t cb);
int wifi_mgmr_scan_adv(void *data, scan_complete_cb_t cb, uint16_t *channels, uint16_t channel_num, const uint8_t bssid[6], const char *ssid);
int wifi_mgmr_scan_adv(void *data, scan_complete_cb_t cb, uint16_t *channels, uint16_t channel_num, const uint8_t bssid[6], const char *ssid, uint8_t scan_mode, uint32_t duration_scan);
int wifi_mgmr_cfg_req(uint32_t ops, uint32_t task, uint32_t element, uint32_t type, uint32_t length, uint32_t *buf);
int wifi_mgmr_scan_complete_callback();
int wifi_mgmr_cli_scanlist(void);

4
components/network/wifi_manager/bl60x_wifi_driver/ipc_shared.h
View File

@ -172,6 +172,10 @@ struct txdesc_host
uint32_t eth_packet[1600/4];
#endif
#if defined(CFG_CHIP_BL606P)
uint32_t eth_packet[1600/4];
#endif
/// API of the embedded part
struct hostdesc host;

20
components/network/wifi_manager/bl60x_wifi_driver/lmac_msg.h
View File

@ -70,6 +70,24 @@ enum
CO_OP_IN_PROGRESS,
};
/// WiFi Mode
typedef enum {
/// 802.ll b
WIFI_MODE_802_11B = 0x01,
/// 802.11 a
WIFI_MODE_802_11A = 0x02,
/// 802.11 g
WIFI_MODE_802_11G = 0x04,
/// 802.11n at 2.4GHz
WIFI_MODE_802_11N_2_4 = 0x08,
/// 802.11n at 5GHz
WIFI_MODE_802_11N_5 = 0x10,
/// 802.11ac at 5GHz
WIFI_MODE_802_11AC_5 = 0x20,
/// Reserved for future use
WIFI_MODE_RESERVED = 0x40,
} WiFi_Mode_t;
/// Remain on channel operation codes
enum mm_remain_on_channel_op
{
@ -793,6 +811,8 @@ struct scanu_start_req
bool no_cck;
/// MISC flags
uint32_t flags;
/// channel scan time
uint32_t duration_scan;
};
struct scanu_raw_send_req

3
components/network/wifi_manager/bl60x_wifi_driver/wifi.c
View File

@ -226,10 +226,13 @@ int bl606a0_wifi_init(wifi_conf_t *conf)
wifiMgmr.hostname[MAX_HOSTNAME_LEN_CHECK - 1] = '\0';
bl_os_printf(" hostname: %s\r\n", wifiMgmr.hostname);
bl_msg_update_channel_cfg(conf->country_code);
strncpy(wifiMgmr.country_code, conf->country_code, sizeof(wifiMgmr.country_code));
wifiMgmr.country_code[2] = '\0';
bl_os_printf("-----------------------------------------------------\r\n");
bl_wifi_clock_enable();//Enable wifi clock
memset(&bl606a0_sta, 0, sizeof(bl606a0_sta));
ret = bl_main_rtthread_start(&(bl606a0_sta.bl_hw));
wifiMgmr.channel_nums = bl_msg_get_channel_nums();
return ret;
}

45
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr.c
View File

@ -97,6 +97,21 @@ static int _features_is_set(uint32_t bit)
return (wifiMgmr.features & bit) ? 1 : 0;
}
char *wifi_mgmr_mode_to_str(uint32_t mode)
{
switch (mode)
{
case (WIFI_MODE_802_11B):
return "B";
case (WIFI_MODE_802_11B | WIFI_MODE_802_11G):
return "BG";
case (WIFI_MODE_802_11B | WIFI_MODE_802_11G | WIFI_MODE_802_11N_2_4):
return "BGN";
default:
return "Unknown";
}
}
char *wifi_mgmr_auth_to_str(uint8_t auth)
{
switch (auth) {
@ -237,6 +252,8 @@ int wifi_mgmr_scan_beacon_save( wifi_mgmr_scan_item_t *scan )
wifiMgmr.scan_items[i].timestamp_lastseen = counter;
wifiMgmr.scan_items[i].auth = scan->auth;
wifiMgmr.scan_items[i].cipher = scan->cipher;
wifiMgmr.scan_items[i].wps = scan->wps;
wifiMgmr.scan_items[i].mode = scan->mode;
}
break;
}
@ -258,6 +275,8 @@ int wifi_mgmr_scan_beacon_save( wifi_mgmr_scan_item_t *scan )
wifiMgmr.scan_items[i].timestamp_lastseen = counter;
wifiMgmr.scan_items[i].auth = scan->auth;
wifiMgmr.scan_items[i].cipher = scan->cipher;
wifiMgmr.scan_items[i].wps = scan->wps;
wifiMgmr.scan_items[i].mode = scan->mode;
wifiMgmr.scan_items[i].is_used = 1;
}
}
@ -342,6 +361,8 @@ static bool stateGlobalGuard_fw_scan(void *ch, struct event *event)
wifi_mgmr_scan_params_t *ch_req;
struct mac_ssid *ssid = NULL;
struct mac_addr bssid;
uint8_t scan_mode;
uint32_t duration_scan;
msg = event->data;
@ -364,6 +385,8 @@ static bool stateGlobalGuard_fw_scan(void *ch, struct event *event)
channel_num = ch_req->channel_num;
ssid = &(ch_req->ssid);
memcpy((uint8_t *)&bssid, ch_req->bssid, ETH_ALEN);
scan_mode = ch_req->scan_mode;
duration_scan = ch_req->duration_scan;
#if 0
if (channel_num) {
bl_os_printf("%s len:%d \r\n",__func__, channel_num);
@ -386,11 +409,11 @@ static bool stateGlobalGuard_fw_scan(void *ch, struct event *event)
if (channel_num) {
bl_os_printf("------>>>>>> Scan CMD fixed channels_num:%u\r\n", channel_num);
bl_main_scan(&wifiMgmr.wlan_sta.netif, ch_req->channels, channel_num, &bssid, ssid);
bl_main_scan(&wifiMgmr.wlan_sta.netif, ch_req->channels, channel_num, &bssid, ssid, scan_mode, duration_scan);
} else {
/*normal scan command*/
bl_os_printf("------>>>>>> Scan CMD\r\n");
bl_main_scan(&wifiMgmr.wlan_sta.netif, NULL, 0, &bssid, ssid);
bl_main_scan(&wifiMgmr.wlan_sta.netif, NULL, 0, &bssid, ssid, scan_mode, duration_scan);
}
return false;
@ -506,6 +529,11 @@ void dhcpd_start(struct netif *netif);
netifapi_netif_common(&(wifiMgmr.wlan_ap.netif), dhcpd_start, NULL);
}
if (ap->max_sta_supported >= 0) {
bl_os_printf(DEBUG_HEADER "Conf max sta supported %d;\r\n", ap->max_sta_supported);
bl_main_conf_max_sta(ap->max_sta_supported);
}
bl_os_printf(DEBUG_HEADER "start AP with ssid %s;\r\n", ap->ssid);
bl_os_printf(DEBUG_HEADER " pwd %s;\r\n", ap->psk);
bl_os_printf(DEBUG_HEADER " channel %ld;\r\n", ap->channel);
@ -1076,7 +1104,7 @@ static void stateConnectedIPYes_enter( void *stateData, struct event *event )
aos_post_event(EV_WIFI, CODE_WIFI_ON_GOT_IP, 0);
if (_pending_task_is_set(WIFI_MGMR_PENDING_TASK_SCAN_BIT)) {
bl_os_printf(DEBUG_HEADER "Pending Scan Sent\r\n");
bl_main_scan(&wifiMgmr.wlan_sta.netif, NULL, 0, (struct mac_addr *)&mac_addr_bcst, NULL);
bl_main_scan(&wifiMgmr.wlan_sta.netif, NULL, 0, (struct mac_addr *)&mac_addr_bcst, NULL, 0, 0);
_pending_task_clr_safely(WIFI_MGMR_PENDING_TASK_SCAN_BIT);
}
}
@ -1235,7 +1263,7 @@ void helper_record_dump();
if (_pending_task_is_set(WIFI_MGMR_PENDING_TASK_SCAN_BIT)) {
bl_os_printf(DEBUG_HEADER "Pending Scan Sent\r\n");
bl_main_scan(&wifiMgmr.wlan_sta.netif, NULL, 0, (struct mac_addr *)&mac_addr_bcst, NULL);
bl_main_scan(&wifiMgmr.wlan_sta.netif, NULL, 0, (struct mac_addr *)&mac_addr_bcst, NULL, 0, 0);
_pending_task_clr_safely(WIFI_MGMR_PENDING_TASK_SCAN_BIT);
}
}
@ -1283,10 +1311,17 @@ int wifi_mgmr_pending_task_set(uint32_t bits)
int wifi_mgmr_event_notify(wifi_mgmr_msg_t *msg, int use_block)
{
int ret;
uint8_t limit = 50;
while (0 == wifiMgmr.ready) {
bl_os_printf("Wait Wi-Fi Mgmr Start up...\r\n");
bl_os_printf("Waiting Wi-Fi Mgmr Start up...\r\n");
bl_os_msleep(20);
if (0 == (limit--))
{
bl_os_printf("Wi-Fi Mgmr NOT Start up! Start it first!\r\n");
return -1;
}
}
ret = use_block ? bl_os_queue_send_wait(wifiMgmr.mq, msg, msg->len, BL_OS_WAITING_FOREVER, 0) :
bl_os_queue_send(wifiMgmr.mq, msg, msg->len);

8
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr.h
View File

@ -42,6 +42,8 @@
#define WIFI_MGMR_MQ_MSG_COUNT (1)
#define MAC_ADDR_LIST(m) (m)[0], (m)[1], (m)[2], (m)[3], (m)[4], (m)[5]
#define WIFI_MGMR_CONNECT_PMF_CAPABLE_BIT (1 << 0)
#define WIFI_MGMR_CONNECT_PMF_REQUIRED_BIT (1 << 1)
/**
****************************************************************************************
@ -167,6 +169,7 @@ typedef struct wifi_mgmr_ap_msg {
char psk_tail[1];
uint8_t use_dhcp_server;
uint32_t psk_len;
int8_t max_sta_supported;
} wifi_mgmr_ap_msg_t;
#pragma pack(pop)
@ -205,6 +208,7 @@ typedef struct
} wifi_mgmr_cipher_t;
typedef struct wifi_mgmr_scan_item {
uint32_t mode;
uint32_t timestamp_lastseen;
uint16_t ssid_len;
uint8_t channel;
@ -217,6 +221,7 @@ typedef struct wifi_mgmr_scan_item {
uint8_t auth;
uint8_t cipher;
uint8_t is_used;
uint8_t wps;
} wifi_mgmr_scan_item_t;
struct wlan_netif {
@ -245,6 +250,8 @@ typedef struct wifi_mgmr_scan_params {
uint16_t channel_num;
uint16_t channels[MAX_FIXED_CHANNELS_LIMIT];
struct mac_ssid ssid;
uint8_t scan_mode;
uint32_t duration_scan;
} wifi_mgmr_scan_params_t;
typedef struct wifi_mgmr_connect_ind_stat_info {
@ -337,6 +344,7 @@ int wifi_mgmr_ap_sta_info_get_internal(wifi_mgmr_sta_basic_info_t *sta_info_inte
int wifi_mgmr_ap_sta_delete_internal(uint8_t sta_idx);
int wifi_mgmr_scan_complete_notify();
extern wifi_mgmr_t wifiMgmr;
char *wifi_mgmr_mode_to_str(uint32_t mode);
char *wifi_mgmr_auth_to_str(uint8_t auth);
char *wifi_mgmr_cipher_to_str(uint8_t cipher);
int wifi_mgmr_api_fw_tsen_reload(void);

