The FSMs that drive the encryption logic are not performance critical,
but they are very large. Build BearSSL using -Os on them, leaving -O2
everywhere else (i.e. encryption) for speed.
Saves 1-2KB of flash for SSL applications.
* Upgrade to upstream newlib 4.0.0 release
Includes 64 bit time_t and 5 years of updates.
Binary incompatible with libraries which use time_t (due to the size
difference). Recompiling with the new newlib should be sufficient for
most libraries, assuming source is available.
* Remove tools/sdk/libc directory, it isn't used anywhere
Somewhere along the line the copy of libc in tools/sdl/libc was taken
out of the build process. Files in there are not used, take add'l time
to build and install on a toolchain release, and just cause confusion.
Remove them.
* Fix 64-bit time for LittleFS
The core was setting 64-bit times automatically on new file creation or
updates, but would fail when attempting to read them back due to 64/32b
confusion.
Now attempt to read 64b time, and if that fails fallback to reading 32b
time to allow both old and new FS to preserve timestamps.
* Update to jjsuwa-sys3175 additions to GCC and newlib
@jjsuwa-sys3175 contributed multiple patches to GCC, included in
the toolchain, as well as a slightly faster pgm_read_byte() macro.
* Rebuild w/addl GCC patches, new BearSSL flags
* Remove copied libgcc.a file, is contained in toolchain
The GCC10 PR accidentally reverted to an older BearSSL commit. There should
be no code changes, but to keep everything clean move it back ahead to the
proper commit.
* Upgrade to GCC 9.1 toolchain
* Rebuilt using pure GNU binutils and GCC
Remove dependencies on earlier forked GNU utilities (gcc-xtensa,
binutils-gdb-xtensa) and just use GCC sources, unmodified (except for
patches in the esp-quick-toolchain directories).
* Rebuild bearssl using new toolchain
* Fix GDBstub linkage options
GDB works with pure GNU GCC and pure GNU binutils now. Still warnings
galore, but tested with the example sketch in the docs.
* Fix digitalRead alias warning
* Remove gdb stub warnings w/a pragma
* Fix deprecated implicit copy ctors in IP code
Fix some warnings present in GCC8/9 in the IPAddress code
In AddressListIterator there was a copy constructor which simply copied
the structure bit-for-bit. That's the default operation, so remove it
to avoid the warning there.
IPAddress, add a default copy constructor since the other copy
constructors are simply parsing from one format into a native ip_addr_t.
@d-a-v, can you give these a look over and see if they're good (since
IP stuff is really your domain).
* Fix AxTLS alias function defs to match real code
* Fix WiFiClientSecure implicit default copy ctor
These both use shared-ptrs to handle refcnts to allocated data, so using
the default copy constructor is fine (and has been in use for a long
time).
* Dummy size for heap to avoid GCC 8/9 warnings
Make GCC think _heap_start is large enough to avoid the basic (and
incorrect) bounds-checking warnings it produces. The size chosen is
arbitrary and does not affect the actual size of the heap in any way.
* Make heap an undefined extend array
Instead of a bogus size, use an indefinite size for the heap to avoid
GCC warnings
* Trivial tab to space fix
* Update SDFat to remove FatFile warnings
* Fix ticker function cast warnings in GCC 9
The callback function is defined to take a (void*) as parameter, but our
templates let users use anything that fits inside sizeof(void*) to be
passed in. Add pragmas to stop GCC warnings about this, since we
already check the size of the type will fit in the allocated space.
* Remove GCC support fcn that's in ROM
Manually delete the divdi3.so from the libgcc.a library by running the
updated EQT's 9.1-post script.
* Make exceptions work again, get std::regex up
Exceptions are broken on all builds (GCC4.8-9.1) due to the removal of
the PROGMEM non-32b read exception handler (added in the unstable
pre3.0.0).
Build the exception code with -mforce-l32 and patch
accordingly to avoid LoadStore errors.
Apply patches to select portions of the regex lib which use _stype_
(which is now in flash).
* Rebuild Bearssl using latest GCC push
* Automate building of BearSSL and LWIP w/new toolchain
* Workaround g++ template section problem for exception strings
G++ seems to throw out the section attributes for templates. This means
that the __EXCSTR(a synonym for "PSTR()") is ignored and exception.what
strings are stored in RODATA, eating up RAM.
