From acff3c9c596779b43ec45ed3716567e5950a4d46 Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Thu, 28 Sep 2017 09:28:24 +1000 Subject: [PATCH] libsodium: Fix mbedTLS SHA256 & SHA512 implementation, make optional * Only direct invocation of cypto_hash_sha256 & crypto_hash_sha512 produced correct output. * Some remaining header file mixups, so changed approach to wrapping the state structures. * Fixes https://github.com/espressif/esp-idf/issues/1044 (crypto_sign problems) * Add option to disable mbedTLS implementation for SHA256 & SHA512 in libsodium --- components/libsodium/Kconfig | 15 + components/libsodium/component.mk | 14 +- .../crypto_hash_sha256_mbedtls.c | 98 +++++ .../crypto_hash_sha512_mbedtls.c | 101 ++++++ .../port/crypto_hash_sha256_mbedtls.c | 45 --- .../port/crypto_hash_sha512_mbedtls.c | 45 --- components/libsodium/port_include/sodium.h | 6 - .../port_include/sodium/crypto_auth.h | 6 - .../sodium/crypto_auth_hmacsha256.h | 6 - .../sodium/crypto_auth_hmacsha512.h | 5 - .../sodium/crypto_auth_hmacsha512256.h | 6 - .../port_include/sodium/crypto_hash_sha256.h | 66 ---- .../port_include/sodium/crypto_hash_sha512.h | 66 ---- components/libsodium/test/test_sodium.c | 57 +++ tools/unit-test-app/sdkconfig | 337 ++++++++++-------- 15 files changed, 473 insertions(+), 400 deletions(-) create mode 100644 components/libsodium/Kconfig create mode 100644 components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c create mode 100644 components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c delete mode 100644 components/libsodium/port/crypto_hash_sha256_mbedtls.c delete mode 100644 components/libsodium/port/crypto_hash_sha512_mbedtls.c delete mode 100644 components/libsodium/port_include/sodium.h delete mode 100644 components/libsodium/port_include/sodium/crypto_auth.h delete mode 100644 components/libsodium/port_include/sodium/crypto_auth_hmacsha256.h delete mode 100644 components/libsodium/port_include/sodium/crypto_auth_hmacsha512.h delete mode 100644 components/libsodium/port_include/sodium/crypto_auth_hmacsha512256.h delete mode 100644 components/libsodium/port_include/sodium/crypto_hash_sha256.h delete mode 100644 components/libsodium/port_include/sodium/crypto_hash_sha512.h diff --git a/components/libsodium/Kconfig b/components/libsodium/Kconfig new file mode 100644 index 000000000..045538c10 --- /dev/null +++ b/components/libsodium/Kconfig @@ -0,0 +1,15 @@ +menu "libsodium" + +config LIBSODIUM_USE_MBEDTLS_SHA + bool "Use mbedTLS SHA256 & SHA512 implementations" + default y + depends on !MBEDTLS_HARDWARE_SHA + help + If this option is enabled, libsodium will use thin wrappers + around mbedTLS for SHA256 & SHA512 operations. + + This saves some code size if mbedTLS is also used. However it + is incompatible with hardware SHA acceleration (due to the + way libsodium's API manages SHA state). + +endmenu # libsodium diff --git a/components/libsodium/component.mk b/components/libsodium/component.mk index 482fc8e55..9862a274b 100644 --- a/components/libsodium/component.mk +++ b/components/libsodium/component.mk @@ -58,6 +58,14 @@ COMPONENT_SRCDIRS += \ $(LSRC)/randombytes \ $(LSRC)/sodium +ifdef CONFIG_LIBSODIUM_USE_MBEDTLS_SHA +COMPONENT_SRCDIRS += port/crypto_hash_mbedtls +else +COMPONENT_SRCDIRS += \ + $(LSRC)/crypto_hash/sha256/cp \ + $(LSRC)/crypto_hash/sha512/cp +endif + # Fix some warnings in current libsodium source files # (not applied to whole component as we compile some of our own files, also.) $(LSRC)/crypto_pwhash/argon2/argon2-fill-block-ref.o: CFLAGS += -Wno-unknown-pragmas @@ -66,9 +74,9 @@ $(LSRC)/crypto_pwhash/argon2/argon2-core.o: CFLAGS += -Wno-type-limits $(LSRC)/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.o: CFLAGS += -Wno-type-limits $(LSRC)/sodium/utils.o: CFLAGS += -Wno-unused-variable -COMPONENT_ADD_INCLUDEDIRS := port_include $(LSRC)/include -# (port_include repeated here as these include directories come before COMPONENT_ADD_INCLUDEDIRS) -COMPONENT_PRIV_INCLUDEDIRS := port_include port_include/sodium $(LSRC)/include/sodium port +COMPONENT_ADD_INCLUDEDIRS := $(LSRC)/include port_include +COMPONENT_PRIV_INCLUDEDIRS := $(LSRC)/include/sodium port_include/sodium port + # Not using autoconf, but this needs to be set CFLAGS += -DCONFIGURED diff --git a/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c new file mode 100644 index 000000000..b4fb44269 --- /dev/null +++ b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha256_mbedtls.c @@ -0,0 +1,98 @@ +// Copyright 2017 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "crypto_hash_sha256.h" +#include "mbedtls/sha256.h" +#include + +#ifdef MBEDTLS_SHA256_ALT +/* Wrapper only works if the libsodium context structure can be mapped + directly to the mbedTLS context structure. + + See extended comments in crypto_hash_sha512_mbedtls.c +*/ +#error "This wrapper only support standard software mbedTLS SHA" +#endif + +/* Sanity check that all the context fields have identical sizes + (this should be more or less given from the SHA256 algorithm) + + Note that the meaning of the fields is *not* all the same. In libsodium, SHA256 'count' is a 64-bit *bit* count. In + mbedTLS, 'total' is a 2x32-bit *byte* count (count[0] == MSB). + + For this implementation, we don't convert so the libsodium state structure actually holds a binary copy of the + mbedTLS totals. This doesn't matter inside libsodium's documented API, but would matter if any callers try to use + the state's bit count. +*/ +_Static_assert(sizeof(((crypto_hash_sha256_state *)0)->state) == sizeof(((mbedtls_sha256_context *)0)->state), "state mismatch"); +_Static_assert(sizeof(((crypto_hash_sha256_state *)0)->count) == sizeof(((mbedtls_sha256_context *)0)->total), "count mismatch"); +_Static_assert(sizeof(((crypto_hash_sha256_state *)0)->buf) == sizeof(((mbedtls_sha256_context *)0)->buffer), "buf mismatch"); + +/* Inline functions to convert between mbedTLS & libsodium + context structures +*/ + +static void sha256_mbedtls_to_libsodium(crypto_hash_sha256_state *ls_state, const mbedtls_sha256_context *mb_ctx) +{ + memcpy(&ls_state->count, mb_ctx->total, sizeof(ls_state->count)); + memcpy(ls_state->state, mb_ctx->state, sizeof(ls_state->state)); + memcpy(ls_state->buf, mb_ctx->buffer, sizeof(ls_state->buf)); +} + +static void sha256_libsodium_to_mbedtls(mbedtls_sha256_context *mb_ctx, crypto_hash_sha256_state *ls_state) +{ + memcpy(mb_ctx->total, &ls_state->count, sizeof(mb_ctx->total)); + memcpy(mb_ctx->state, ls_state->state, sizeof(mb_ctx->state)); + memcpy(mb_ctx->buffer, ls_state->buf, sizeof(mb_ctx->buffer)); + mb_ctx->is224 = 0; +} + +int +crypto_hash_sha256_init(crypto_hash_sha256_state *state) +{ + mbedtls_sha256_context ctx; + mbedtls_sha256_init(&ctx); + mbedtls_sha256_starts(&ctx, 0); + sha256_mbedtls_to_libsodium(state, &ctx); + return 0; +} + +int +crypto_hash_sha256_update(crypto_hash_sha256_state *state, + const unsigned char *in, unsigned long long inlen) +{ + mbedtls_sha256_context ctx; + sha256_libsodium_to_mbedtls(&ctx, state); + mbedtls_sha256_update(&ctx, in, inlen); + sha256_mbedtls_to_libsodium(state, &ctx); + return 0; +} + +int +crypto_hash_sha256_final(crypto_hash_sha256_state *state, unsigned char *out) +{ + mbedtls_sha256_context ctx; + sha256_libsodium_to_mbedtls(&ctx, state); + mbedtls_sha256_finish(&ctx, out); + sha256_mbedtls_to_libsodium(state, &ctx); + return 0; +} + +int +crypto_hash_sha256(unsigned char *out, const unsigned char *in, + unsigned long long inlen) +{ + mbedtls_sha256(in, inlen, out, 0); + return 0; +} diff --git a/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c new file mode 100644 index 000000000..49fee0ca6 --- /dev/null +++ b/components/libsodium/port/crypto_hash_mbedtls/crypto_hash_sha512_mbedtls.c @@ -0,0 +1,101 @@ +// Copyright 2017 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "crypto_hash_sha512.h" +#include "mbedtls/sha512.h" +#include + +#ifdef MBEDTLS_SHA512_ALT +/* Wrapper only works if the libsodium context structure can be mapped + directly to the mbedTLS context structure. + + For ESP32 hardware SHA, the problems are fitting all the data in + the libsodium state structure, and also that libsodium doesn't + have mbedtls_sha512_free() or mbedtls_sha512_clone() so we can't + manage the hardware state in a clean way. +*/ +#error "This wrapper only support standard software mbedTLS SHA" +#endif + +/* Sanity check that all the context fields have identical sizes + (this should be more or less given from the SHA512 algorithm) + + Note that the meaning of the fields is *not* all the same. In libsodium, + SHA512 'count' is a 2xuin64_t *bit* count where count[0] == MSB. In mbedTLS, + SHA512 'total' is a 2xuint64_t *byte* count where count[0] == LSB. + + For this implementation, we don't convert so the libsodium state structure actually holds a binary copy of the + mbedTLS totals. This doesn't matter inside libsodium's documented API, but would matter if any callers try to use + the state's bit count. +*/ +_Static_assert(sizeof(((crypto_hash_sha512_state *)0)->state) == sizeof(((mbedtls_sha512_context *)0)->state), "state