28
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr_api.c
View File

@ -224,7 +224,7 @@ int wifi_mgmr_api_sniffer_enable(void)
return wifi_mgmr_api_common_msg(WIFI_MGMR_EVENT_APP_SNIFFER, (void*)0x1, (void*)0x2);
}
int wifi_mgmr_api_scan_item_beacon(uint8_t channel, int8_t rssi, uint8_t auth, uint8_t mac[], uint8_t ssid[], int len, int8_t ppm_abs, int8_t ppm_rel, uint8_t cipher)
int wifi_mgmr_api_scan_item_beacon(uint8_t channel, int8_t rssi, uint8_t auth, uint8_t mac[], uint8_t ssid[], int len, int8_t ppm_abs, int8_t ppm_rel, uint8_t cipher, uint8_t wps, uint32_t mode)
{
wifi_mgmr_scan_item_t scan;
@ -239,6 +239,8 @@ int wifi_mgmr_api_scan_item_beacon(uint8_t channel, int8_t rssi, uint8_t auth, u
scan.cipher = cipher;
scan.ppm_abs = ppm_abs;
scan.ppm_rel = ppm_rel;
scan.wps = wps;
scan.mode = mode;
return wifi_mgmr_scan_beacon_save(&scan);
}
@ -253,7 +255,7 @@ int wifi_mgmr_api_fw_tsen_reload(void)
return wifi_mgmr_api_common_msg(WIFI_MGMR_EVENT_APP_RELOAD_TSEN, (void*)0x1, (void*)0x2);
}
int wifi_mgmr_api_fw_scan(uint16_t *channels, uint16_t channel_num, const uint8_t bssid[6], const char *scanssid)
int wifi_mgmr_api_fw_scan(wifi_mgmr_scan_params_t scan_params)
{
wifi_mgmr_msg_t *msg;
wifi_mgmr_scan_params_t *ch_req;
@ -264,17 +266,18 @@ int wifi_mgmr_api_fw_scan(uint16_t *channels, uint16_t channel_num, const uint8_
msg = (wifi_mgmr_msg_t*)buffer;
ch_req = (wifi_mgmr_scan_params_t*)msg->data;
ch_req->channel_num = channel_num;
memcpy(ch_req->bssid, bssid, ETH_ALEN);
ch_req->channel_num = scan_params.channel_num;
ch_req->scan_mode = scan_params.scan_mode;
ch_req->duration_scan = scan_params.duration_scan;
memcpy(ch_req->bssid, scan_params.bssid, ETH_ALEN);
ssid = &(ch_req->ssid);
if (channel_num) {
memcpy(ch_req->channels, channels, sizeof(ch_req->channels[0]) * channel_num);
if (scan_params.channel_num) {
memcpy(ch_req->channels, scan_params.channels, sizeof(scan_params.channels[0]) * scan_params.channel_num);
}
if (scanssid != NULL) {
ssid->length = strlen(scanssid);
ssid->length = (ssid->length > MAC_SSID_LEN) ? MAC_SSID_LEN : ssid->length;
memcpy(ssid->array, scanssid, ch_req->ssid.length);
if (scan_params.ssid.length != 0) {
ssid->length = scan_params.ssid.length;
memcpy(ssid->array, scan_params.ssid.array, scan_params.ssid.length);
ssid->array_tail[0] = '\0';
}
@ -283,7 +286,7 @@ int wifi_mgmr_api_fw_scan(uint16_t *channels, uint16_t channel_num, const uint8_
WIFI_MGMR_EVENT_FW_SCAN,
(void*)0x1,
(void*)0x2,
sizeof (wifi_mgmr_msg_t) + sizeof(wifi_mgmr_scan_params_t) + sizeof(ch_req->channels[0]) * channel_num
sizeof (wifi_mgmr_msg_t) + sizeof(wifi_mgmr_scan_params_t) + sizeof(ch_req->channels[0]) * ch_req->channel_num
);
}
@ -293,7 +296,7 @@ int wifi_mgmr_api_fw_powersaving(int mode)
return wifi_mgmr_api_common_msg(WIFI_MGMR_EVENT_FW_POWERSAVING, (void*)mode, (void*)0x2);
}
int wifi_mgmr_api_ap_start(char *ssid, char *passwd, int channel, uint8_t hidden_ssid, uint8_t use_dhcp_server)
int wifi_mgmr_api_ap_start(char *ssid, char *passwd, int channel, uint8_t hidden_ssid, int8_t max_sta_supported, uint8_t use_dhcp_server)
{
wifi_mgmr_msg_t *msg;
wifi_mgmr_ap_msg_t *ap;
@ -322,6 +325,7 @@ int wifi_mgmr_api_ap_start(char *ssid, char *passwd, int channel, uint8_t hidden
ap->channel = channel;
ap->hidden_ssid = hidden_ssid ? 1 : 0;
ap->use_dhcp_server = use_dhcp_server ? 1 : 0;
ap->max_sta_supported = max_sta_supported;
return wifi_mgmr_api_common(
msg,

6
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr_api.h
View File

@ -61,7 +61,7 @@ int wifi_mgmr_api_rate_config(uint16_t config);
int wifi_mgmr_api_conf_max_sta(uint8_t max_sta_supported);
int wifi_mgmr_api_ifaceup(void);
int wifi_mgmr_api_sniffer_enable(void);
int wifi_mgmr_api_ap_start(char *ssid, char *passwd, int channel, uint8_t hidden_ssid, uint8_t use_dhcp_server);
int wifi_mgmr_api_ap_start(char *ssid, char *passwd, int channel, uint8_t hidden_ssid, int8_t max_sta_supported, uint8_t use_dhcp_server);
int wifi_mgmr_api_ap_stop(void);
int wifi_mgmr_api_idle(void);
int wifi_mgmr_api_channel_set(int channel, int use_40Mhz);
@ -70,7 +70,7 @@ int wifi_mgmr_api_set_country_code(char *country_code);
/*section for fw api*/
int wifi_mgmr_api_fw_disconnect(void);
int wifi_mgmr_api_fw_scan(uint16_t *channels, uint16_t channel_num, const uint8_t bssid[6], const char *scanssid);
int wifi_mgmr_api_fw_scan(wifi_mgmr_scan_params_t scan_params);
#define WIFI_MGMR_API_FW_POWERSAVING_MODE_OFF (1)
#define WIFI_MGMR_API_FW_POWERSAVING_MODE_ON (2)
#define WIFI_MGMR_API_FW_POWERSAVING_MODE_DYNAMIC_ON (3)
@ -81,5 +81,5 @@ int wifi_mgmr_api_denoise_enable(void);
int wifi_mgmr_api_denoise_disable(void);
/*section for global event*/
int wifi_mgmr_api_scan_item_beacon(uint8_t channel, int8_t rssi, uint8_t auth, uint8_t mac[], uint8_t ssid[], int len, int8_t ppm_abs, int8_t ppm_rel, uint8_t cipher);
int wifi_mgmr_api_scan_item_beacon(uint8_t channel, int8_t rssi, uint8_t auth, uint8_t mac[], uint8_t ssid[], int len, int8_t ppm_abs, int8_t ppm_rel, uint8_t cipher, uint8_t wps, uint32_t mode);
#endif

114
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr_cli.c
View File

@ -42,6 +42,7 @@
#include <utils_string.h>
#include <utils_getopt.h>
#include <wifi_mgmr_ext.h>
#include <bl_defs.h>
#define WIFI_AP_DATA_RATE_1Mbps 0x00
#define WIFI_AP_DATA_RATE_2Mbps 0x01
@ -272,7 +273,7 @@ int wifi_mgmr_cli_scanlist(void)
bl_os_printf("****************************************************************************************************\r\n");
for (i = 0; i < sizeof(wifiMgmr.scan_items)/sizeof(wifiMgmr.scan_items[0]); i++) {
if (wifiMgmr.scan_items[i].is_used && (!wifi_mgmr_scan_item_is_timeout(&wifiMgmr, &wifiMgmr.scan_items[i]))) {
bl_os_printf("index[%02d]: channel %02u, bssid %02X:%02X:%02X:%02X:%02X:%02X, rssi %3d, ppm abs:rel %3d : %3d, auth %20s, cipher:%12s, SSID %s\r\n",
bl_os_printf("index[%02d]: channel %02u, bssid %02X:%02X:%02X:%02X:%02X:%02X, rssi %3d, ppm abs:rel %3d : %3d, wps %2d, mode %6s, auth %20s, cipher:%12s, SSID %s\r\n",
i,
wifiMgmr.scan_items[i].channel,
wifiMgmr.scan_items[i].bssid[0],
@ -284,6 +285,8 @@ int wifi_mgmr_cli_scanlist(void)
wifiMgmr.scan_items[i].rssi,
wifiMgmr.scan_items[i].ppm_abs,
wifiMgmr.scan_items[i].ppm_rel,
wifiMgmr.scan_items[i].wps,
wifi_mgmr_mode_to_str(wifiMgmr.scan_items[i].mode),
wifi_mgmr_auth_to_str(wifiMgmr.scan_items[i].auth),
wifi_mgmr_cipher_to_str(wifiMgmr.scan_items[i].cipher),
wifiMgmr.scan_items[i].ssid
@ -342,7 +345,7 @@ static void wifi_bcnint_set(char *buf, int len, int argc, char **argv)
}
}
static void _scan_channels(int channel_input_num, uint8_t channel_input[MAX_FIXED_CHANNELS_LIMIT], uint8_t bssid[6], const char *ssid)
static void _scan_channels(int channel_input_num, uint8_t channel_input[MAX_FIXED_CHANNELS_LIMIT], uint8_t bssid[6], const char *ssid, uint8_t scan_mode, uint32_t duration_scan)
{
int i;
uint16_t channel_num = 0;
@ -352,7 +355,7 @@ static void _scan_channels(int channel_input_num, uint8_t channel_input[MAX_FIXE
channels[i] = channel_input[i];
}
channel_num = channel_input_num;
wifi_mgmr_scan_adv(NULL, NULL, channels, channel_num, bssid, ssid);
wifi_mgmr_scan_adv(NULL, NULL, channels, channel_num, bssid, ssid, scan_mode, duration_scan);
}
@ -365,11 +368,18 @@ static void wifi_scan_cmd(char *buf, int len, int argc, char **argv)
int bssid_set_flag = 0;
uint8_t mac[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
getopt_env_t getopt_env;
/*
* default: active scan
*/
uint8_t scan_mode = SCAN_ACTIVE;
/*if 0, use default scan time in fw,
* unit:us*/
uint32_t duration_scan_us = 0;
utils_getopt_init(&getopt_env, 0);
while ((opt = utils_getopt(&getopt_env, argc, argv, "s:c:b:")) != -1) {
while ((opt = utils_getopt(&getopt_env, argc, argv, "s:c:b:mt:")) != -1) {
switch (opt) {
case 's':
{
@ -384,12 +394,24 @@ static void wifi_scan_cmd(char *buf, int len, int argc, char **argv)
break;
case 'b':
{
bssid_set_flag = 1;
utils_parse_number(getopt_env.optarg, ':', mac, 6, 16);
bl_os_printf("bssid: %s, mac:%02X:%02X:%02X:%02X:%02X:%02X\r\n", getopt_env.optarg,
bssid_set_flag = 1;
utils_parse_number(getopt_env.optarg, ':', mac, 6, 16);
bl_os_printf("bssid: %s, mac:%02X:%02X:%02X:%02X:%02X:%02X\r\n", getopt_env.optarg,
mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
}
break;
case 'm':
{
scan_mode = SCAN_PASSIVE;
bl_os_printf("set scan mode: passive scan(%d)\r\n", scan_mode);
}
break;
case 't':
{
duration_scan_us = atoi(getopt_env.optarg);
duration_scan_us *= 1000;
}
break;
default:
{
bl_os_printf("unknow option: %c\r\n", getopt_env.optopt);
@ -397,14 +419,7 @@ static void wifi_scan_cmd(char *buf, int len, int argc, char **argv)
}
}
if (channel_input_num || ssid || bssid_set_flag) {
/*channel list specified scan*/
_scan_channels(channel_input_num, channel_input, mac, ssid);
return;
}
/*normal scan*/
wifi_mgmr_scan(NULL, NULL);
_scan_channels(channel_input_num, channel_input, mac, ssid, scan_mode, duration_scan_us);
}
static void wifi_scan_filter_cmd(char *buf, int len, int argc, char **argv)
@ -572,6 +587,10 @@ static void wifi_connect_cmd(char *buf, int len, int argc, char **argv)
int quick_connect = 0;
uint32_t flags = 0;
open_bss_flag = 0;
int pci_en = 0;
int scan_mode = 0;
uint8_t pmf_flag = WIFI_MGMR_CONNECT_PMF_CAPABLE_BIT;
uint16_t itv = 0;
if (2 > argc) {
goto _ERROUT;
@ -579,7 +598,7 @@ static void wifi_connect_cmd(char *buf, int len, int argc, char **argv)
utils_getopt_init(&getopt_env, 0);
while ((opt = utils_getopt(&getopt_env, argc, argv, "c:b:q")) != -1) {
while ((opt = utils_getopt(&getopt_env, argc, argv, "c:b:t:qmpf:")) != -1) {
switch (opt) {
case 'c':
channel_index = atoi(getopt_env.optarg);
@ -595,6 +614,28 @@ static void wifi_connect_cmd(char *buf, int len, int argc, char **argv)
case 'q':
++quick_connect;
break;
case 't':
itv = atoi(getopt_env.optarg);
wifi_mgmr_set_listen_interval(itv);
bl_os_printf("set listen itv: %d\r\n", itv);
break;
case 'm':
++scan_mode;
break;
case 'p':
++pci_en;
break;
case 'f':
pmf_flag = atoi(getopt_env.optarg);
if (pmf_flag == 2) {
bl_os_printf("wrong pmf_flag value, value range [0/1/3]\r\n");
goto _ERROUT;
}
break;
case '?':
bl_os_printf("unknow option: %c\r\n", getopt_env.optopt);
@ -616,13 +657,32 @@ static void wifi_connect_cmd(char *buf, int len, int argc, char **argv)
flags |= WIFI_CONNECT_STOP_SCAN_CURRENT_CHANNEL_IF_TARGET_AP_FOUND;
}
if (scan_mode) {
flags |= WIFI_CONNECT_STOP_SCAN_ALL_CHANNEL_IF_TARGET_AP_FOUND;
}
if (pci_en) {
flags |= WIFI_CONNECT_PCI_EN;
}
if (pmf_flag & WIFI_MGMR_CONNECT_PMF_CAPABLE_BIT) {
flags |= WIFI_CONNECT_PMF_CAPABLE;
} else {
flags &= ~WIFI_CONNECT_PMF_CAPABLE;
}
if (pmf_flag & WIFI_MGMR_CONNECT_PMF_REQUIRED_BIT) {
flags |= WIFI_CONNECT_PMF_REQUIRED;
} else {
flags &= ~WIFI_CONNECT_PMF_REQUIRED;
}
wifi_interface = wifi_mgmr_sta_enable();
wifi_mgmr_sta_connect_mid(wifi_interface, argv[getopt_env.optind], open_bss_flag ? NULL : argv[getopt_env.optind+1], NULL, bssid_set_flag ? mac : NULL, 0, channel_index, 1, flags);
return;
_ERROUT:
bl_os_printf("[USAGE]: %s [-c <freq>] [-b <bssid>] [-q] <ssid> [password]\r\n", argv[0]);
bl_os_printf("[USAGE]: %s [-c <freq>] [-b <bssid>] [-q] [-p] [-f <pmf_flag>] [-t <listen_itv>] [-m] <ssid> [password]\r\n", argv[0]);
return;
}
@ -834,6 +894,7 @@ static void cmd_wifi_ap_start(char *buf, int len, int argc, char **argv)
uint8_t hidden_ssid = 0;
char ssid_name[32];
int channel;
int max_sta_supported;
wifi_interface_t wifi_interface;
memset(mac, 0, sizeof(mac));
@ -848,14 +909,25 @@ static void cmd_wifi_ap_start(char *buf, int len, int argc, char **argv)
wifi_mgmr_ap_start(wifi_interface, ssid_name, hidden_ssid, NULL, 1);
} else {
/*hardcode password*/
if (3 == argc) {
if (4 == argc) {
hidden_ssid = 1;
}
channel = atoi(argv[1]);
if (channel <=0 || channel > 11) {
if (channel <= 0 || channel > 11) {
return;
}
wifi_mgmr_ap_start(wifi_interface, ssid_name, hidden_ssid, "12345678", channel);
if (NULL == argv[2]) {
max_sta_supported = -1;
} else {
max_sta_supported = atoi(argv[2]);
if (max_sta_supported > NX_REMOTE_STA_MAX) {
max_sta_supported = NX_REMOTE_STA_MAX;
}
}
wifi_mgmr_ap_start_atcmd(wifi_interface, ssid_name, hidden_ssid, "12345678", channel, max_sta_supported);
}
}
@ -1117,7 +1189,7 @@ const static struct cli_command cmds_user[] STATIC_CLI_CMD_ATTRIBUTE = {
{ "wifi_sta_denoise_disable", "wifi denoise", wifi_denoise_disable_cmd},
{ "wifi_sniffer_on", "wifi sniffer mode on", wifi_sniffer_on_cmd},
{ "wifi_sniffer_off", "wifi sniffer mode off", wifi_sniffer_off_cmd},
{ "wifi_ap_start", "start Ap mode", cmd_wifi_ap_start},
{ "wifi_ap_start", "start Ap mode [channel] [max_sta_supported]", cmd_wifi_ap_start},
{ "wifi_ap_stop", "stop Ap mode", cmd_wifi_ap_stop},
{ "wifi_ap_conf_max_sta", "config Ap max sta", cmd_wifi_ap_conf_max_sta},
{ "wifi_dump", "dump fw statistic", cmd_wifi_dump},