Workaround by using the linker to place the strings keying off their name
("*__exception_what__*").
* Rebuild moving exception.what to unique names
Exception.whats are now all in __exception_what__ and can be moved by
the linker to flash. Works aroung G++ issue with segments being lost in
templates.
* Rebuild with new LWIP locking
* Update to latest libs, save iram
Move two GCC FP support routines out of iram since they are in ROM
already, saving some add'l IRAM. Same list as gcc 4.8.
* Update BearSSL to latest release
* Fix umm_perf reference to ROM function
* Fix "reinterpret_case is not a constexpr" error
In GCC 9 (and 8 from what I read on SO), a cast of a const int to a
function pointer (via explicit or implicit reinterpret_cast) is not a
constexpr.
````
/home/earle/Arduino/hardware/esp8266com/esp8266/cores/esp8266/umm_malloc/umm_performance.cpp:45:36: error: a reinterpret_cast is not a constant expression
45 | int constexpr (*_rom_putc1)(int) = (int (*)(int))(void*)0x40001dcc;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
````
Remove the constexpr, potentially increasing heap usage by 4 bytes in
debug mode.
* Update libc.a to latest rev
* Full rebuild of toolchain and libs
* Upgrade to GCC 9.2, released in August 2019
Add builds for all 5 cross-compiles to pass CI
* Move to --std=gnu++14 (C++14 + GNU extensions)
* Fix Ticker merge conflict
* Fix json merge conflict
* One more merge diff fix
* Reapply Ticker.h casting warning fixes for gcc9
* Update with fixes from Sming repo for PSTR and ASM
* Upgrade to -gnu4 toolchain
* Move to gnu5 build with add'l softFP from ROM
* Move add'l softFP from IRAM to flash
Per @mikee47, we miss sone add'l soft-FP routined in the linker which
makes them end up in IRAM. Move them explicitly into flash, like a
couple others we have already done this for.
* Move to std=c++17/c17 in platform, remove abs/round
Move to C++17 and C17 standards on the compiler options.
Remove "register" from core since it is deprecated.
Remove the #define abs() and #define round() which a) overwrote the
C stdlib definitions, poorly, and b) broke the GCC core code which used
"abs" as an internal function name.
Now abs() returns an integer, and not whatever was being absoluted.
fabs() etc. can be used if users need fload/double suport.
round() returns a double now, which is basically what it was returning
in the original case since adding/subtracting by a FP.
* Use std::abs/round to replace the macro definitions
Per discussion w/@devyte, preserve the abs() and round() functionality
via the using statement.
* Remove using std::abs which conflicted with C lib headers
* Add 2nd arg (exception handler) to ets_isr_t
Disassembly of the ROM shows there are 2 params to the ets_isr_t
callback. The first is the arg passed in, the second is a pointer to an
exception frame where you can get info about when the IRQ happened.
* Move the gdbstub example to a subdir
The Arduino IDE and the build CI don't build it without a subdir, so
make one for gdbstub's example so it's visible and tested.
* Fix ets_irq_arratch redefinition and core IRQ handlers
Remove a duplicated, different declaration for ets_irq_attach from
ets_sys.h. It never really even matched the other declaration in the
same header.
Update the core to IRQ handlers to fix the prototype and include the
2nd, unused frame parameter.
* Actually rebuild the libc.a using GCC 9.2
* Fix SPISlave interrupt attach's 2nd parameter
* Rebuild eboot.elf with GCC 9
* Update to latest SoftwareSerial for Delegate fix
* Upgrade to GCC 9.3
* Rebuild all arch toolchains
* Move to GCC 10.1
* Merge master and fix eboot build
GCC10 now uses `-fno-common` so the eboot global variables were being
placed in IRAM. Adjust the makefile and rebuild to fix.
* Built complete toolchain for all archs
* Pull in latest PSTR changes and fix GCC10.1 build
Somehow the prior GCC build's -mforce32 patch wasn't applying correctly,
but I was still able to get a binary. Fixed. Also pulled in latest
PSTR changes in progmem.h
* Update platform.io to platform C/C++ standards
* Use PR's toolchain in platformio build
* Fix several asm warnings in PIO build
* Optional stack smash protection -fstack-protector
Add a menu to enable GCC's built-in stack smash protection. When a
subroutine goes past its end of stack, generate a crashdump on function
exit like:
````
GCC detected stack overrun
Stack corrupted, stack smash detected.