mismatch"); +_Static_assert(sizeof(((crypto_hash_sha512_state *)0)->count) == sizeof(((mbedtls_sha512_context *)0)->total), "count mismatch"); +_Static_assert(sizeof(((crypto_hash_sha512_state *)0)->buf) == sizeof(((mbedtls_sha512_context *)0)->buffer), "buf mismatch"); + +/* Inline functions to convert between mbedTLS & libsodium + context structures +*/ + +static void sha512_mbedtls_to_libsodium(crypto_hash_sha512_state *ls_state, const mbedtls_sha512_context *mb_ctx) +{ + memcpy(ls_state->count, mb_ctx->total, sizeof(ls_state->count)); + memcpy(ls_state->state, mb_ctx->state, sizeof(ls_state->state)); + memcpy(ls_state->buf, mb_ctx->buffer, sizeof(ls_state->buf)); +} + +static void sha512_libsodium_to_mbedtls(mbedtls_sha512_context *mb_ctx, crypto_hash_sha512_state *ls_state) +{ + memcpy(mb_ctx->total, ls_state->count, sizeof(mb_ctx->total)); + memcpy(mb_ctx->state, ls_state->state, sizeof(mb_ctx->state)); + memcpy(mb_ctx->buffer, ls_state->buf, sizeof(mb_ctx->buffer)); + mb_ctx->is384 = 0; +} + +int +crypto_hash_sha512_init(crypto_hash_sha512_state *state) +{ + mbedtls_sha512_context ctx; + mbedtls_sha512_init(&ctx); + mbedtls_sha512_starts(&ctx, 0); + sha512_mbedtls_to_libsodium(state, &ctx); + return 0; +} + +int +crypto_hash_sha512_update(crypto_hash_sha512_state *state, + const unsigned char *in, unsigned long long inlen) +{ + mbedtls_sha512_context ctx; + sha512_libsodium_to_mbedtls(&ctx, state); + mbedtls_sha512_update(&ctx, in, inlen); + sha512_mbedtls_to_libsodium(state, &ctx); + return 0; +} + +int +crypto_hash_sha512_final(crypto_hash_sha512_state *state, unsigned char *out) +{ + mbedtls_sha512_context ctx; + sha512_libsodium_to_mbedtls(&ctx, state); + mbedtls_sha512_finish(&ctx, out); + return 0; +} + +int +crypto_hash_sha512(unsigned char *out, const unsigned char *in, + unsigned long long inlen) +{ + mbedtls_sha512(in, inlen, out, 0); + return 0; +} diff --git a/components/libsodium/port/crypto_hash_sha256_mbedtls.c b/components/libsodium/port/crypto_hash_sha256_mbedtls.c deleted file mode 100644 index dbb8abacb..000000000 --- a/components/libsodium/port/crypto_hash_sha256_mbedtls.c +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2017 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "crypto_hash_sha256.h" - -int -crypto_hash_sha256_init(crypto_hash_sha256_state *state) -{ - mbedtls_sha256_init(state); - return 0; -} - -int -crypto_hash_sha256_update(crypto_hash_sha256_state *state, - const unsigned char *in, unsigned long long inlen) -{ - mbedtls_sha256_update(state, in, inlen); - return 0; -} - -int -crypto_hash_sha256_final(crypto_hash_sha256_state *state, unsigned char *out) -{ - mbedtls_sha256_finish(state, out); - return 0; -} - -int -crypto_hash_sha256(unsigned char *out, const unsigned char *in, - unsigned long long inlen) -{ - mbedtls_sha256(in, inlen, out, 0); - return 0; -} diff --git a/components/libsodium/port/crypto_hash_sha512_mbedtls.c b/components/libsodium/port/crypto_hash_sha512_mbedtls.c deleted file mode 100644 index 22761f394..000000000 --- a/components/libsodium/port/crypto_hash_sha512_mbedtls.c +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2017 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "crypto_hash_sha512.h" - -int -crypto_hash_sha512_init(crypto_hash_sha512_state *state) -{ - mbedtls_sha512_init(state); - return 0; -} - -int -crypto_hash_sha512_update(crypto_hash_sha512_state *state, - const unsigned char *in, unsigned long long inlen) -{ - mbedtls_sha512_update(state, in, inlen); - return 0; -} - -int -crypto_hash_sha512_final(crypto_hash_sha512_state *state, unsigned char *out) -{ - mbedtls_sha512_finish(state, out); - return 0; -} - -int -crypto_hash_sha512(unsigned char *out, const unsigned char *in, - unsigned long long inlen) -{ - mbedtls_sha512(in, inlen, out, 0); - return 0; -} diff --git a/components/libsodium/port_include/sodium.h b/components/libsodium/port_include/sodium.h deleted file mode 100644 index 05ad61357..000000000 --- a/components/libsodium/port_include/sodium.h +++ /dev/null @@ -1,6 +0,0 @@ -/* Shim needed to make sure the mbedTLS-specific - sha256 & 512 headers are included */ -#pragma once -#include "sodium/crypto_hash_sha512.h" -#include "sodium/crypto_hash_sha256.h" -#include_next "sodium.h" diff --git a/components/libsodium/port_include/sodium/crypto_auth.h b/components/libsodium/port_include/sodium/crypto_auth.h deleted file mode 100644 index d877199a9..000000000 --- a/components/libsodium/port_include/sodium/crypto_auth.h +++ /dev/null @@ -1,6 +0,0 @@ -/* Shim