2
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr_event.c
View File

@ -61,7 +61,7 @@ static void cb_disconnect_ind(void *env, struct wifi_event_sm_disconnect_ind *in
static void cb_beacon_ind(void *env, struct wifi_event_beacon_ind *ind)
{
wifi_mgmr_api_scan_item_beacon(ind->channel, ind->rssi, ind->auth, ind->bssid, ind->ssid, ind->ssid_len, ind->ppm_abs, ind->ppm_rel, ind->cipher);
wifi_mgmr_api_scan_item_beacon(ind->channel, ind->rssi, ind->auth, ind->bssid, ind->ssid, ind->ssid_len, ind->ppm_abs, ind->ppm_rel, ind->cipher, ind->wps, ind->mode);
}
static void cb_probe_resp_ind(void *env, long long timestamp)

48
components/network/wifi_manager/bl60x_wifi_driver/wifi_mgmr_ext.c
View File

@ -197,7 +197,6 @@ int wifi_mgmr_psk_cal(char *password, char *ssid, int ssid_len, char *output)
int wifi_mgmr_drv_init(wifi_conf_t *conf)
{
bl606a0_wifi_init(conf);
wifi_mgmr_api_set_country_code(conf->country_code);
wifi_mgmr_init();
wifi_mgmr_api_ifaceup();
return 0;
@ -573,13 +572,19 @@ int wifi_mgmr_ap_ip_get(uint32_t *ip, uint32_t *gw, uint32_t *mask)
//TODO this API is still NOT completed, more features need to be implemented
int wifi_mgmr_ap_start(wifi_interface_t *interface, char *ssid, int hidden_ssid, char *passwd, int channel)
{
wifi_mgmr_api_ap_start(ssid, passwd, channel, hidden_ssid, 1);
wifi_mgmr_api_ap_start(ssid, passwd, channel, hidden_ssid, -1, 1);
return 0;
}
int wifi_mgmr_ap_start_adv(wifi_interface_t *interface, char *ssid, int hidden_ssid, char *passwd, int channel, uint8_t use_dhcp)
{
wifi_mgmr_api_ap_start(ssid, passwd, channel, hidden_ssid, use_dhcp);
wifi_mgmr_api_ap_start(ssid, passwd, channel, hidden_ssid, -1, use_dhcp);
return 0;
}
int wifi_mgmr_ap_start_atcmd(wifi_interface_t *interface, char *ssid, int hidden_ssid, char *passwd, int channel, int max_sta_supported)
{
wifi_mgmr_api_ap_start(ssid, passwd, channel, hidden_ssid, max_sta_supported, 1);
return 0;
}
@ -754,24 +759,53 @@ int wifi_mgmr_all_ap_scan(wifi_mgmr_ap_item_t **ap_ary, uint32_t *num)
int wifi_mgmr_scan(void *data, scan_complete_cb_t cb)
{
wifi_mgmr_scan_params_t scan_params;
scan_cb = cb;
scan_data = data;
wifi_mgmr_api_fw_scan(NULL, 0, (uint8_t *)&mac_addr_bcst, NULL);
scan_params.channel_num = 0;
memcpy(scan_params.bssid, (uint8_t *)&mac_addr_bcst, sizeof(struct mac_addr));
scan_params.ssid.length = 0;
scan_params.scan_mode = SCAN_ACTIVE;
/*if 0, use default scan time in fw,
* unit:us*/
scan_params.duration_scan = 0;
wifi_mgmr_api_fw_scan(scan_params);
return 0;
}
int wifi_mgmr_scan_adv(void *data, scan_complete_cb_t cb, uint16_t *channels, uint16_t channel_num, const uint8_t bssid[6], const char *ssid)
int wifi_mgmr_scan_adv(void *data, scan_complete_cb_t cb, uint16_t *channels, uint16_t channel_num, const uint8_t bssid[6], const char *ssid, uint8_t scan_mode, uint32_t duration_scan)
{
wifi_mgmr_scan_params_t scan_params;
scan_cb = cb;
scan_data = data;
if (0 != channel_num && NULL == channels) {
scan_params.channel_num = channel_num;
scan_params.scan_mode = scan_mode;
scan_params.duration_scan = duration_scan;
memcpy(scan_params.bssid, bssid, ETH_ALEN);
if (scan_params.channel_num) {
memcpy(scan_params.channels, channels, sizeof(scan_params.channels[0]) * scan_params.channel_num);
}
if (ssid != NULL) {
scan_params.ssid.length = strlen(ssid);
scan_params.ssid.length = (scan_params.ssid.length > MAC_SSID_LEN) ? MAC_SSID_LEN : scan_params.ssid.length;
memcpy(scan_params.ssid.array, ssid, scan_params.ssid.length);
scan_params.ssid.array_tail[0] = '\0';
} else {
scan_params.ssid.length = 0;
}
if (0 != scan_params.channel_num && NULL == scan_params.channels) {
return -1;
}
wifi_mgmr_api_fw_scan(channels, channel_num, bssid, ssid);
wifi_mgmr_api_fw_scan(scan_params);
return 0;
}

4
components/network/wifi_manager/bouffalo.mk
View File

@ -42,11 +42,11 @@ CPPFLAGS += -DCFG_TXDESC="4"
endif
ifeq ($(CONFIG_CHIP_NAME),BL606P)
CPPFLAGS += -DCFG_TXDESC="2"
CPPFLAGS += -DCFG_TXDESC="4"
endif
ifeq ($(CONFIG_BL_IOT_FW_AP),1)
CPPFLAGS += -DCFG_STA_MAX="3"
CPPFLAGS += -DCFG_STA_MAX="5"
else
CPPFLAGS += -DCFG_STA_MAX="1"
endif

1
components/platform/hosal/bl602_hal/bl_pm.c
View File

@ -445,7 +445,6 @@ int bl_pm_capacity_set(enum PM_LEVEL level)
capacity |= NODE_CAP_BIT_MAC_DOZE;
capacity |= NODE_CAP_BIT_RF_ONOFF;
capacity |= NODE_CAP_BIT_WLAN_BLE_ABORT;
capacity |= NODE_CAP_BIT_FORCE_SLEEP;
}
break;

6
components/platform/hosal/bl702_hal/bl_boot2.h
View File

@ -27,8 +27,8 @@
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef __BL606_PARTITION_H__
#define __BL606_PARTITION_H__
#ifndef __BL_BOOT2_H__
#define __BL_BOOT2_H__
#include "stdint.h"
#include "bl702_sflash.h"
@ -184,4 +184,4 @@ PtTable_Error_Type PtTable_Get_Active_Entries_By_Name(PtTable_Stuff_Config *ptSt
/*@} end of group BL606_Common_Driver */
#endif /* __BL606_PARTITION_H__ */
#endif /* __BL_BOOT2_H__ */

4
components/platform/hosal/bl702_hal/bl_irq.c
View File

@ -414,8 +414,7 @@ void exception_entry(uint32_t mcause, uint32_t mepc, uint32_t mtval, uintptr_t *
/*Deap loop now*/
#ifdef SYS_ENABLE_COREDUMP
/* For stack check */
extern uintptr_t _sp_main, _sp_base;
extern uintptr_t _sp_main;
/* XXX change sp to irq stack base */
__asm__ volatile("add sp, x0, %0" ::"r"(&_sp_main));
bl_coredump_run();
@ -455,4 +454,3 @@ void bl_irq_restore(int flags)
: /* no output */
: "r"(flags));
}

14
components/platform/hosal/bl702_hal/bl_rtc.c
View File

@ -38,30 +38,16 @@ void bl_rtc_init(void)
HBN_32K_Sel(HBN_32K_RC);
#endif
// HBN_Clear_RTC_Counter();
HBN_Enable_RTC_Counter();
}
uint64_t bl_rtc_get_counter(void)
{
#if 1
uint32_t valLow, valHigh;
HBN_Get_RTC_Timer_Val(&valLow, &valHigh);
return ((uint64_t)valHigh << 32) | valLow;
#else
uint32_t valLow1, valHigh1;
uint32_t valLow2, valHigh2;
// fix issue: read rtc counter twice, the second one may be smaller than the first one
do{
HBN_Get_RTC_Timer_Val(&valLow1, &valHigh1);
HBN_Get_RTC_Timer_Val(&valLow2, &valHigh2);
}while(valLow2 < valLow1 || valHigh2 != valHigh1);
return ((uint64_t)valHigh2 << 32) | valLow2;
#endif
}
uint64_t bl_rtc_get_timestamp_ms(void)

2
components/platform/hosal/bl702_hal/bl_rtc.h
View File

@ -34,7 +34,7 @@
#include "bl702_hbn.h"
#define BL_RTC_COUNTER_TO_MS(CNT) (((CNT) >> 5) - ((CNT) >> 11) - ((CNT) >> 12)) // ((CNT)*(1024-16-8)/32768)
#define BL_RTC_COUNTER_TO_MS(CNT) ((uint64_t)(CNT)*1000/32768) // ((CNT)*(1024-16-8)/32768)
#define BL_RTC_MAX_COUNTER (0x000000FFFFFFFFFFllu)
#define BL_RTC_MAX_TIMESTAMP_MS (BL_RTC_COUNTER_TO_MS(BL_RTC_MAX_COUNTER))