>>>stack>>>
ctx: cont
sp: 3fffff20 end: 3fffffc0 offset: 0000
3fffff20: 40202955 00000001 0000001c 4020287e
3fffff30: feefeffe 000000fd 00000000 00000000
...
<<<stack<<<
````
Disabled by default because there is a small per-function code overhead
(and CPU time if the function is called very frequently and is very
small).
BearSSL and LWIP are not built using stack smash detection, yet.
* Fix duplicated stc=gnu99/c17 in build
* Dump faulting function PC in stack overflow
Report a fake exception to have the exception decoder print the actual
faulting function. This won't tell you where in the function the issue
happened, but it will tell you the function name first and foremost.
* Rebuild with Platform.io JSON tag in release tgzs
Only minor updates to headers and no functionality change on the
portions that we use in the ESP8266.
@Teddyz reported random crashes while running against a local MQTT
server and was able to report stack usages of up to 6136 bytes.
Increase the SSL stack to a little more than that, once again.
* Upgrade to 2.5.0-4 toolchain w/improved pgm_read_x
Rebuild the entire toolchain (including standard libraries) with the
latest pgm_read_xxx headers included (which fix unaligned dword reads
from progmem and run faster/smaller, and a pgm_read_byte change which
removes an instruction on each read saving flash).
Pull in latest bearssl while we're at it, too, which speeds up EC
handshakes and reduced ROM usage, too.
* Fix C++ exceptions
Exception code now only does 32b aligned reads from progmem to access
the eh_table (some via -mforce-l32, some via hand-inserted pgm_read_x
macros).
Fixes#6151Fixes#6305Fixes#6198
Undo the BearSSL RODATA->PROGMEM changes because there are some bad
performance regressions in EC server operations which can result in
timeouts and WDTs.
Keep the shrunked bearssl.a library as that is orthogonal to the PROGMEM
changes.
Rewrite all the integer math operations with const input parameters to
use PROGMEM properly (pgm_read_xx or memcpy_P), and move all the EC
order and generators and SHA OIDs to PROGMEM.
This frees around 1.2KB of heap for any SSL applications.
Also delete unneeded objects from the bearssl.a library to shrink the
GIT repo size.
Move additional constants to flash and use _P/pgm_read routines to
access them. Minimal runtime impact, but remove variables from RODATA
and gives addition 484 bytes of heap to SSL applications.
Fixes#6005
Fixes#5996
* Add extensions to probe message for EC, others
probeMFLN was failing on some connection attempts to servers which only
supported EC based ciphers because it did not include the proper TLS
handshake extensions to list what kinds of ECs it supported.
Add those to the probeMFLN ClientHello message to make probes pass.
* Add client.getMFLNStatus method, returns MFLN state
After a connection it is useful to check whether MFLN negotiation
succeeded. getMFLNStatus returns a bool (valid only after
client.connect() succeeds, of course) indicating whether the requested
buffer sizes were negotiated successfully.
There is a bug in the BearSSL PEM decoder when Windows EOLs (\r\n) are
passed in. Avoid the issue by silenly discarding \rs as they are read
from the PEM source in the C code, to keep my sanity by avoiding reworking
the pseudo-Forth parser code.
Fixes#5591
Remove the -fno-jump-tables since the new toolchain places these tables
in ROM now. Rebuild using the toolchain. Saves 1-3KB of flash and
has 0 RAM impact plus may make certain bits marginally faster by using
a LUT instead of a if-else-else chain.
* Update to BearSSL 0.6+ release, add AES_CCM modes
Pull in latest BearSSL head (0.6 + minor additions) release and add AES_CCM
modes to the encryption options.
* Enable the aes_ccm initialization in client/server
* Initial attempt
* Working code with second stack thunking
* Remove #ifdefs in .S file, not needed.
* Clean up thunks and remove separate stack flag
* Fix PIO assembler errors
* Remove #ifdef code changes, ensure same code as PC
Remove "#ifdef ESP8266;...;#else;...;#endif" brackets in BearSSL to
ensure the host-tested code is the same as the ESP8266-run code.