needed to make sure the mbedTLS-specific - sha256 & sha512 headers are included */ -#pragma once -#include "crypto_hash_sha512.h" -#include "crypto_hash_sha256.h" -#include_next "sodium/crypto_auth.h" diff --git a/components/libsodium/port_include/sodium/crypto_auth_hmacsha256.h b/components/libsodium/port_include/sodium/crypto_auth_hmacsha256.h deleted file mode 100644 index 1a80a2637..000000000 --- a/components/libsodium/port_include/sodium/crypto_auth_hmacsha256.h +++ /dev/null @@ -1,6 +0,0 @@ -/* Shim needed to make sure the mbedTLS-specific - sha256 header is included */ -#pragma once -#include "crypto_hash_sha256.h" -#include_next "sodium/crypto_auth_hmacsha256.h" - diff --git a/components/libsodium/port_include/sodium/crypto_auth_hmacsha512.h b/components/libsodium/port_include/sodium/crypto_auth_hmacsha512.h deleted file mode 100644 index d296d6184..000000000 --- a/components/libsodium/port_include/sodium/crypto_auth_hmacsha512.h +++ /dev/null @@ -1,5 +0,0 @@ -/* Shim needed to make sure the mbedTLS-specific - sha512 header is included */ -#pragma once -#include "crypto_hash_sha512.h" -#include_next "sodium/crypto_auth_hmacsha512.h" diff --git a/components/libsodium/port_include/sodium/crypto_auth_hmacsha512256.h b/components/libsodium/port_include/sodium/crypto_auth_hmacsha512256.h deleted file mode 100644 index af50b238d..000000000 --- a/components/libsodium/port_include/sodium/crypto_auth_hmacsha512256.h +++ /dev/null @@ -1,6 +0,0 @@ -/* Shim needed to make sure the mbedTLS-specific - sha256 & sha512 headers are included */ -#pragma once -#include "crypto_hash_sha512.h" -#include "crypto_hash_sha256.h" -#include_next "sodium/crypto_auth_hmacsha512256.h" diff --git a/components/libsodium/port_include/sodium/crypto_hash_sha256.h b/components/libsodium/port_include/sodium/crypto_hash_sha256.h deleted file mode 100644 index c66a97a45..000000000 --- a/components/libsodium/port_include/sodium/crypto_hash_sha256.h +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2017 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -#ifndef crypto_hash_sha256_H -#define crypto_hash_sha256_H - -/* This is a wrapper for libsodium sha256 that calls back to - the mbedTLS implementation (to reduce code size, improve - performance, provide hardware acceleration option). -*/ - -#include -#include -#include - -#include - -#include "sodium/export.h" - -#ifdef __cplusplus -# ifdef __GNUC__ -# pragma GCC diagnostic ignored "-Wlong-long" -# endif -extern "C" { -#endif - -typedef mbedtls_sha256_context crypto_hash_sha256_state; - -SODIUM_EXPORT -size_t crypto_hash_sha256_statebytes(void); - -#define crypto_hash_sha256_BYTES 32U -SODIUM_EXPORT -size_t crypto_hash_sha256_bytes(void); - -SODIUM_EXPORT -int crypto_hash_sha256(unsigned char *out, const unsigned char *in, - unsigned long long inlen); - -SODIUM_EXPORT -int crypto_hash_sha256_init(crypto_hash_sha256_state *state); - -SODIUM_EXPORT -int crypto_hash_sha256_update(crypto_hash_sha256_state *state, - const unsigned char *in, - unsigned long long inlen); - -SODIUM_EXPORT -int crypto_hash_sha256_final(crypto_hash_sha256_state *state, - unsigned char *out); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/components/libsodium/port_include/sodium/crypto_hash_sha512.h b/components/libsodium/port_include/sodium/crypto_hash_sha512.h deleted file mode 100644 index f173eeb1a..000000000 --- a/components/libsodium/port_include/sodium/crypto_hash_sha512.h +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2017 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -#ifndef crypto_hash_sha512_H -#define crypto_hash_sha512_H - -/* This is a wrapper for libsodium sha512 that calls back to - the mbedTLS implementation (to reduce code size, improve - performance, provide hardware acceleration option). -*/ - -#include -#include -#include - -#include - -#include "sodium/export.h" - -#ifdef __cplusplus -# ifdef __GNUC__ -# pragma GCC diagnostic ignored "-Wlong-long" -# endif -extern "C" { -#endif - -typedef mbedtls_sha512_context crypto_hash_sha512_state; - -SODIUM_EXPORT -size_t crypto_hash_sha512_statebytes(void); - -#define crypto_hash_sha512_BYTES 64U -SODIUM_EXPORT -size_t crypto_hash_sha512_bytes(void); - -SODIUM_EXPORT -int crypto_hash_sha512(unsigned char *out, const unsigned char *in, - unsigned long long inlen); - -SODIUM_EXPORT -int crypto_hash_sha512_init(crypto_hash_sha512_state *state); - -SODIUM_EXPORT -int crypto_hash_sha512_update(crypto_hash_sha512_state *state, - const unsigned char *in, - unsigned long long inlen); - -SODIUM_EXPORT -int crypto_hash_sha512_final(crypto_hash_sha512_state *state, - unsigned char *out); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/components/libsodium/test/test_sodium.c b/components/libsodium/test/test_sodium.c index 9c9cd33dc..7a9f096da 100644 --- a/components/libsodium/test/test_sodium.c +++ b/components/libsodium/test/test_sodium.c @@ -1,4 +1,6 @@ #include "unity.h" +#include "sodium/crypto_hash_sha256.h" +#include "sodium/crypto_hash_sha512.h" /* Note: a lot of these libsodium test programs assert() things, but they're not complete unit tests - most expect output to be compared to the matching .exp file. @@ -59,4 +61,59 @@ TEST_CASE("hash tests", "[libsodium]") TEST_ASSERT_EQUAL(0, hash_xmain() ); } +TEST_CASE("sha256 sanity check", "[libsodium]") +{ + const uint8_t expected[] = { 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, + 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, + 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10, 0xff, + 0x61, 0xf2, 0x00, 0x15, 0xad, }; + uint8_t calculated[32]; + crypto_hash_sha256_state state; + const uint8_t *in = (const uint8_t *)"abc"; + const size_t inlen = 3; + + // One-liner version + crypto_hash_sha256(calculated, in, inlen); + TEST_ASSERT_EQUAL(sizeof(calculated), sizeof(expected)); + TEST_ASSERT_EQUAL(sizeof(calculated), crypto_hash_sha256_bytes()); + TEST_ASSERT_EQUAL_MEMORY(expected, calculated, crypto_hash_sha256_bytes()); + + // Multi-line version + crypto_hash_sha256_init(&state); + crypto_hash_sha256_update(&state, in, inlen - 1); // split into two updates + crypto_hash_sha256_update(&state, in + (inlen -1), 1); + crypto_hash_sha256_final(&state, calculated); + TEST_ASSERT_EQUAL_MEMORY(expected, calculated, crypto_hash_sha256_bytes()); +} + +TEST_CASE("sha512 sanity check", "[libsodium]") +{ + const uint8_t expected[] = { 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, + 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, 0x12, 0xe6, + 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, + 0xe6, 0x4b, 0x55, 0xd3, 0x9a, 0x21, 0x92, 0x99, 0x2a, + 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, + 0xfe, 0xeb, 0xbd, 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, + 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, + 0x9f }; + + uint8_t calculated[64]; + crypto_hash_sha512_state state; + + const uint8_t *in = (const uint8_t *)"abc"; + const size_t inlen = 3; + + // One-liner version + crypto_hash_sha512(calculated, in, inlen); + TEST_ASSERT_EQUAL(sizeof(calculated), sizeof(expected)); + TEST_ASSERT_EQUAL(sizeof(calculated), crypto_hash_sha512_bytes()); + TEST_ASSERT_EQUAL_MEMORY(expected, calculated, crypto_hash_sha512_bytes()); + + // Multi-line version + crypto_hash_sha512_init(&state); + crypto_hash_sha512_update(&state, in, inlen - 1); // split into two updates + crypto_hash_sha512_update(&state, in + (inlen -1), 1); + crypto_hash_sha512_final(&state, calculated); + TEST_ASSERT_EQUAL_MEMORY(expected, calculated, crypto_hash_sha512_bytes()); +} diff --git a/tools/unit-test-app/sdkconfig b/tools/unit-test-app/sdkconfig index b11a35cef..1d261c0a2 100644 --- a/tools/unit-test-app/sdkconfig +++ b/tools/unit-test-app/sdkconfig @@ -8,74 +8,75 @@ # CONFIG_TOOLPREFIX="xtensa-esp32-elf-" CONFIG_PYTHON="python" +CONFIG_MAKE_WARN_UNDEFINED_VARIABLES=y # # Bootloader config # -# CONFIG_LOG_BOOTLOADER_LEVEL_NONE is not set -# CONFIG_LOG_BOOTLOADER_LEVEL_ERROR is not set +CONFIG_LOG_BOOTLOADER_LEVEL_NONE= +CONFIG_LOG_BOOTLOADER_LEVEL_ERROR= CONFIG_LOG_BOOTLOADER_LEVEL_WARN=y -# CONFIG_LOG_BOOTLOADER_LEVEL_INFO is not set -# CONFIG_LOG_BOOTLOADER_LEVEL_DEBUG is not set -# CONFIG_LOG_BOOTLOADER_LEVEL_VERBOSE is not set +CONFIG_LOG_BOOTLOADER_LEVEL_INFO= +CONFIG_LOG_BOOTLOADER_LEVEL_DEBUG= +CONFIG_LOG_BOOTLOADER_LEVEL_VERBOSE= CONFIG_LOG_BOOTLOADER_LEVEL=2 # # Security features # -# CONFIG_SECURE_BOOT_ENABLED is not set -# CONFIG_FLASH_ENCRYPTION_ENABLED is not set +CONFIG_SECURE_BOOT_ENABLED= +CONFIG_FLASH_ENCRYPTION_ENABLED= # # Serial flasher config # CONFIG_ESPTOOLPY_PORT="/dev/ttyUSB0" -# CONFIG_ESPTOOLPY_BAUD_115200B is not set -# CONFIG_ESPTOOLPY_BAUD_230400B is not set +CONFIG_ESPTOOLPY_BAUD_115200B= +CONFIG_ESPTOOLPY_BAUD_230400B= CONFIG_ESPTOOLPY_BAUD_921600B=y -# CONFIG_ESPTOOLPY_BAUD_2MB is not set -# CONFIG_ESPTOOLPY_BAUD_OTHER is not set +CONFIG_ESPTOOLPY_BAUD_2MB= +CONFIG_ESPTOOLPY_BAUD_OTHER= CONFIG_ESPTOOLPY_BAUD_OTHER_VAL=115200 CONFIG_ESPTOOLPY_BAUD=921600 CONFIG_ESPTOOLPY_COMPRESSED=y -# CONFIG_FLASHMODE_QIO is not set -# CONFIG_FLASHMODE_QOUT is