10
components/platform/hosal/bl702_hal/bl_uart.c
View File

@ -89,11 +89,9 @@ static void gpio_init(uint8_t id, uint8_t tx_pin, uint8_t rx_pin, uint8_t cts_pi
GLB_UART_Fun_Sel(rx_pin%8, rx_sigfun);
}
int g_uart_ready = 0;
int bl_uart_init(uint8_t id, uint8_t tx_pin, uint8_t rx_pin, uint8_t cts_pin, uint8_t rts_pin, uint32_t baudrate)
{
static uint8_t uart_clk_init = 0;
// static uint8_t uart_clk_init = 0;
const uint8_t uart_div = 0;
UART_CFG_Type uartCfg =
@ -121,10 +119,10 @@ int bl_uart_init(uint8_t id, uint8_t tx_pin, uint8_t rx_pin, uint8_t cts_pin, ui
};
/* enable clk */
if (0 == uart_clk_init) {
// if (0 == uart_clk_init) {
GLB_Set_UART_CLK(1, HBN_UART_CLK_FCLK, uart_div);
// uart_clk_init = 1;
}
// }
/* gpio init */
gpio_init(id, tx_pin, rx_pin, cts_pin, rts_pin);
@ -150,8 +148,6 @@ int bl_uart_init(uint8_t id, uint8_t tx_pin, uint8_t rx_pin, uint8_t cts_pin, ui
/* Enable uart */
UART_Enable(id, UART_TXRX);
g_uart_ready = 1;
return 0;
}

8
components/platform/hosal/bl702_hal/hal_button.c
View File

@ -165,8 +165,8 @@ static void button_process(xTimerHandle pxTimer)
else if (accu_time >= pstnode->short_press_start_ms && accu_time < pstnode->short_press_end_ms) {
ret = check_button_is_up(pstnode);
if (ret == 0) {
blog_info("process short press \r\n");
aos_post_event(EV_KEY, pstnode->short_kevent, 0);
blog_info("process short press %ld\r\n", pstnode->gpioPin);
aos_post_event(EV_KEY, pstnode->short_kevent, pstnode->gpioPin);
clear_button_states(pstnode);
button_int_umask(pstnode);
@ -204,7 +204,7 @@ static void button_process(xTimerHandle pxTimer)
ret = check_button_is_up(pstnode);
if (ret == 0) {
blog_info("process long press \r\n");
aos_post_event(EV_KEY, pstnode->long_kevent, 0);
aos_post_event(EV_KEY, pstnode->long_kevent, pstnode->gpioPin);
clear_button_states(pstnode);
button_int_umask(pstnode);
return;
@ -234,7 +234,7 @@ static void button_process(xTimerHandle pxTimer)
accu_time = accumulate_time(pstnode);
if (accu_time >= pstnode->longlong_press_ms && pstnode->dlong_entry_count == 0) {
blog_info("process longlong press \r\n");
aos_post_event(EV_KEY, pstnode->longlong_kevent, 0);
aos_post_event(EV_KEY, pstnode->longlong_kevent, pstnode->gpioPin);
pstnode->dlong_entry_count = 1;
return ;

2
components/platform/hosal/bl702_hal/hal_gpio.c
View File

@ -39,7 +39,7 @@
#include <blog.h>
#define USER_UNUSED(a) ((void)(a))
#define GPIO_MAX_NUM 37
#define GPIO_MAX_NUM 31
#define GPIO_MAX_NUM_STR "max_num"
#define BL_FDT32_TO_U8(addr, byte_offset) ((uint8_t)fdt32_to_cpu(*(uint32_t *)((uint8_t *)addr + byte_offset)))
#define BL_FDT32_TO_U16(addr, byte_offset) ((uint16_t)fdt32_to_cpu(*(uint32_t *)((uint8_t *)addr + byte_offset)))

1
components/platform/hosal/bl702_hal/hal_hwtimer.c
View File

@ -187,6 +187,7 @@ int hal_hwtimer_delete(hw_timer_t *pstnode)
if (ret == 0) {
utils_dlist_del(&(node->dlist_item));
vPortFree(node);
}
TIMER_IntMask(HW_TIMER_CHANNEL, TIMER_INT_COMP_0, UNMASK);

14
components/platform/hosal/bl702_hal/hal_pds.c
View File

@ -36,7 +36,6 @@ void hal_pds_init(void)
bl_pds_init();
#if 0 /* RTC is started by bl_rtc_init() in bl_rtc.c */
HBN_Clear_RTC_Counter();
HBN_Enable_RTC_Counter();
#endif
}
@ -64,10 +63,10 @@ uint32_t hal_pds_enter_with_time_compensation(uint32_t pdsLevel, uint32_t pdsSle
extern volatile uint64_t * const pullMachineTimerCompareRegister;
extern void vPortSetupTimerInterrupt(void);
mtimerClkCfg = *(volatile uint32_t *)0x40000090; // store mtimer clock
mtimerClkCfg = BL_RD_REG(GLB_BASE, GLB_CPU_CLK_CFG); // store mtimer clock setting
*pullMachineTimerCompareRegister = -1; // avoid mtimer interrupt pending
*(volatile uint8_t *)configCLIC_TIMER_ENABLE_ADDRESS = 0;
*(volatile uint8_t *)configCLIC_TIMER_ENABLE_ADDRESS = 0; // disable mtimer interrrupt
do
{
@ -81,18 +80,21 @@ uint32_t hal_pds_enter_with_time_compensation(uint32_t pdsLevel, uint32_t pdsSle
actualSleepDuration_ms = (uint32_t)bl_rtc_get_delta_time_ms(rtcRefCnt);
mtimerClkCycles = actualSleepDuration_ms * 4000; // 4 clock cycles per us
mtimerClkCycles = actualSleepDuration_ms * 1000 * 4;
ulCurrentTimeLow += mtimerClkCycles;
if(ulCurrentTimeLow < mtimerClkCycles){
ulCurrentTimeHigh++;
}
BL_WR_REG(GLB_BASE, GLB_CPU_CLK_CFG, mtimerClkCfg); // restore mtimer clock setting
*pullMachineTimerCompareRegister = -1;
*(volatile uint8_t *)configCLIC_TIMER_ENABLE_ADDRESS = 0;
*pulTimeLow = 0;
*pulTimeHigh = ulCurrentTimeHigh;
*pulTimeLow = ulCurrentTimeLow;
*(volatile uint32_t *)0x40000090 = mtimerClkCfg;
vPortSetupTimerInterrupt();
*(volatile uint8_t *)configCLIC_TIMER_ENABLE_ADDRESS = 1;

33
components/platform/hosal/bl702_hal/hal_sys.c
View File

@ -28,7 +28,7 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <string.h>
#include <bl702_romdriver.h>
#include <bl702_aon.h>
#include "bl_sys.h"
#include "hal_sys.h"
@ -75,19 +75,6 @@ struct romapi_freertos_map* hal_sys_romapi_get(void)
return romapi_freertos;
}
void hal_sys_capcode_update(uint8_t capin, uint8_t capout)
{
static uint8_t capin_static, capout_static;
if (255 != capin && 255 != capout) {
RomDriver_AON_Set_Xtal_CapCode(capin, capout);
capin_static = capin;
capout_static = capout;
} else {
RomDriver_AON_Set_Xtal_CapCode(capin_static, capout_static);
}
}
void hal_sys_romapi_update(struct romapi_freertos_map *romapi_freertos)
{
extern void interrupt_entry(uint32_t mcause);
@ -105,3 +92,21 @@ void hal_sys_romapi_update(struct romapi_freertos_map *romapi_freertos)
romapi_freertos->xISRStackTop = &__freertos_irq_stack_top;
}
void hal_sys_capcode_update(uint8_t capin, uint8_t capout)
{
static uint8_t capin_static, capout_static;
if (255 != capin && 255 != capout) {
AON_Set_Xtal_CapCode(capin, capout);
capin_static = capin;
capout_static = capout;
} else {
AON_Set_Xtal_CapCode(capin_static, capout_static);
}
}
uint8_t hal_sys_capcode_get(void)
{
return AON_Get_Xtal_CapCode();
}

2
components/platform/hosal/bl702_hal/hal_sys.h
View File

@ -57,6 +57,6 @@ struct romapi_freertos_map
struct romapi_freertos_map* hal_sys_romapi_get(void);
void hal_sys_romapi_update(struct romapi_freertos_map *romapi);
void hal_sys_capcode_update(uint8_t capin, uint8_t capout);
uint8_t hal_sys_capcode_get(void);
#endif

25
components/platform/hosal/bl702_hal/hosal_spi.c
View File

@ -86,29 +86,12 @@ static void spi_basic_init(hosal_spi_dev_t *arg)
{
hosal_spi_dev_t *hw_arg = arg;
SPI_CFG_Type spicfg;
SPI_ClockCfg_Type clockcfg;
SPI_FifoCfg_Type fifocfg;
SPI_ID_Type spi_id; //TODO change SPI_ID_Type
uint8_t clk_div;
spi_id = hw_arg->port;
/* clock */
/*1 ---> 40 Mhz
*2 ---> 20 Mhz
*5 ---> 8 Mhz
*6 ---> 6.66 Mhz
*10 ---> 4 Mhz
* */
clk_div = (uint8_t)(40000000 / hw_arg->config.freq);
GLB_Set_SPI_CLK(ENABLE,0);
clockcfg.startLen = clk_div;
clockcfg.stopLen = clk_div;
clockcfg.dataPhase0Len = clk_div;
clockcfg.dataPhase1Len = clk_div;
clockcfg.intervalLen = clk_div;
SPI_ClockConfig(spi_id, &clockcfg);
SPI_SetClock(spi_id,hw_arg->config.freq);
/* spi config */
spicfg.deglitchEnable = DISABLE;
spicfg.continuousEnable = ENABLE;
@ -143,8 +126,8 @@ static void spi_basic_init(hosal_spi_dev_t *arg)
SPI_IntMask(spi_id,SPI_INT_ALL,MASK);
/* fifo */
fifocfg.txFifoThreshold = 1;
fifocfg.rxFifoThreshold = 1;
fifocfg.txFifoThreshold = 0;
fifocfg.rxFifoThreshold = 0;
if (hw_arg->config.dma_enable) {
fifocfg.txFifoDmaEnable = ENABLE;
fifocfg.rxFifoDmaEnable = ENABLE;
@ -407,7 +390,6 @@ static void spi_irq_process(void *p_arg)
BaseType_t xHigherPriorityTaskWoken = pdFALSE;
hosal_spi_dev_t *spi = (hosal_spi_dev_t *)p_arg;
spi_priv_t *spi_priv = (spi_priv_t *)spi->priv;
uint8_t value;
uint32_t tmpVal;
uint32_t SPIx =SPI_BASE;
hosal_spi_irq_t pfn;
@ -453,7 +435,6 @@ static void spi_irq_process(void *p_arg)
}
}
} else {
value = (uint8_t)(BL_RD_REG(SPIx, SPI_FIFO_RDATA)&0xff);
spi_priv->rx_index++;
if (spi_priv->rx_index == spi_priv->length) {
/* spi callback */

8
components/platform/hosal/bl702_hal/hosal_uart.c
View File

@ -263,8 +263,8 @@ static void __uart_config_set(hosal_uart_dev_t *uart, const hosal_uart_config_t
};
uartCfg.baudRate = cfg->baud_rate;
uartCfg.dataBits = cfg->data_width;
uartCfg.parity = cfg->parity;
uartCfg.dataBits = (UART_DataBits_Type)cfg->data_width;
uartCfg.parity = (UART_Parity_Type)cfg->parity;
if (cfg->flow_control == HOSAL_FLOW_CONTROL_CTS) {
uartCfg.ctsFlowControl = 1;
@ -404,8 +404,8 @@ int hosal_uart_init(hosal_uart_dev_t *uart)
gpio_init(id, cfg->tx_pin, cfg->rx_pin, cfg->cts_pin, cfg->rts_pin);
uartCfg.baudRate = cfg->baud_rate;
uartCfg.dataBits = cfg->data_width;
uartCfg.parity = cfg->parity;
uartCfg.dataBits = (UART_DataBits_Type)cfg->data_width;
uartCfg.parity = (UART_Parity_Type)cfg->parity;
if (cfg->flow_control == HOSAL_FLOW_CONTROL_CTS) {
uartCfg.ctsFlowControl = 1;

3
components/platform/hosal/sec_common/bl_sec_hw_common.h
View File

@ -39,6 +39,9 @@
#elif defined BL702
#include <bl702_glb.h>
#include <bl702_sec_eng.h>
#elif defined BL702L
#include <bl702l_glb.h>
#include <bl702l_sec_eng.h>
#elif defined BL808
#include <bl808_glb.h>
#include <bl808_sec_eng.h>

2
components/platform/hosal/sec_common/bl_sec_pka.c
View File

@ -40,6 +40,8 @@ int bl_sec_pka_init(void)
{
#if defined(BL616) || defined BL808
GLB_Set_PKA_CLK_Sel(GLB_PKA_CLK_MCU_MUXPLL_160M);
#elif defined(BL702L)
GLB_Set_PKA_CLK_Sel(GLB_PKA_CLK_SRC_HCLK);
#else
GLB_Set_PKA_CLK_Sel(GLB_PKA_CLK_HCLK);
#endif

BIN
components/platform/soc/bl702/bl702_rf/lib/libbl702_rf.a
View File

Binary file not shown.

