esp8266

arduino/esp8266

Fork 0

mirror of https://github.com/esp8266/Arduino.git synced 2025-04-24 08:45:10 +03:00

Commit Graph

Author	SHA1	Message	Date
Earle F. Philhower, III	8859b818d8	Make CertStore natively use File interface (#6131 ) __This is a breaking change, but the header and example did warn everyone that this API was in flux due to the incompatible SD and SPIFFS File implementations.__ BearSSL CertStores now simply need a filesystem and the names of the data (generated on-chip) and archive (uploaded by user) files on it. No more need to roll your own virtual CertStoreFile class. Update the library, examples, and device test.	2019-05-30 12:53:03 -07:00
Earle F. Philhower, III	2f4380777e	Move BearSSL from STACK_PROXY to a real, thunked 2nd stack (#5168 ) * Update to BearSSL 0.6+ release, add AES_CCM modes Pull in latest BearSSL head (0.6 + minor additions) release and add AES_CCM modes to the encryption options. * Enable the aes_ccm initialization in client/server * Initial attempt * Working code with second stack thunking * Remove #ifdefs in .S file, not needed. * Clean up thunks and remove separate stack flag * Fix PIO assembler errors * Remove #ifdef code changes, ensure same code as PC Remove "#ifdef ESP8266;...;#else;...;#endif" brackets in BearSSL to ensure the host-tested code is the same as the ESP8266-run code. * Move to latest BearSSL w/EC progmem savings * Merge with master * Add br_thunk_* calls to do ref counting, painting Add reference counting br_thunk_add/del_ref() to replace stack handling code in the class. Add in stack painting and max usage calculation. * Add in postmortem stack dump hooks When a crash occurs while in the second stack, dump the BSSL stack and then also the stack that it was called from (either cont or sys). * Update stack dump to match decoder expectations * Move thunk to code core for linkiage The thunk code needs to be visible to the core routines, so move it to the cores/esp8266 directory. Probably need to refactor the stack setup and the bearssl portion to avoid dependency on bearssl libs in cores/esp8266 * Add 2nd stack dump utility routine * Refactor once more, update stack size, add stress Make stack_thunks generic, remove bearssl include inside of cores/esp8266. Allocate the stack on a WiFiServerSecure object creation to avoid fragmentation since we will need to allocate the stack to do any connected work, anyway. A stress test is now included which checks the total BearSSL second stack usage for a variety of TLS handshake and certificate options from badssl.org. * Update to latest to-thunks branch * Add BearSSL device test using stack stress Run a series of SSL connection and transmission tests that stress BearSSL and its stack usage to the device tests. Modify device tests to include a possible SPIFFS generation and upload when a make_spiffs.py file is present in a test directory. * Use bearssl/master branch, not /to-thunks branch Update to use the merged master branch of bearssl. Should have no code changes.	2018-11-14 23:29:24 -03:00

Author

SHA1

Message

Date

Earle F. Philhower, III

8859b818d8

Make CertStore natively use File interface (#6131 )

__This is a breaking change, but the header and example did warn
everyone that this API was in flux due to the incompatible SD and SPIFFS
File implementations.__

BearSSL CertStores now simply need a filesystem and the names of the
data (generated on-chip) and archive (uploaded by user) files on it.
No more need to roll your own virtual CertStoreFile class.

Update the library, examples, and device test.

2019-05-30 12:53:03 -07:00

Earle F. Philhower, III

2f4380777e

Move BearSSL from STACK_PROXY to a real, thunked 2nd stack (#5168 )

* Update to BearSSL 0.6+ release, add AES_CCM modes

Pull in latest BearSSL head (0.6 + minor additions) release and add AES_CCM
modes to the encryption options.

* Enable the aes_ccm initialization in client/server

* Initial attempt

* Working code with second stack thunking

* Remove #ifdefs in .S file, not needed.

* Clean up thunks and remove separate stack flag

* Fix PIO assembler errors

* Remove #ifdef code changes, ensure same code as PC

Remove "#ifdef ESP8266;...;#else;...;#endif" brackets in BearSSL to
ensure the host-tested code is the same as the ESP8266-run code.

* Move to latest BearSSL w/EC progmem savings

* Merge with master

* Add br_thunk_* calls to do ref counting, painting

Add reference counting br_thunk_add/del_ref() to replace stack handling code
in the class.

Add in stack painting and max usage calculation.

* Add in postmortem stack dump hooks

When a crash occurs while in the second stack, dump the BSSL stack and
then also the stack that it was called from (either cont or sys).

* Update stack dump to match decoder expectations

* Move thunk to code core for linkiage

The thunk code needs to be visible to the core routines, so move it to the
cores/esp8266 directory.  Probably need to refactor the stack setup and the
bearssl portion to avoid dependency on bearssl libs in cores/esp8266

* Add 2nd stack dump utility routine

* Refactor once more, update stack size, add stress

Make stack_thunks generic, remove bearssl include inside of cores/esp8266.

Allocate the stack on a WiFiServerSecure object creation to avoid
fragmentation since we will need to allocate the stack to do any
connected work, anyway.

A stress test is now included which checks the total BearSSL second
stack usage for a variety of TLS handshake and certificate options
from badssl.org.

* Update to latest to-thunks branch

* Add BearSSL device test using stack stress

Run a series of SSL connection and transmission tests that stress
BearSSL and its stack usage to the device tests.

Modify device tests to include a possible SPIFFS generation and
upload when a make_spiffs.py file is present in a test directory.

* Use bearssl/master branch, not /to-thunks branch

Update to use the merged master branch of bearssl.  Should have no code
changes.

2018-11-14 23:29:24 -03:00

2 Commits