not set +CONFIG_FLASHMODE_QIO= +CONFIG_FLASHMODE_QOUT= CONFIG_FLASHMODE_DIO=y -# CONFIG_FLASHMODE_DOUT is not set +CONFIG_FLASHMODE_DOUT= CONFIG_ESPTOOLPY_FLASHMODE="dio" -# CONFIG_ESPTOOLPY_FLASHFREQ_80M is not set +CONFIG_ESPTOOLPY_FLASHFREQ_80M= CONFIG_ESPTOOLPY_FLASHFREQ_40M=y -# CONFIG_ESPTOOLPY_FLASHFREQ_26M is not set -# CONFIG_ESPTOOLPY_FLASHFREQ_20M is not set +CONFIG_ESPTOOLPY_FLASHFREQ_26M= +CONFIG_ESPTOOLPY_FLASHFREQ_20M= CONFIG_ESPTOOLPY_FLASHFREQ="40m" -# CONFIG_ESPTOOLPY_FLASHSIZE_1MB is not set -# CONFIG_ESPTOOLPY_FLASHSIZE_2MB is not set +CONFIG_ESPTOOLPY_FLASHSIZE_1MB= +CONFIG_ESPTOOLPY_FLASHSIZE_2MB= CONFIG_ESPTOOLPY_FLASHSIZE_4MB=y -# CONFIG_ESPTOOLPY_FLASHSIZE_8MB is not set -# CONFIG_ESPTOOLPY_FLASHSIZE_16MB is not set +CONFIG_ESPTOOLPY_FLASHSIZE_8MB= +CONFIG_ESPTOOLPY_FLASHSIZE_16MB= CONFIG_ESPTOOLPY_FLASHSIZE="4MB" CONFIG_ESPTOOLPY_FLASHSIZE_DETECT=y CONFIG_ESPTOOLPY_BEFORE_RESET=y -# CONFIG_ESPTOOLPY_BEFORE_NORESET is not set +CONFIG_ESPTOOLPY_BEFORE_NORESET= CONFIG_ESPTOOLPY_BEFORE="default_reset" CONFIG_ESPTOOLPY_AFTER_RESET=y -# CONFIG_ESPTOOLPY_AFTER_NORESET is not set +CONFIG_ESPTOOLPY_AFTER_NORESET= CONFIG_ESPTOOLPY_AFTER="hard_reset" -# CONFIG_MONITOR_BAUD_9600B is not set -# CONFIG_MONITOR_BAUD_57600B is not set +CONFIG_MONITOR_BAUD_9600B= +CONFIG_MONITOR_BAUD_57600B= CONFIG_MONITOR_BAUD_115200B=y -# CONFIG_MONITOR_BAUD_230400B is not set -# CONFIG_MONITOR_BAUD_921600B is not set -# CONFIG_MONITOR_BAUD_2MB is not set -# CONFIG_MONITOR_BAUD_OTHER is not set +CONFIG_MONITOR_BAUD_230400B= +CONFIG_MONITOR_BAUD_921600B= +CONFIG_MONITOR_BAUD_2MB= +CONFIG_MONITOR_BAUD_OTHER= CONFIG_MONITOR_BAUD_OTHER_VAL=115200 CONFIG_MONITOR_BAUD=115200 # # Partition Table # -# CONFIG_PARTITION_TABLE_SINGLE_APP is not set -# CONFIG_PARTITION_TABLE_TWO_OTA is not set +CONFIG_PARTITION_TABLE_SINGLE_APP= +CONFIG_PARTITION_TABLE_TWO_OTA= CONFIG_PARTITION_TABLE_CUSTOM=y CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partition_table_unit_test_app.csv" CONFIG_PARTITION_TABLE_CUSTOM_APP_BIN_OFFSET=0x10000 @@ -86,10 +87,10 @@ CONFIG_APP_OFFSET=0x10000 # Compiler options # CONFIG_OPTIMIZATION_LEVEL_DEBUG=y -# CONFIG_OPTIMIZATION_LEVEL_RELEASE is not set +CONFIG_OPTIMIZATION_LEVEL_RELEASE= CONFIG_OPTIMIZATION_ASSERTIONS_ENABLED=y -# CONFIG_OPTIMIZATION_ASSERTIONS_SILENT is not set -# CONFIG_OPTIMIZATION_ASSERTIONS_DISABLED is not set +CONFIG_OPTIMIZATION_ASSERTIONS_SILENT= +CONFIG_OPTIMIZATION_ASSERTIONS_DISABLED= # # Component config @@ -98,36 +99,36 @@ CONFIG_OPTIMIZATION_ASSERTIONS_ENABLED=y # # Application Level Tracing # -# CONFIG_ESP32_APPTRACE_DEST_TRAX is not set +CONFIG_ESP32_APPTRACE_DEST_TRAX= CONFIG_ESP32_APPTRACE_DEST_NONE=y -# CONFIG_ESP32_APPTRACE_ENABLE is not set +CONFIG_ESP32_APPTRACE_ENABLE= CONFIG_ESP32_APPTRACE_LOCK_ENABLE=y # # FreeRTOS SystemView Tracing # -# CONFIG_AWS_IOT_SDK is not set -# CONFIG_BT_ENABLED is not set +CONFIG_AWS_IOT_SDK= +CONFIG_BT_ENABLED= CONFIG_BT_RESERVE_DRAM=0 # # ESP32-specific # -# CONFIG_ESP32_DEFAULT_CPU_FREQ_80 is not set -# CONFIG_ESP32_DEFAULT_CPU_FREQ_160 is not set +CONFIG_ESP32_DEFAULT_CPU_FREQ_80= +CONFIG_ESP32_DEFAULT_CPU_FREQ_160= CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ=240 CONFIG_MEMMAP_SMP=y -# CONFIG_SPIRAM_SUPPORT is not set -# CONFIG_MEMMAP_TRACEMEM is not set -# CONFIG_MEMMAP_TRACEMEM_TWOBANKS is not set -# CONFIG_ESP32_TRAX is not set +CONFIG_SPIRAM_SUPPORT= +CONFIG_MEMMAP_TRACEMEM= +CONFIG_MEMMAP_TRACEMEM_TWOBANKS= +CONFIG_ESP32_TRAX= CONFIG_TRACEMEM_RESERVE_DRAM=0x0 -# CONFIG_ESP32_ENABLE_COREDUMP_TO_FLASH is not set -# CONFIG_ESP32_ENABLE_COREDUMP_TO_UART is not set +CONFIG_ESP32_ENABLE_COREDUMP_TO_FLASH= +CONFIG_ESP32_ENABLE_COREDUMP_TO_UART= CONFIG_ESP32_ENABLE_COREDUMP_TO_NONE=y -# CONFIG_ESP32_ENABLE_COREDUMP is not set -# CONFIG_TWO_UNIVERSAL_MAC_ADDRESS is not set +CONFIG_ESP32_ENABLE_COREDUMP= +CONFIG_TWO_UNIVERSAL_MAC_ADDRESS= CONFIG_FOUR_UNIVERSAL_MAC_ADDRESS=y CONFIG_NUMBER_OF_UNIVERSAL_MAC_ADDRESS=4 CONFIG_SYSTEM_EVENT_QUEUE_SIZE=32 @@ -136,59 +137,59 @@ CONFIG_MAIN_TASK_STACK_SIZE=4096 CONFIG_IPC_TASK_STACK_SIZE=1024 CONFIG_TIMER_TASK_STACK_SIZE=4096 CONFIG_NEWLIB_STDOUT_LINE_ENDING_CRLF=y -# CONFIG_NEWLIB_STDOUT_LINE_ENDING_LF is not set -# CONFIG_NEWLIB_STDOUT_LINE_ENDING_CR is not set -# CONFIG_NEWLIB_STDIN_LINE_ENDING_CRLF is not set -# CONFIG_NEWLIB_STDIN_LINE_ENDING_LF is not set +CONFIG_NEWLIB_STDOUT_LINE_ENDING_LF= +CONFIG_NEWLIB_STDOUT_LINE_ENDING_CR= +CONFIG_NEWLIB_STDIN_LINE_ENDING_CRLF= +CONFIG_NEWLIB_STDIN_LINE_ENDING_LF= CONFIG_NEWLIB_STDIN_LINE_ENDING_CR=y -# CONFIG_NEWLIB_NANO_FORMAT is not set +CONFIG_NEWLIB_NANO_FORMAT= CONFIG_CONSOLE_UART_DEFAULT=y -# CONFIG_CONSOLE_UART_CUSTOM is not set -# CONFIG_CONSOLE_UART_NONE is not set +CONFIG_CONSOLE_UART_CUSTOM= +CONFIG_CONSOLE_UART_NONE= CONFIG_CONSOLE_UART_NUM=0 CONFIG_CONSOLE_UART_BAUDRATE=115200 CONFIG_ULP_COPROC_ENABLED=y CONFIG_ULP_COPROC_RESERVE_MEM=512 -# CONFIG_ESP32_PANIC_PRINT_HALT is not set +CONFIG_ESP32_PANIC_PRINT_HALT= CONFIG_ESP32_PANIC_PRINT_REBOOT=y -# CONFIG_ESP32_PANIC_SILENT_REBOOT is not set -# CONFIG_ESP32_PANIC_GDBSTUB is not set +CONFIG_ESP32_PANIC_SILENT_REBOOT= +CONFIG_ESP32_PANIC_GDBSTUB= CONFIG_ESP32_DEBUG_OCDAWARE=y CONFIG_INT_WDT=y CONFIG_INT_WDT_TIMEOUT_MS=300 CONFIG_INT_WDT_CHECK_CPU1=y -# CONFIG_TASK_WDT is not set +CONFIG_TASK_WDT= CONFIG_BROWNOUT_DET=y CONFIG_BROWNOUT_DET_LVL_SEL_0=y -# CONFIG_BROWNOUT_DET_LVL_SEL_1 is not set -# CONFIG_BROWNOUT_DET_LVL_SEL_2 is not set -# CONFIG_BROWNOUT_DET_LVL_SEL_3 is not set -# CONFIG_BROWNOUT_DET_LVL_SEL_4 is not set -# CONFIG_BROWNOUT_DET_LVL_SEL_5 is not set -# CONFIG_BROWNOUT_DET_LVL_SEL_6 is not set -# CONFIG_BROWNOUT_DET_LVL_SEL_7 is not set +CONFIG_BROWNOUT_DET_LVL_SEL_1= +CONFIG_BROWNOUT_DET_LVL_SEL_2= +CONFIG_BROWNOUT_DET_LVL_SEL_3= +CONFIG_BROWNOUT_DET_LVL_SEL_4= +CONFIG_BROWNOUT_DET_LVL_SEL_5= +CONFIG_BROWNOUT_DET_LVL_SEL_6= +CONFIG_BROWNOUT_DET_LVL_SEL_7= CONFIG_BROWNOUT_DET_LVL=0 -# CONFIG_ESP32_TIME_SYSCALL_USE_RTC is not set +CONFIG_ESP32_TIME_SYSCALL_USE_RTC= CONFIG_ESP32_TIME_SYSCALL_USE_RTC_FRC1=y -# CONFIG_ESP32_TIME_SYSCALL_USE_FRC1 is not set -# CONFIG_ESP32_TIME_SYSCALL_USE_NONE is not set +CONFIG_ESP32_TIME_SYSCALL_USE_FRC1= +CONFIG_ESP32_TIME_SYSCALL_USE_NONE= CONFIG_ESP32_RTC_CLOCK_SOURCE_INTERNAL_RC=y -# CONFIG_ESP32_RTC_CLOCK_SOURCE_EXTERNAL_CRYSTAL is not set +CONFIG_ESP32_RTC_CLOCK_SOURCE_EXTERNAL_CRYSTAL= CONFIG_ESP32_RTC_CLK_CAL_CYCLES=1024 CONFIG_ESP32_DEEP_SLEEP_WAKEUP_DELAY=2000 -# CONFIG_ESP32_XTAL_FREQ_40 is not set -# CONFIG_ESP32_XTAL_FREQ_26 is not set +CONFIG_ESP32_XTAL_FREQ_40= +CONFIG_ESP32_XTAL_FREQ_26= CONFIG_ESP32_XTAL_FREQ_AUTO=y CONFIG_ESP32_XTAL_FREQ=0 -# CONFIG_DISABLE_BASIC_ROM_CONSOLE is not set -# CONFIG_NO_BLOBS is not set +CONFIG_DISABLE_BASIC_ROM_CONSOLE= +CONFIG_NO_BLOBS= # # Wi-Fi # CONFIG_ESP32_WIFI_STATIC_RX_BUFFER_NUM=10 CONFIG_ESP32_WIFI_DYNAMIC_RX_BUFFER_NUM=0 -# CONFIG_ESP32_WIFI_STATIC_TX_BUFFER is not set +CONFIG_ESP32_WIFI_STATIC_TX_BUFFER= CONFIG_ESP32_WIFI_DYNAMIC_TX_BUFFER=y CONFIG_ESP32_WIFI_TX_BUFFER_TYPE=1 CONFIG_ESP32_WIFI_DYNAMIC_TX_BUFFER_NUM=32 @@ -198,10 +199,10 @@ CONFIG_ESP32_WIFI_RX_BA_WIN=6 CONFIG_ESP32_WIFI_NVS_ENABLED=y # -# Phy +# PHY # CONFIG_ESP32_PHY_CALIBRATION_AND_DATA_STORAGE=y -# CONFIG_ESP32_PHY_INIT_DATA_IN_PARTITION is not set +CONFIG_ESP32_PHY_INIT_DATA_IN_PARTITION= CONFIG_ESP32_PHY_MAX_WIFI_TX_POWER=20 CONFIG_ESP32_PHY_MAX_TX_POWER=20 @@ -210,97 +211,106 @@ CONFIG_ESP32_PHY_MAX_TX_POWER=20 # CONFIG_DMA_RX_BUF_NUM=10 CONFIG_DMA_TX_BUF_NUM=10 -# CONFIG_EMAC_L2_TO_L3_RX_BUF_MODE is not set +CONFIG_EMAC_L2_TO_L3_RX_BUF_MODE= CONFIG_EMAC_TASK_PRIORITY=20 # # FAT Filesystem support # CONFIG_FATFS_CODEPAGE_ASCII=y -# CONFIG_FATFS_CODEPAGE_437 is not set -# CONFIG_FATFS_CODEPAGE_720 is not set -# CONFIG_FATFS_CODEPAGE_737 is not set -# CONFIG_FATFS_CODEPAGE_771 is not set -# CONFIG_FATFS_CODEPAGE_775 is not set -# CONFIG_FATFS_CODEPAGE_850 is not set -# CONFIG_FATFS_CODEPAGE_852 is not set -# CONFIG_FATFS_CODEPAGE_855 is not set -# CONFIG_FATFS_CODEPAGE_857 is not set -# CONFIG_FATFS_CODEPAGE_860 is not set -# CONFIG_FATFS_CODEPAGE_861 is not set -# CONFIG_FATFS_CODEPAGE_862 is not set -# CONFIG_FATFS_CODEPAGE_863 is not set -# CONFIG_FATFS_CODEPAGE_864 is not set -# CONFIG_FATFS_CODEPAGE_865 is not set -# CONFIG_FATFS_CODEPAGE_866 is not set -# CONFIG_FATFS_CODEPAGE_869 is not set -# CONFIG_FATFS_CODEPAGE_932 is not set -# CONFIG_FATFS_CODEPAGE_936 is not set -# CONFIG_FATFS_CODEPAGE_949 is not set -# CONFIG_FATFS_CODEPAGE_950 is not set +CONFIG_FATFS_CODEPAGE_437= +CONFIG_FATFS_CODEPAGE_720= +CONFIG_FATFS_CODEPAGE_737= +CONFIG_FATFS_CODEPAGE_771= +CONFIG_FATFS_CODEPAGE_775= +CONFIG_FATFS_CODEPAGE_850= +CONFIG_FATFS_CODEPAGE_852= +CONFIG_FATFS_CODEPAGE_855= +CONFIG_FATFS_CODEPAGE_857= +CONFIG_FATFS_CODEPAGE_860= +CONFIG_FATFS_CODEPAGE_861= +CONFIG_FATFS_CODEPAGE_862= +CONFIG_FATFS_CODEPAGE_863= +CONFIG_FATFS_CODEPAGE_864= +CONFIG_FATFS_CODEPAGE_865= +CONFIG_FATFS_CODEPAGE_866= +CONFIG_FATFS_CODEPAGE_869= +CONFIG_FATFS_CODEPAGE_932= +CONFIG_FATFS_CODEPAGE_936= +CONFIG_FATFS_CODEPAGE_949= +CONFIG_FATFS_CODEPAGE_950= CONFIG_FATFS_CODEPAGE=1 