4039
components/security/mbedtls_lts/kvs_webrtc_mbedtls_config.h Normal file
View File

File diff suppressed because it is too large Load Diff

5
components/security/mbedtls_lts/mbedtls/.gitignore vendored
View File

@ -23,6 +23,11 @@ coverage-summary.txt
# generated by scripts/memory.sh
massif-*
# Eclipse project files
.cproject
.project
/.settings
# MSVC build artifacts:
*.exe
*.pdb

2
components/security/mbedtls_lts/mbedtls/.travis.yml
View File

@ -41,7 +41,7 @@ after_failure:
env:
global:
- SEED=1
- secure: "FrI5d2s+ckckC17T66c8jm2jV6i2DkBPU5nyWzwbedjmEBeocREfQLd/x8yKpPzLDz7ghOvr+/GQvsPPn0dVkGlNzm3Q+hGHc/ujnASuUtGrcuMM+0ALnJ3k4rFr9xEvjJeWb4SmhJO5UCAZYvTItW4k7+bj9L+R6lt3TzQbXzg="
- secure: "JECCru6HASpKZ0OLfHh8f/KXhKkdrCwjquZghd/qbA4ksxsWImjR7KEPERcaPndXEilzhDbKwuFvJiQX2duVgTGoq745YGhLZIjzo1i8tySkceCVd48P8WceYGz+F/bmY7r+m6fFNuxDSoGGSVeA4Lnjvmm8PFUP45YodDV9no4="
addons:
apt:

2
components/security/mbedtls_lts/mbedtls/3rdparty/everest/README.md vendored
View File

@ -2,4 +2,4 @@ The files in this directory stem from [Project Everest](https://project-everest.
This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS.
The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later).
The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explicitly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later).

4
components/security/mbedtls_lts/mbedtls/3rdparty/everest/include/everest/everest.h vendored
View File

@ -96,7 +96,7 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen
void *p_rng );
/**
* \brief This function parses and processes a TLS ServerKeyExhange
* \brief This function parses and processes a TLS ServerKeyExchange
* payload.
*
* This is the first function used by a TLS client for ECDHE
@ -116,7 +116,7 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx,
const unsigned char **buf, const unsigned char *end );
/**
* \brief This function parses and processes a TLS ServerKeyExhange
* \brief This function parses and processes a TLS ServerKeyExchange
* payload.
*
* This is the first function used by a TLS client for ECDHE

35
components/security/mbedtls_lts/mbedtls/BRANCHES.md
View File

@ -2,10 +2,10 @@
At any point in time, we have a number of maintained branches consisting of:
- The [`master`](https://github.com/ARMmbed/mbedtls/tree/master) branch:
- The [`master`](https://github.com/Mbed-TLS/mbedtls/tree/master) branch:
this always contains the latest release, including all publicly available
security fixes.
- The [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch:
- The [`development`](https://github.com/Mbed-TLS/mbedtls/tree/development) branch:
this is where new features land,
as well as bug fixes and security fixes.
- One or more long-time support (LTS) branches:
@ -16,7 +16,7 @@ API compatibility in the `master` branch between major version changes. We
also maintain ABI compatibility within LTS branches; see the next section for
details.
## Backwards Compatibility
## Backwards Compatibility for application code
We maintain API compatibility in released versions of Mbed TLS. If you have
code that's working and secure with Mbed TLS x.y.z and does not rely on
@ -24,6 +24,14 @@ undocumented features, then you should be able to re-compile it without
modification with any later release x.y'.z' with the same major version
number, and your code will still build, be secure, and work.
Note that this guarantee only applies if you either use the default
compile-time configuration (`mbedtls/config.h`) or the same modified
compile-time configuration. Changing compile-time configuration options can
result in an incompatible API or ABI, although features will generally not
affect unrelated features (for example, enabling or disabling a
cryptographic algorithm does not break code that does not use that
algorithm).
There are rare exceptions: code that was relying on something that became
insecure in the meantime (for example, crypto that was found to be weak) may
need to be changed. In case security comes in conflict with backwards
@ -40,15 +48,28 @@ had to break ABI compatibility in an LTS branch, but we occasionally had to
increase code size for a security fix.)
For contributors, see the [Backwards Compatibility section of
CONTRIBUTING](CONTRIBUTING.md#cackwords-compatibility).
CONTRIBUTING](CONTRIBUTING.md#backwards-compatibility).
## Backward compatibility for the key store
We maintain backward compatibility with previous versions of the
PSA Crypto persistent storage since Mbed TLS 2.25.0, provided that the
storage backend (PSA ITS implementation) is configured in a compatible way.
We intend to maintain this backward compatibility throughout a major version
of Mbed TLS (for example, all Mbed TLS 3.y versions will be able to read
keys written under any Mbed TLS 3.x with x <= y).
Mbed TLS 3.x can also read keys written by Mbed TLS 2.25.0 through 2.28.x
LTS, but future major version upgrades (for example from 2.28.x/3.x to 4.y)
may require the use of an upgrade tool.
## Current Branches
The following branches are currently maintained:
- [master](https://github.com/ARMmbed/mbedtls/tree/master)
- [`development`](https://github.com/ARMmbed/mbedtls/)
- [`mbedtls-2.28`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.28)
- [master](https://github.com/Mbed-TLS/mbedtls/tree/master)
- [`development`](https://github.com/Mbed-TLS/mbedtls/)
- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28)
maintained until at least the end of 2024.
Users are urged to always use the latest version of a maintained branch.

6
components/security/mbedtls_lts/mbedtls/BUGS.md
View File

@ -1,6 +1,6 @@
## Known issues
Known issues in Mbed TLS are [tracked on GitHub](https://github.com/ARMmbed/mbedtls/issues).
Known issues in Mbed TLS are [tracked on GitHub](https://github.com/Mbed-TLS/mbedtls/issues).
## Reporting a bug
@ -9,12 +9,12 @@ If you think you've found a bug in Mbed TLS, please follow these steps:
1. Make sure you're using the latest version of a
[maintained branch](BRANCHES.md): `master`, `development`,
or a long-time support branch.
2. Check [GitHub](https://github.com/ARMmbed/mbedtls/issues) to see if
2. Check [GitHub](https://github.com/Mbed-TLS/mbedtls/issues) to see if
your issue has already been reported. If not, …
3. If the issue is a security risk (for example: buffer overflow,
data leak), please report it confidentially as described in
[`SECURITY.md`](SECURITY.md). If not, …
4. Please [create an issue on on GitHub](https://github.com/ARMmbed/mbedtls/issues).
4. Please [create an issue on on GitHub](https://github.com/Mbed-TLS/mbedtls/issues).
Please do not use GitHub for support questions. If you want to know
how to do something with Mbed TLS, please see [`SUPPORT.md`](SUPPORT.md) for available documentation and support channels.

8
components/security/mbedtls_lts/mbedtls/CMakeLists.txt
View File

@ -6,9 +6,9 @@
# command but rather at the target level using the
# target_include_directories command. That way, it is easier to guarantee
# that targets are built using the proper list of include directories.
# + Use the PUBLIC and PRIVATE keywords to specifiy the scope of include
# + Use the PUBLIC and PRIVATE keywords to specify the scope of include
# directories. That way, a target linking to a library (using the
# target_link_librairies command) inherits from the library PUBLIC include
# target_link_libraries command) inherits from the library PUBLIC include
# directories and not from the PRIVATE ones.
# + Note: there is currently one remaining include_directories command in the
# CMake files. It is related to ZLIB support which is planned to be removed.
@ -226,8 +226,8 @@ if(CMAKE_COMPILER_IS_IAR)
endif(CMAKE_COMPILER_IS_IAR)
if(CMAKE_COMPILER_IS_MSVC)
# Strictest warnings
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
# Strictest warnings, UTF-8 source and execution charset
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8")
endif(CMAKE_COMPILER_IS_MSVC)
if(MBEDTLS_FATAL_WARNINGS)

15
components/security/mbedtls_lts/mbedtls/CONTRIBUTING.md
View File

@ -14,8 +14,8 @@ Coding Standards
Making a Contribution
---------------------
1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls) around a feature idea or a bug.
1. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/ARMmbed/mbedtls/tree/development) as a basis.
1. [Check for open issues](https://github.com/Mbed-TLS/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org) around a feature idea or a bug.
1. Fork the [Mbed TLS repository on GitHub](https://github.com/Mbed-TLS/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/Mbed-TLS/mbedtls/tree/development) as a basis.
1. Write a test which shows that the bug was fixed or that the feature works as expected.
1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :)
1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it.
@ -47,16 +47,11 @@ When backporting to these branches please observe the following rules:
1. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
1. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts.
It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/Mbed-TLS/mbedtls/tree/development) by contributors.
The list of maintained branches can be found in the [Current Branches section
of BRANCHES.md](BRANCHES.md#current-branches).
Currently maintained LTS branches are:
1. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7)
1. [mbedtls-2.16](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16)
Tests
-----
As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist.
@ -73,7 +68,7 @@ Continuous Integration Tests
----------------------------
Once a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures.
It is advised to enable the [githooks scripts](https://github.com/ARMmbed/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible.
It is advised to enable the [githooks scripts](https://github.com/Mbed-TLS/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible.
Documentation
-------------
@ -83,4 +78,4 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out
1. Complex parts in the code should include comments.
1. If needed, a Readme file is advised.
1. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description.
1. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution.
1. A [ChangeLog](https://github.com/Mbed-TLS/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution.

96
components/security/mbedtls_lts/mbedtls/ChangeLog
View File

@ -1,4 +1,98 @@
mbed TLS ChangeLog (Sorted per branch, date)
Mbed TLS ChangeLog (Sorted per branch, date)
= Mbed TLS 2.28.1 branch released 2022-07-11
Default behavior changes
* mbedtls_cipher_set_iv will now fail with ChaCha20 and ChaCha20+Poly1305
for IV lengths other than 12. The library was silently overwriting this
length with 12, but did not inform the caller about it. Fixes #4301.
Features
* When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, you may list the PSA crypto
feature requirements in the file named by the new macro
MBEDTLS_PSA_CRYPTO_CONFIG_FILE instead of the default psa/crypto_config.h.
Furthermore you may name an additional file to include after the main
file with the macro MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE.
Security
* Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
module before freeing them. These buffers contain secret key material, and
could thus potentially leak the key through freed heap.
* Fix a potential heap buffer overread in TLS 1.2 server-side when
MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with
mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite
is selected. This may result in an application crash or potentially an
information leak.
* Fix a buffer overread in DTLS ClientHello parsing in servers with
MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client
or a man-in-the-middle could cause a DTLS server to read up to 255 bytes
after the end of the SSL input buffer. The buffer overread only happens
when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(),
and possibly up to 571 bytes with a custom cookie check function.
Reported by the Cybeats PSI Team.
Bugfix
* Fix a memory leak if mbedtls_ssl_config_defaults() is called twice.
* Fix several bugs (warnings, compiler and linker errors, test failures)
in reduced configurations when MBEDTLS_USE_PSA_CRYPTO is enabled.
* Fix a bug in (D)TLS curve negotiation: when MBEDTLS_USE_PSA_CRYPTO was
enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
client would fail to check that the curve selected by the server for
ECDHE was indeed one that was offered. As a result, the client would
accept any curve that it supported, even if that curve was not allowed
according to its configuration. Fixes #5291.
* Fix unit tests that used 0 as the file UID. This failed on some
implementations of PSA ITS. Fixes #3838.
* Fix API violation in mbedtls_md_process() test by adding a call to
mbedtls_md_starts(). Fixes #2227.
* Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests
to catch bad uses of time.h.
* Fix the library search path when building a shared library with CMake
on Windows.
* Fix bug in the alert sending function mbedtls_ssl_send_alert_message()
potentially leading to corrupted alert messages being sent in case
the function needs to be re-called after initially returning
MBEDTLS_SSL_WANT_WRITE. Fixes #1916.
* In configurations with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled but none of
MBEDTLS_SSL_HW_RECORD_ACCEL, MBEDTLS_SSL_EXPORT_KEYS or MBEDTLS_DEBUG_C,
DTLS handshakes using CID would crash due to a null pointer dereference.
Fix this. Fixes #3998.
* Fix incorrect documentation of mbedtls_x509_crt_profile. The previous
documentation stated that the `allowed_pks` field applies to signatures
only, but in fact it does apply to the public key type of the end entity
certificate, too. Fixes #1992.
* Fix PSA cipher multipart operations using ARC4. Previously, an IV was
required but discarded. Now, an IV is rejected, as it should be.
* Fix undefined behavior in mbedtls_asn1_find_named_data(), where val is
not NULL and val_len is zero.
* psa_raw_key_agreement() now returns PSA_ERROR_BUFFER_TOO_SMALL when
applicable. Fixes #5735.
* Fix a bug in the x25519 example program where the removal of
MBEDTLS_ECDH_LEGACY_CONTEXT caused the program not to run. Fixes #4901 and
#3191.
* Encode X.509 dates before 1/1/2000 as UTCTime rather than
GeneralizedTime. Fixes #5465.
* Fix order value of curve x448.
* Fix string representation of DNs when outputting values containing commas
and other special characters, conforming to RFC 1779. Fixes #769.
* Silence a warning from GCC 12 in the selftest program. Fixes #5974.
* Fix mbedtls_asn1_write_mpi() writing an incorrect encoding of 0.
* Fix resource leaks in mbedtls_pk_parse_public_key() in low
memory conditions.
* Fix server connection identifier setting for outgoing encrypted records
on DTLS 1.2 session resumption. After DTLS 1.2 session resumption with
connection identifier, the Mbed TLS client now properly sends the server
connection identifier in encrypted record headers. Fix #5872.
* Fix a null pointer dereference when performing some operations on zero
represented with 0 limbs (specifically mbedtls_mpi_mod_int() dividing
by 2, and mbedtls_mpi_write_string() in base 2).
* Fix record sizes larger than 16384 being sometimes accepted despite being
non-compliant. This could not lead to a buffer overflow. In particular,
application data size was already checked correctly.
Changes
* Assume source files are in UTF-8 when using MSVC with CMake.
= mbed TLS 2.28.0 branch released 2021-12-17