* Move to latest BearSSL w/EC progmem savings
* Merge with master
* Add br_thunk_* calls to do ref counting, painting
Add reference counting br_thunk_add/del_ref() to replace stack handling code
in the class.
Add in stack painting and max usage calculation.
* Add in postmortem stack dump hooks
When a crash occurs while in the second stack, dump the BSSL stack and
then also the stack that it was called from (either cont or sys).
* Update stack dump to match decoder expectations
* Move thunk to code core for linkiage
The thunk code needs to be visible to the core routines, so move it to the
cores/esp8266 directory. Probably need to refactor the stack setup and the
bearssl portion to avoid dependency on bearssl libs in cores/esp8266
* Add 2nd stack dump utility routine
* Refactor once more, update stack size, add stress
Make stack_thunks generic, remove bearssl include inside of cores/esp8266.
Allocate the stack on a WiFiServerSecure object creation to avoid
fragmentation since we will need to allocate the stack to do any
connected work, anyway.
A stress test is now included which checks the total BearSSL second
stack usage for a variety of TLS handshake and certificate options
from badssl.org.
* Update to latest to-thunks branch
* Add BearSSL device test using stack stress
Run a series of SSL connection and transmission tests that stress
BearSSL and its stack usage to the device tests.
Modify device tests to include a possible SPIFFS generation and
upload when a make_spiffs.py file is present in a test directory.
* Use bearssl/master branch, not /to-thunks branch
Update to use the merged master branch of bearssl. Should have no code
changes.
Pull in latest BearSSL head (0.6 + minor additions) release and add AES_CCM
modes to the encryption options. Enable the aes_ccm initialization in client/server
The EC mul20 and square20 code was identical in two different files,
but because these copies were static, we ended up with an extra 6k of
duplicated code. Updated BearSSL to make them shared, saving 6KB.
BearSSL (https://www.bearssl.org) is a TLS(SSL) library written by
Thomas Pornin that is optimized for lower-memory embedded systems
like the ESP8266. It supports a wide variety of modern ciphers and
is unique in that it doesn't perform any memory allocations during
operation (which is the unfortunate bane of the current axTLS).
BearSSL is also absolutely focused on security and by default performs
all its security checks on x.509 certificates during the connection
phase (but if you want to be insecure and dangerous, that's possible
too).
While it does support unidirectional SSL buffers, like axTLS,
as implemented the ESP8266 wrappers only support bidirectional
buffers. These bidirectional buffers avoid deadlocks in protocols
which don't have well separated receive and transmit periods.
This patch adds several classes which allow connecting to TLS servers
using this library in almost the same way as axTLS:
BearSSL::WiFiClientSecure - WiFiClient that supports TLS
BearSSL::WiFiServerSecure - WiFiServer supporting TLS and client certs
It also introduces objects for PEM/DER encoded keys and certificates:
BearSSLX509List - x.509 Certificate (list) for general use
BearSSLPrivateKey - RSA or EC private key
BearSSLPublicKey - RSA or EC public key (i.e. from a public website)
Finally, it adds a Certificate Authority store object which lets
BearSSL access a set of trusted CA certificates on SPIFFS to allow it
to verify the identity of any remote site on the Internet, without
requiring RAM except for the single matching certificate.
CertStoreSPIFFSBearSSL - Certificate store utility
Client certificates are supported for the BearSSL::WiFiClientSecure, and
what's more the BearSSL::WiFiServerSecure can also *require* remote clients
to have a trusted certificate signed by a specific CA (or yourself with
self-signing CAs).
Maximum Fragment Length Negotiation probing and usage are supported, but
be aware that most sites on the Internet don't support it yet. When
available, you can reduce the memory footprint of the SSL client or server
dramatically (i.e. down to 2-8KB vs. the ~22KB required for a full 16K
receive fragment and 512b send fragment). You can also manually set a
smaller fragment size and guarantee at your protocol level all data will
fit within it.
Examples are included to show the usage of these new features.
axTLS has been moved to its own namespace, "axtls". A default "using"
clause allows existing apps to run using axTLS without any changes.
The BearSSL::WiFi{client,server}Secure implements the axTLS
client/server API which lets many end user applications take advantage
of BearSSL with few or no changes.
The BearSSL static library used presently is stored at
https://github.com/earlephilhower/bearssl-esp8266 and can be built
using the standard ESP8266 toolchain.