4
components/security/mbedtls_lts/mbedtls/README.md
View File

@ -235,7 +235,7 @@ This implementation is not yet as mature as the rest of the library. Some parts
The X.509 and TLS code can use PSA cryptography for a limited subset of operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `config.h`.
There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list.
There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/Mbed-TLS/mbed-crypto/labels/compliance) for an up-to-date list.
### Upcoming features
@ -260,5 +260,5 @@ Contact
-------
* To report a security vulnerability in Mbed TLS, please email <mbed-tls-security@lists.trustedfirmware.org>. For more information, see [`SECURITY.md`](SECURITY.md).
* To report a bug or request a feature in Mbed TLS, please [file an issue on GitHub](https://github.com/ARMmbed/mbedtls/issues/new/choose).
* To report a bug or request a feature in Mbed TLS, please [file an issue on GitHub](https://github.com/Mbed-TLS/mbedtls/issues/new/choose).
* Please see [`SUPPORT.md`](SUPPORT.md) for other channels for discussion and support about Mbed TLS.

2
components/security/mbedtls_lts/mbedtls/SECURITY.md
View File

@ -6,7 +6,7 @@ send an email to the security team at
## Security Incident Handling Process
Our security process is detailled in our
Our security process is detailed in our
[security
center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).

4
components/security/mbedtls_lts/mbedtls/SUPPORT.md
View File

@ -7,9 +7,9 @@ Here are some useful sources of information about using Mbed TLS:
- the `docs` directory in the source tree;
- the [Mbed TLS knowledge Base](https://tls.mbed.org/kb);
- the [Mbed TLS mailing-list
archives](https://lists.trustedfirmware.org/pipermail/mbed-tls/).
archives](https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/).
## Asking Questions
If you can't find your answer in the above sources, please use the [Mbed TLS
mailing list](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls).
mailing list](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org).

110
components/security/mbedtls_lts/mbedtls/configs/config-ccm-psk-dtls1_2.h Normal file
View File

@ -0,0 +1,110 @@
/**
* \file config-ccm-psk-dtls1_2.h
*
* \brief Small configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites
*
* Distinguishing features:
* - Optimized for small code size, low bandwidth (on an unreliable transport),
* and low RAM usage.
* - No asymmetric cryptography (no certificates, no Diffie-Hellman key
* exchange).
* - Fully modern and secure (provided the pre-shared keys are generated and
* stored securely).
* - Very low record overhead with CCM-8.
* - Includes several optional DTLS features typically used in IoT.
*
* See README.txt for usage instructions.
*/
#ifndef MBEDTLS_CONFIG_H
#define MBEDTLS_CONFIG_H
/* System support */
//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_CCM_C
#define MBEDTLS_CIPHER_C
#define MBEDTLS_CTR_DRBG_C
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_MD_C
#define MBEDTLS_NET_C
#define MBEDTLS_SHA256_C
#define MBEDTLS_SSL_CLI_C
#define MBEDTLS_SSL_COOKIE_C
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
#define MBEDTLS_TIMING_C
/* TLS protocol feature support */
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
#define MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
/*
* Use only CCM_8 ciphersuites, and
* save ROM and a few bytes of RAM by specifying our own ciphersuite list
*/
#define MBEDTLS_SSL_CIPHERSUITES \
MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
/*
* Save RAM at the expense of interoperability: do this only if you control
* both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The optimal size here depends on the typical size of records.
*/
#define MBEDTLS_SSL_MAX_CONTENT_LEN 256
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/*
* You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source plus a weak clock source, but you may
* want to add other ones. Minimum is 3 for the entropy test suite.
*/
#define MBEDTLS_ENTROPY_MAX_SOURCES 3
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_CONFIG_H */

56
components/security/mbedtls_lts/mbedtls/configs/config-ccm-psk-tls1_2.h
View File

@ -21,11 +21,15 @@
*/
/*
* Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
*
* Distinguishing features:
* - no bignum, no PK, no X509
* - fully modern and secure (provided the pre-shared keys have high entropy)
* - very low record overhead with CCM-8
* - optimized for low RAM usage
* - Optimized for small code size, low bandwidth (on a reliable transport),
* and low RAM usage.
* - No asymmetric cryptography (no certificates, no Diffie-Hellman key
* exchange).
* - Fully modern and secure (provided the pre-shared keys are generated and
* stored securely).
* - Very low record overhead with CCM-8.
*
* See README.txt for usage instructions.
*/
@ -36,11 +40,7 @@
//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
/* mbed TLS feature support */
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
/* mbed TLS modules */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_CCM_C
#define MBEDTLS_CIPHER_C
@ -53,18 +53,9 @@
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/*
* You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones
* Minimum is 2 for the entropy test suite.
*/
#define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* TLS protocol feature support */
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
/*
* Use only CCM_8 ciphersuites, and
@ -81,6 +72,29 @@
*/
#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/*
* You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones
* Minimum is 2 for the entropy test suite.
*/
#define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_CONFIG_H */

14
components/security/mbedtls_lts/mbedtls/configs/config-mini-tls1_1.h
View File

@ -71,6 +71,20 @@
/* For testing with compat.sh */
#define MBEDTLS_FS_IO
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* With MBEDTLS_PSA_CRYPTO_C, importing an RSA key requires MBEDTLS_PK_WRITE_C */
#if defined(MBEDTLS_PSA_CRYPTO_C)
#define MBEDTLS_PK_WRITE_C
#endif
#include "mbedtls/check_config.h"
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C
#endif /* MBEDTLS_CONFIG_H */

2
components/security/mbedtls_lts/mbedtls/configs/config-no-entropy.h
View File

@ -21,7 +21,7 @@
*/
/*
* Minimal configuration of features that do not require an entropy source
* Distinguishing reatures:
* Distinguishing features:
* - no entropy module
* - no TLS protocol implementation available due to absence of an entropy
* source

17
components/security/mbedtls_lts/mbedtls/configs/config-suite-b.h
View File

@ -103,12 +103,27 @@
/*
* Save RAM at the expense of interoperability: do this only if you control
* both ends of the connection! (See coments in "mbedtls/ssl.h".)
* both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The minimum size here depends on the certificate chain used as well as the
* typical size of records.
*/
#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* With USE_PSA_CRYPTO, some PK operations also need PK_WRITE */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#define MBEDTLS_PK_WRITE_C
#endif
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_CONFIG_H */

5
components/security/mbedtls_lts/mbedtls/configs/config-thread.h
View File

@ -86,6 +86,11 @@
/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_CONFIG_H */

155
components/security/mbedtls_lts/mbedtls/docs/architecture/mbed-crypto-storage-specification.md
View File

@ -112,7 +112,7 @@ Information about each key is stored in a dedicated file designated by the key i
The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-1.0.0).
* Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value.
* PSA service integration: the key file name is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
* PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
### Key file format for 1.0.0
@ -120,7 +120,11 @@ The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However n
### Nonvolatile random seed file format for 1.0.0
[Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization.
The file format is just the seed as a byte string with no metadata or encoding of any kind.
This is unchanged since [the feature was introduced in Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
### File namespace on a PSA platform for 1.0.0
@ -167,7 +171,21 @@ Tags: mbedcrypto-1.1.0
Released in early June 2019. <br>
Integrated in Mbed OS 5.13.
Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format.
Changes since [1.0.0](#mbed-crypto-1.0.0):
* The stdio backend for storage has been replaced by an implementation of [PSA ITS over stdio](#file-namespace-on-stdio-for-1.1.0).
* [Some changes in the key file format](#key-file-format-for-1.1.0).
### File namespace on stdio for 1.1.0
Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a non-key file (currently: only the [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0)). The contents of the file are:
* Magic header (8 bytes): `"PSA\0ITS\0"`
* File contents.
### Key file format for 1.1.0
@ -314,3 +332,134 @@ The layout of a key file is:
* For an opaque key (unified driver interface): driver-specific opaque key blob.
* For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
* Any trailing data is rejected on load.
Mbed TLS 2.25.0
---------------
Tags: `mbedtls-2.25.0`, `mbedtls-2.26.0`, `mbedtls-2.27.0`, `mbedtls-2.28.0` (continued in early 3.x releases)
First released in December 2020.
Note: this is the first version that is officially supported. The version number is still 0.
Backward compatibility commitments: we promise backward compatibility for stored keys when Mbed TLS is upgraded from x to y if x >= 2.25 and y < 4. See [`BRANCHES.md`](../../BRANCHES.md) for more details.
Supported integrations:
* [PSA platform](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0)
* [library using PSA ITS](#file-namespace-on-its-as-a-library-on-mbed-tls-2.25.0)
* [library using C stdio](#file-namespace-on-stdio-for-mbed-tls-2.25.0)
Supported features:
* [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner](#key-names-for-mbed-tls-2.25.0). Keys can be:
* Transparent, stored in the export format.
* Opaque, using the unified driver interface with statically registered drivers (`MBEDTLS_PSA_CRYPTO_DRIVERS`). The driver determines the content of the opaque key blob.
* Opaque, using the deprecated secure element interface with dynamically registered drivers (`MBEDTLS_PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key material.
* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0) on ITS only.
### Changes introduced in Mbed TLS 2.25.0
* The numerical encodings of `psa_key_type_t`, `psa_key_usage_t` and `psa_algorithm_t` have changed.
### File namespace on a PSA platform on Mbed TLS 2.25.0
Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
Assumption: the owner identifier is a nonzero value of type `int32_t`.
* Files 0 through 0xfffeffff: unused.
* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mbed-tls-2.25.0).
* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file identifier](#key-names-for-mbed-tls-2.25.0). The upper 32 bits determine the owner.
### File namespace on ITS as a library on Mbed TLS 2.25.0
Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace.
This is a library integration, so there is no owner. The key file identifier is identical to the key identifier.
* File 0: unused.
* Files 1 through 0xfffeffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file identifier](#key-names-for-mbed-tls-2.25.0).
* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mbed-tls-2.25.0).
* Files 0x100000000 through 0xffffffffffffffff: unused.
### File namespace on stdio for Mbed TLS 2.25.0
Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23.
An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory).
* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present.
* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a [non-key file](#non-key-files-on-mbed-tls-2.25.0). The contents of the file are:
* Magic header (8 bytes): `"PSA\0ITS\0"`
* File contents.
### Key names for Mbed TLS 2.25.0
Information about each key is stored in a dedicated file designated by the key identifier. In integrations where there is no concept of key owner (in particular, in library integrations), the key identifier is exactly the key identifier as defined in the PSA Cryptography API specification (`psa_key_id_t`). In integrations where there is a concept of key owner (integration into a service for example), the key identifier is made of an owner identifier (its semantics and type are integration specific) and of the key identifier (`psa_key_id_t`) from the key owner point of view.
The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-mbed-tls-2.25.0).
* Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value which must be in the range 0x00000001..0x3fffffff (`PSA_KEY_ID_USER_MIN`..`PSA_KEY_ID_USER_MAX`).
* PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value.
### Key file format for Mbed TLS 2.25.0
All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
The layout of a key file is:
* magic (8 bytes): `"PSA\0KEY\0"`.
* version (4 bytes): 0.
* lifetime (4 bytes): `psa_key_lifetime_t` value.
* type (2 bytes): `psa_key_type_t` value.
* bits (2 bytes): `psa_key_bits_t` value.
* policy usage flags (4 bytes): `psa_key_usage_t` value.
* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
* key material length (4 bytes).
* key material:
* For a transparent key: output of `psa_export_key`.
* For an opaque key (unified driver interface): driver-specific opaque key blob.
* For an opaque key (key in a dynamic secure element): slot number (8 bytes), in platform endianness.
* Any trailing data is rejected on load.
### Non-key files on Mbed TLS 2.25.0
File identifiers that are outside the range of persistent key identifiers are reserved for internal use by the library. The only identifiers currently in use have the owner id (top 32 bits) set to 0.
* Files 0xfffffe02 through 0xfffffeff (`PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): dynamic secure element driver storage. The content of the file is the secure element driver's persistent data.
* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0).
* File 0xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-mbed-tls-2.25.0).
* Other files are unused and reserved for future use.
### Nonvolatile random seed file format for Mbed TLS 2.25.0
[Identical to Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0).
### Transaction file format for Mbed TLS 2.25.0
The transaction file contains data about an ongoing action that cannot be completed atomically. It exists only if there is an ongoing transaction.
All integers are encoded in platform endianness.
All currently existing transactions concern a key in a dynamic secure element.
The layout of a transaction file is:
* type (2 bytes): the [transaction type](#transaction-types-on-mbed-tls-2.25.0).
* unused (2 bytes)
* lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element.
* slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element driver.
* key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal representation of the key identifier. On a PSA platform, this encodes the key owner in the same way as [in file identifiers for key files](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0)).
#### Transaction types on Mbed TLS 2.25.0
* 0x0001: key creation. The following locations may or may not contain data about the key that is being created:
* The slot in the secure element designated by the slot number.
* The file containing the key metadata designated by the key identifier.
* The driver persistent data.
* 0x0002: key destruction. The following locations may or may not still contain data about the key that is being destroyed:
* The slot in the secure element designated by the slot number.
* The file containing the key metadata designated by the key identifier.
* The driver persistent data.

2
components/security/mbedtls_lts/mbedtls/docs/architecture/testing/driver-interface-test-strategy.md
View File

@ -87,7 +87,7 @@ Creating or removing a key in a secure element involves multiple storage modific
* This must be done for each possible flow, including error cases (e.g. a key creation that fails midway due to `OUT_OF_MEMORY`).
* The recovery during `psa_crypto_init` can itself be interrupted. Test those interruptions too.
* Two things need to be tested: the key that is being created or destroyed, and the driver's persistent storage.
* Check both that the storage has the expected content (this can be done by e.g. using a key that is supposed to be present) and does not have any unexpected content (for keys, this can be done by checking that `psa_open_key` fails with `PSA_ERRROR_DOES_NOT_EXIST`).
* Check both that the storage has the expected content (this can be done by e.g. using a key that is supposed to be present) and does not have any unexpected content (for keys, this can be done by checking that `psa_open_key` fails with `PSA_ERROR_DOES_NOT_EXIST`).
This requires instrumenting the storage implementation, either to force it to fail at each point or to record successive storage states and replay each of them. Each `psa_its_xxx` function call is assumed to be atomic.

4
components/security/mbedtls_lts/mbedtls/docs/architecture/testing/psa-storage-format-testing.md
View File

@ -34,13 +34,13 @@ Use a similar approach for files other than keys where possible and relevant.
Test cases should normally not be removed from the code base: if something has worked before, it should keep working in future versions, so we should keep testing it.
This cannot be enforced solely by looking at a single version of Mbed TLS, since there would be no indication that more test cases used to exist. It can only be enforced through review of library changes. The review may be assisted by a tool that compares the old and the new version, in the same way that `abi-check.py` compares the library's API and ABI.
This cannot be enforced solely by looking at a single version of Mbed TLS, since there would be no indication that more test cases used to exist. It can only be enforced through review of library changes. The review is be assisted by a tool that compares the old and the new version, which is implemented in `scripts/abi_check.py`. This tool fails the CI if load-and-check test case disappears (changed test cases are raised as false positives).
If the way certain keys are stored changes, and we don't deliberately decide to stop supporting old keys (which should only be done by retiring a version of the storage format), then we should keep the corresponding test cases in load-only mode: create a file with the expected content, load it and check the data that it contains.
## Storage architecture overview
The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifer (a 64-bit number) to file content (a byte array). These files include:
The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifier (a 64-bit number) to file content (a byte array). These files include:
* [Key files](#key-storage) (files containing one key's metadata and, except for some secure element keys, key material).
* The [random generator injected seed or state file](#random-generator-state) (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`).

2
components/security/mbedtls_lts/mbedtls/doxygen/input/doc_mainpage.h
View File

@ -22,7 +22,7 @@
*/
/**
* @mainpage mbed TLS v2.28.0 source code documentation
* @mainpage mbed TLS v2.28.1 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in

1888
components/security/mbedtls_lts/mbedtls/doxygen/mbedtls.doxyfile
View File

File diff suppressed because it is too large Load Diff

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/aes.h
View File

@ -564,7 +564,7 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
* for example, with 96-bit random nonces, you should not encrypt
* more than 2**32 messages with the same key.
*
* Note that for both stategies, sizes are measured in blocks and
* Note that for both strategies, sizes are measured in blocks and
* that an AES block is 16 bytes.
*
* \warning Upon return, \p stream_block contains sensitive data. Its

4
components/security/mbedtls_lts/mbedtls/include/mbedtls/aria.h
View File

@ -44,7 +44,7 @@
#define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */
#define MBEDTLS_ARIA_BLOCKSIZE 16 /**< ARIA block size in bytes. */
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maximum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -321,7 +321,7 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
* for example, with 96-bit random nonces, you should not encrypt
* more than 2**32 messages with the same key.
*
* Note that for both stategies, sizes are measured in blocks and
* Note that for both strategies, sizes are measured in blocks and
* that an ARIA block is 16 bytes.
*
* \warning Upon return, \p stream_block contains sensitive data. Its

12
components/security/mbedtls_lts/mbedtls/include/mbedtls/asn1.h
View File

@ -61,7 +61,7 @@
/** Buffer too small when writing ASN.1 data structure. */
#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C
/* \} name */
/** \} name ASN1 Error codes */
/**
* \name DER constants
@ -121,8 +121,7 @@
#define MBEDTLS_ASN1_TAG_PC_MASK 0x20
#define MBEDTLS_ASN1_TAG_VALUE_MASK 0x1F
/* \} name */
/* \} addtogroup asn1_module */
/** \} name DER constants */
/** Returns the size of the binary string, without the trailing \\0 */
#define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1)
@ -210,7 +209,7 @@ mbedtls_asn1_named_data;
* \return 0 if successful.
* \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/
int mbedtls_asn1_get_len( unsigned char **p,
const unsigned char *end,
@ -235,7 +234,7 @@ int mbedtls_asn1_get_len( unsigned char **p,
* with the requested tag.
* \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/
int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end,
@ -607,6 +606,9 @@ void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
*/
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
/** \} name Functions to parse ASN.1 data structures */
/** \} addtogroup asn1_module */
#ifdef __cplusplus
}
#endif

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/bignum.h
View File

@ -989,7 +989,7 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
* generate yourself and that are supposed to be prime, then
* \p rounds should be at least the half of the security
* strength of the cryptographic algorithm. On the other hand,
* if \p X is chosen uniformly or non-adversially (as is the
* if \p X is chosen uniformly or non-adversarially (as is the
* case when mbedtls_mpi_gen_prime calls this function), then
* \p rounds can be much lower.
*

4
components/security/mbedtls_lts/mbedtls/include/mbedtls/blowfish.h
View File

@ -185,7 +185,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
* #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
* #MBEDTLS_BLOWFISH_DECRYPT for decryption.
* \param length The length of the input data in Bytes.
* \param iv_off The offset in the initialiation vector.
* \param iv_off The offset in the initialization vector.
* The value pointed to must be smaller than \c 8 Bytes.
* It is updated by this function to support the aforementioned
* streaming usage.
@ -246,7 +246,7 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
* The recommended way to ensure uniqueness is to use a message
* counter.
*
* Note that for both stategies, sizes are measured in blocks and
* Note that for both strategies, sizes are measured in blocks and
* that a Blowfish block is 8 bytes.
*
* \warning Upon return, \p stream_block contains sensitive data. Its

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/camellia.h
View File

@ -273,7 +273,7 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
* encrypted: for example, with 96-bit random nonces, you should
* not encrypt more than 2**32 messages with the same key.
*
* Note that for both stategies, sizes are measured in blocks and
* Note that for both strategies, sizes are measured in blocks and
* that a CAMELLIA block is \c 16 Bytes.
*
* \warning Upon return, \p stream_block contains sensitive data. Its

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/chachapoly.h
View File

@ -161,7 +161,7 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
* \param ctx The ChaCha20-Poly1305 context. This must be initialized
* and bound to a key.
* \param nonce The nonce/IV to use for the message.
* This must be a redable buffer of length \c 12 Bytes.
* This must be a readable buffer of length \c 12 Bytes.
* \param mode The operation to perform: #MBEDTLS_CHACHAPOLY_ENCRYPT or
* #MBEDTLS_CHACHAPOLY_DECRYPT (discouraged, see warning).
*

49
components/security/mbedtls_lts/mbedtls/include/mbedtls/check_config.h
View File

@ -173,7 +173,11 @@
#endif
#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C)
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites"
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PKCS5_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_PKCS5_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \
@ -214,11 +218,32 @@
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too"
#endif
#if defined(MBEDTLS_CCM_C) && ( \
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
#error "MBEDTLS_CCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_CCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_GCM_C) && ( \
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) )
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C)
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C)
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_RANDOMIZE_JAC_ALT defined, but not all prerequisites"
#endif
@ -338,11 +363,11 @@
#endif
#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites"
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites"
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
@ -619,6 +644,18 @@
#error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined, but it cannot coexist with MBEDTLS_USE_PSA_CRYPTO."
#endif
#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) && \
!defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_ECDSA_C)
#error "MBEDTLS_PK_C in configuration with MBEDTLS_USE_PSA_CRYPTO and \
MBEDTLS_ECDSA_C requires MBEDTLS_PK_WRITE_C to be defined."
#endif
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) && \
!defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_PSA_CRYPTO_C)
#error "MBEDTLS_PSA_CRYPTO_C, MBEDTLS_RSA_C and MBEDTLS_PKCS1_V15 defined, \
but not all prerequisites"
#endif
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) )
#error "MBEDTLS_RSA_C defined, but not all prerequisites"
@ -761,14 +798,14 @@
!defined(MBEDTLS_SSL_PROTO_TLS1) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites"
#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
!defined(MBEDTLS_SSL_PROTO_TLS1) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites"
#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C)

143
components/security/mbedtls_lts/mbedtls/include/mbedtls/config.h
View File

@ -128,7 +128,12 @@
* MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
* MBEDTLS_PLATFORM_STD_TIME.
*
* Comment if your system does not support time functions
* Comment if your system does not support time functions.
*
* \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing
* interface - timing.c will include time.h on suitable platforms
* regardless of the setting of MBEDTLS_HAVE_TIME, unless
* MBEDTLS_TIMING_ALT is used. See timing.c for more information.
*/
#define MBEDTLS_HAVE_TIME
@ -321,7 +326,7 @@
*/
//#define MBEDTLS_CHECK_PARAMS_ASSERT
/* \} name SECTION: System support */
/** \} name SECTION: System support */
/**
* \name SECTION: mbed TLS feature support
@ -395,7 +400,7 @@
//#define MBEDTLS_XTEA_ALT
/*
* When replacing the elliptic curve module, pleace consider, that it is
* When replacing the elliptic curve module, please consider, that it is
* implemented with two .c files:
* - ecp.c
* - ecp_curves.c
@ -1493,7 +1498,7 @@
* Enable an implementation of SHA-256 that has lower ROM footprint but also
* lower performance.
*
* The default implementation is meant to be a reasonnable compromise between
* The default implementation is meant to be a reasonable compromise between
* performance and size. This version optimizes more aggressively for size at
* the expense of performance. Eg on Cortex-M4 it reduces the size of
* mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
@ -1658,7 +1663,7 @@
* Enable support for RFC 7627: Session Hash and Extended Master Secret
* Extension.
*
* This was introduced as "the proper fix" to the Triple Handshake familiy of
* This was introduced as "the proper fix" to the Triple Handshake family of
* attacks, but it is recommended to always use it (even if you disable
* renegotiation), since it actually fixes a more fundamental issue in the
* original SSL/TLS design, and has implications beyond Triple Handshake.
@ -1704,7 +1709,7 @@
* \note This option has no influence on the protection against the
* triple handshake attack. Even if it is disabled, Mbed TLS will
* still ensure that certificates do not change during renegotiation,
* for exaple by keeping a hash of the peer's certificate.
* for example by keeping a hash of the peer's certificate.
*
* Comment this macro to disable storing the peer's certificate
* after the handshake.
@ -1909,7 +1914,7 @@
* unless you know for sure amplification cannot be a problem in the
* environment in which your server operates.
*
* \warning Disabling this can ba a security risk! (see above)
* \warning Disabling this can be a security risk! (see above)
*
* Requires: MBEDTLS_SSL_PROTO_DTLS
*
@ -2162,8 +2167,19 @@
* This setting allows support for cryptographic mechanisms through the PSA
* API to be configured separately from support through the mbedtls API.
*
* Uncomment this to enable use of PSA Crypto configuration settings which
* can be found in include/psa/crypto_config.h.
* When this option is disabled, the PSA API exposes the cryptographic
* mechanisms that can be implemented on top of the `mbedtls_xxx` API
* configured with `MBEDTLS_XXX` symbols.
*
* When this option is enabled, the PSA API exposes the cryptographic
* mechanisms requested by the `PSA_WANT_XXX` symbols defined in
* include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are
* automatically enabled if required (i.e. if no PSA driver provides the
* mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
* in config.h.
*
* If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
* an alternative header to include instead of include/psa/crypto_config.h.
*
* If you enable this option and write your own configuration file, you must
* include mbedtls/config_psa.h in your configuration file. The default
@ -2289,7 +2305,7 @@
* Uncomment to enable use of ZLIB
*/
//#define MBEDTLS_ZLIB_SUPPORT
/* \} name SECTION: mbed TLS feature support */
/** \} name SECTION: mbed TLS feature support */
/**
* \name SECTION: mbed TLS modules
@ -2902,7 +2918,7 @@
*
* Requires: MBEDTLS_MD_C
*
* Uncomment to enable the HMAC_DRBG random number geerator.
* Uncomment to enable the HMAC_DRBG random number generator.
*/
#define MBEDTLS_HMAC_DRBG_C
@ -3096,7 +3112,7 @@
/**
* \def MBEDTLS_PK_C
*
* Enable the generic public (asymetric) key layer.
* Enable the generic public (asymmetric) key layer.
*
* Module: library/pk.c
* Caller: library/ssl_tls.c
@ -3112,7 +3128,7 @@
/**
* \def MBEDTLS_PK_PARSE_C
*
* Enable the generic public (asymetric) key parser.
* Enable the generic public (asymmetric) key parser.
*
* Module: library/pkparse.c
* Caller: library/x509_crt.c
@ -3127,7 +3143,7 @@
/**
* \def MBEDTLS_PK_WRITE_C
*
* Enable the generic public (asymetric) key writer.
* Enable the generic public (asymmetric) key writer.
*
* Module: library/pkwrite.c
* Caller: library/x509write.c
@ -3466,6 +3482,10 @@
* your own implementation of the whole module by setting
* \c MBEDTLS_TIMING_ALT in the current file.
*
* \note The timing module will include time.h on suitable platforms
* regardless of the setting of MBEDTLS_HAVE_TIME, unless
* MBEDTLS_TIMING_ALT is used. See timing.c for more information.
*
* \note See also our Knowledge Base article about porting to a new
* environment:
* https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
@ -3598,7 +3618,88 @@
*/
#define MBEDTLS_XTEA_C
/* \} name SECTION: mbed TLS modules */
/** \} name SECTION: mbed TLS modules */
/**
* \name SECTION: General configuration options
*
* This section contains Mbed TLS build settings that are not associated
* with a particular module.
*
* \{
*/
/**
* \def MBEDTLS_CONFIG_FILE
*
* If defined, this is a header which will be included instead of
* `"mbedtls/config.h"`.
* This header file specifies the compile-time configuration of Mbed TLS.
* Unlike other configuration options, this one must be defined on the
* compiler command line: a definition in `config.h` would have no effect.
*
* This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
* non-standard feature of the C language, so this feature is only available
* with compilers that perform macro expansion on an <tt>\#include</tt> line.
*
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
//#define MBEDTLS_CONFIG_FILE "mbedtls/config.h"
/**
* \def MBEDTLS_USER_CONFIG_FILE
*
* If defined, this is a header which will be included after
* `"mbedtls/config.h"` or #MBEDTLS_CONFIG_FILE.
* This allows you to modify the default configuration, including the ability
* to undefine options that are enabled by default.
*
* This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
* non-standard feature of the C language, so this feature is only available
* with compilers that perform macro expansion on an <tt>\#include</tt> line.
*
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
/**
* \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
*
* If defined, this is a header which will be included instead of
* `"psa/crypto_config.h"`.
* This header file specifies which cryptographic mechanisms are available
* through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and
* is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled.
*
* This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
* non-standard feature of the C language, so this feature is only available
* with compilers that perform macro expansion on an <tt>\#include</tt> line.
*
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
/**
* \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
*
* If defined, this is a header which will be included after
* `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
* This allows you to modify the default configuration, including the ability
* to undefine options that are enabled by default.
*
* This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
* non-standard feature of the C language, so this feature is only available
* with compilers that perform macro expansion on an <tt>\#include</tt> line.
*
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
/** \} name SECTION: General configuration options */
/**
* \name SECTION: Module configuration options
@ -3609,11 +3710,15 @@
*
* Our advice is to enable options and change their values here
* only if you have a good reason and know the consequences.
*
* Please check the respective header file for documentation on these
* parameters (to prevent duplicate documentation).
* \{
*/
/* The Doxygen documentation here is used when a user comments out a
* setting and runs doxygen themselves. On the other hand, when we typeset
* the full documentation including disabled settings, the documentation
* in specific modules' header files is used if present. When editing this
* file, make sure that each option is documented in exactly one place,
* plus optionally a same-line Doxygen comment here if there is a Doxygen
* comment in the specific module. */
/* MPI / BIGNUM options */
//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
@ -4002,7 +4107,7 @@
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
/* \} name SECTION: Customisation configuration options */
/** \} name SECTION: Module configuration options */
/* Target and application specific configurations
*

33
components/security/mbedtls_lts/mbedtls/include/mbedtls/config_psa.h
View File

@ -31,9 +31,17 @@
#define MBEDTLS_CONFIG_PSA_H
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
#else
#include "psa/crypto_config.h"
#endif
#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -264,7 +272,6 @@ extern "C" {
#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \
(defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \
(defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
(defined(PSA_WANT_ALG_XTS) && !defined(MBEDTLS_PSA_ACCEL_ALG_XTS)) || \
defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
(defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
@ -393,15 +400,8 @@ extern "C" {
#endif
#endif /* PSA_WANT_ALG_OFB */
#if defined(PSA_WANT_ALG_XTS)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_XTS) || \
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
#define MBEDTLS_PSA_BUILTIN_ALG_XTS 1
#define MBEDTLS_CIPHER_MODE_XTS
#endif
#endif /* PSA_WANT_ALG_XTS */
#if defined(PSA_WANT_ALG_ECB_NO_PADDING)
#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)
#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1
#endif
@ -483,7 +483,7 @@ extern "C" {
#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
/*
* Curve448 is not yet supported via the PSA API in Mbed TLS
* (https://github.com/ARMmbed/mbedtls/issues/4249).
* (https://github.com/Mbed-TLS/mbedtls/issues/4249).
*/
#error "Curve448 is not yet supported via the PSA API in Mbed TLS."
#define MBEDTLS_ECP_DP_CURVE448_ENABLED
@ -537,7 +537,7 @@ extern "C" {
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
/*
* SECP224K1 is buggy via the PSA API in Mbed TLS
* (https://github.com/ARMmbed/mbedtls/issues/3541).
* (https://github.com/Mbed-TLS/mbedtls/issues/3541).
*/
#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
@ -751,11 +751,6 @@ extern "C" {
#define PSA_WANT_ALG_OFB 1
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
#define MBEDTLS_PSA_BUILTIN_ALG_XTS 1
#define PSA_WANT_ALG_XTS 1
#endif
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
#define PSA_WANT_ECC_BRAINPOOL_P_R1_256
@ -776,7 +771,7 @@ extern "C" {
#define PSA_WANT_ECC_MONTGOMERY_255
#endif
/* Curve448 is not yet supported via the PSA API (https://github.com/ARMmbed/mbedtls/issues/4249) */
/* Curve448 is not yet supported via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/4249) */
#if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
#define PSA_WANT_ECC_MONTGOMERY_448
@ -812,7 +807,7 @@ extern "C" {
#define PSA_WANT_ECC_SECP_K1_192
#endif
/* SECP224K1 is buggy via the PSA API (https://github.com/ARMmbed/mbedtls/issues/3541) */
/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */
#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
#define PSA_WANT_ECC_SECP_K1_224

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/ctr_drbg.h
View File

@ -138,7 +138,7 @@
/**< The maximum size of seed or reseed buffer in bytes. */
#endif
/* \} name SECTION: Module settings */
/** \} name SECTION: Module settings */
#define MBEDTLS_CTR_DRBG_PR_OFF 0
/**< Prediction resistance is disabled. */

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/debug.h
View File

@ -139,7 +139,7 @@ extern "C" {
* discarded.
* (Default value: 0 = No debug )
*
* \param threshold theshold level of messages to filter on. Messages at a
* \param threshold threshold level of messages to filter on. Messages at a
* higher level will be discarded.
* - Debug levels
* - 0 No debug

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/ecjpake.h
View File

@ -68,7 +68,7 @@ typedef enum {
* (KeyExchange) as defined by the Thread spec.
*
* In order to benefit from this symmetry, we choose a different naming
* convetion from the Thread v1.0 spec. Correspondance is indicated in the
* convention from the Thread v1.0 spec. Correspondence is indicated in the
* description as a pair C: client name, S: server name
*/
typedef struct mbedtls_ecjpake_context

4
components/security/mbedtls_lts/mbedtls/include/mbedtls/ecp.h
View File

@ -315,7 +315,7 @@ mbedtls_ecp_group;
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: a point where higher memory usage yields disminishing performance
* Default: a point where higher memory usage yields diminishing performance
* returns.
* Minimum value: 2. Maximum value: 7.
*
@ -351,7 +351,7 @@ mbedtls_ecp_group;
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */
#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
/** \} name SECTION: Module settings */
#else /* MBEDTLS_ECP_ALT */
#include "ecp_alt.h"

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/entropy.h
View File

@ -75,7 +75,7 @@
#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
#endif
/* \} name SECTION: Module settings */
/** \} name SECTION: Module settings */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/hkdf.h
View File

@ -39,7 +39,7 @@
*/
/** Bad input parameters to function. */
#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80
/* \} name */
/** \} name */
#ifdef __cplusplus
extern "C" {

4
components/security/mbedtls_lts/mbedtls/include/mbedtls/hmac_drbg.h
View File

@ -74,7 +74,7 @@
#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif
/* \} name SECTION: Module settings */
/** \} name SECTION: Module settings */
#define MBEDTLS_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
#define MBEDTLS_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
@ -207,7 +207,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
size_t len );
/**
* \brief Initilisation of simpified HMAC_DRBG (never reseeds).
* \brief Initialisation of simplified HMAC_DRBG (never reseeds).
*
* This function is meant for use in algorithms that need a pseudorandom
* input such as deterministic ECDSA.

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/memory_buffer_alloc.h
View File

@ -42,7 +42,7 @@
#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
#endif
/* \} name SECTION: Module settings */
/** \} name SECTION: Module settings */
#define MBEDTLS_MEMORY_VERIFY_NONE 0
#define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0)

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/oid.h
View File

@ -143,7 +143,7 @@
#define MBEDTLS_OID_AT_GIVEN_NAME MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
#define MBEDTLS_OID_AT_INITIALS MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
#define MBEDTLS_OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */
#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributeType:= {id-at 45} */
#define MBEDTLS_OID_AT_DN_QUALIFIER MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
#define MBEDTLS_OID_AT_PSEUDONYM MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */

2
components/security/mbedtls_lts/mbedtls/include/mbedtls/pem.h
View File

@ -54,7 +54,7 @@
#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400
/** Bad input parameters to function. */
#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480
/* \} name */
/** \} name PEM Error codes */
#ifdef __cplusplus
extern "C" {

Some files were not shown because too many files have changed in this diff Show More