CONFIG_FATFS_MAX_LFN=255 # # FreeRTOS # -# CONFIG_FREERTOS_UNICORE is not set +CONFIG_FREERTOS_UNICORE= CONFIG_FREERTOS_CORETIMER_0=y -# CONFIG_FREERTOS_CORETIMER_1 is not set +CONFIG_FREERTOS_CORETIMER_1= CONFIG_FREERTOS_HZ=1000 CONFIG_FREERTOS_ASSERT_ON_UNTESTED_FUNCTION=y -# CONFIG_FREERTOS_CHECK_STACKOVERFLOW_NONE is not set -# CONFIG_FREERTOS_CHECK_STACKOVERFLOW_PTRVAL is not set +CONFIG_FREERTOS_CHECK_STACKOVERFLOW_NONE= +CONFIG_FREERTOS_CHECK_STACKOVERFLOW_PTRVAL= CONFIG_FREERTOS_CHECK_STACKOVERFLOW_CANARY=y CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK=y +CONFIG_FREERTOS_INTERRUPT_BACKTRACE=y CONFIG_FREERTOS_THREAD_LOCAL_STORAGE_POINTERS=3 CONFIG_FREERTOS_ASSERT_FAIL_ABORT=y -# CONFIG_FREERTOS_ASSERT_FAIL_PRINT_CONTINUE is not set -# CONFIG_FREERTOS_ASSERT_DISABLE is not set +CONFIG_FREERTOS_ASSERT_FAIL_PRINT_CONTINUE= +CONFIG_FREERTOS_ASSERT_DISABLE= CONFIG_FREERTOS_BREAK_ON_SCHEDULER_START_JTAG=y -# CONFIG_ENABLE_MEMORY_DEBUG is not set +CONFIG_ENABLE_MEMORY_DEBUG= CONFIG_FREERTOS_IDLE_TASK_STACKSIZE=1024 CONFIG_FREERTOS_ISR_STACKSIZE=1536 -# CONFIG_FREERTOS_LEGACY_HOOKS is not set +CONFIG_FREERTOS_LEGACY_HOOKS= CONFIG_FREERTOS_MAX_TASK_NAME_LEN=16 -# CONFIG_SUPPORT_STATIC_ALLOCATION is not set +CONFIG_SUPPORT_STATIC_ALLOCATION= CONFIG_TIMER_TASK_PRIORITY=1 CONFIG_TIMER_TASK_STACK_DEPTH=2048 CONFIG_TIMER_QUEUE_LENGTH=10 -# CONFIG_FREERTOS_DEBUG_INTERNALS is not set +CONFIG_FREERTOS_DEBUG_INTERNALS= # # Heap memory debugging # -# CONFIG_HEAP_POISONING_DISABLED is not set -# CONFIG_HEAP_POISONING_LIGHT is not set +CONFIG_HEAP_POISONING_DISABLED= +CONFIG_HEAP_POISONING_LIGHT= CONFIG_HEAP_POISONING_COMPREHENSIVE=y CONFIG_HEAP_TRACING=y CONFIG_HEAP_TRACING_STACK_DEPTH=2 +# +# libsodium +# +CONFIG_LIBSODIUM_USE_MBEDTLS_SHA=y + # # Log output # -# CONFIG_LOG_DEFAULT_LEVEL_NONE is not set -# CONFIG_LOG_DEFAULT_LEVEL_ERROR is not set -# CONFIG_LOG_DEFAULT_LEVEL_WARN is not set +CONFIG_LOG_DEFAULT_LEVEL_NONE= +CONFIG_LOG_DEFAULT_LEVEL_ERROR= +CONFIG_LOG_DEFAULT_LEVEL_WARN= CONFIG_LOG_DEFAULT_LEVEL_INFO=y -# CONFIG_LOG_DEFAULT_LEVEL_DEBUG is not set -# CONFIG_LOG_DEFAULT_LEVEL_VERBOSE is not set +CONFIG_LOG_DEFAULT_LEVEL_DEBUG= +CONFIG_LOG_DEFAULT_LEVEL_VERBOSE= CONFIG_LOG_DEFAULT_LEVEL=3 CONFIG_LOG_COLORS=y # # LWIP # -# CONFIG_L2_TO_L3_COPY is not set +CONFIG_L2_TO_L3_COPY= CONFIG_LWIP_MAX_SOCKETS=4 CONFIG_LWIP_THREAD_LOCAL_STORAGE_INDEX=0 -# CONFIG_LWIP_SO_REUSE is not set -# CONFIG_LWIP_SO_RCVBUF is not set +CONFIG_LWIP_SO_REUSE= +CONFIG_LWIP_SO_RCVBUF= CONFIG_LWIP_DHCP_MAX_NTP_SERVERS=1 -# CONFIG_LWIP_IP_FRAG is not set -# CONFIG_LWIP_IP_REASSEMBLY is not set +CONFIG_LWIP_IP_FRAG= +CONFIG_LWIP_IP_REASSEMBLY= +CONFIG_LWIP_STATS= +CONFIG_LWIP_ETHARP_TRUST_IP_MAC=y +CONFIG_TCPIP_RECVMBOX_SIZE=32 # # TCP @@ -308,43 +318,44 @@ CONFIG_LWIP_DHCP_MAX_NTP_SERVERS=1 CONFIG_TCP_MAXRTX=12 CONFIG_TCP_SYNMAXRTX=6 CONFIG_TCP_MSS=1436 +CONFIG_TCP_MSL=60000 CONFIG_TCP_SND_BUF_DEFAULT=5744 CONFIG_TCP_WND_DEFAULT=5744 CONFIG_TCP_RECVMBOX_SIZE=6 CONFIG_TCP_QUEUE_OOSEQ=y CONFIG_TCP_OVERSIZE_MSS=y -# CONFIG_TCP_OVERSIZE_QUARTER_MSS is not set -# CONFIG_TCP_OVERSIZE_DISABLE is not set +CONFIG_TCP_OVERSIZE_QUARTER_MSS= +CONFIG_TCP_OVERSIZE_DISABLE= # # UDP # CONFIG_UDP_RECVMBOX_SIZE=6 -# CONFIG_LWIP_DHCP_DOES_ARP_CHECK is not set +CONFIG_LWIP_DHCP_DOES_ARP_CHECK= CONFIG_TCPIP_TASK_STACK_SIZE=2048 -# CONFIG_PPP_SUPPORT is not set +CONFIG_PPP_SUPPORT= # # ICMP # -# CONFIG_LWIP_MULTICAST_PING is not set -# CONFIG_LWIP_BROADCAST_PING is not set +CONFIG_LWIP_MULTICAST_PING= +CONFIG_LWIP_BROADCAST_PING= # # mbedTLS # CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=16384 -# CONFIG_MBEDTLS_DEBUG is not set +CONFIG_MBEDTLS_DEBUG= CONFIG_MBEDTLS_HARDWARE_AES=y CONFIG_MBEDTLS_HARDWARE_MPI=y CONFIG_MBEDTLS_MPI_USE_INTERRUPT=y CONFIG_MBEDTLS_HARDWARE_SHA=y CONFIG_MBEDTLS_HAVE_TIME=y -# CONFIG_MBEDTLS_HAVE_TIME_DATE is not set +CONFIG_MBEDTLS_HAVE_TIME_DATE= CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=y -# CONFIG_MBEDTLS_TLS_SERVER_ONLY is not set -# CONFIG_MBEDTLS_TLS_CLIENT_ONLY is not set -# CONFIG_MBEDTLS_TLS_DISABLED is not set +CONFIG_MBEDTLS_TLS_SERVER_ONLY= +CONFIG_MBEDTLS_TLS_CLIENT_ONLY= +CONFIG_MBEDTLS_TLS_DISABLED= CONFIG_MBEDTLS_TLS_SERVER=y CONFIG_MBEDTLS_TLS_CLIENT=y CONFIG_MBEDTLS_TLS_ENABLED=y @@ -352,7 +363,7 @@ CONFIG_MBEDTLS_TLS_ENABLED=y # # TLS Key Exchange Methods # -# CONFIG_MBEDTLS_PSK_MODES is not set +CONFIG_MBEDTLS_PSK_MODES= CONFIG_MBEDTLS_KEY_EXCHANGE_RSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_DHE_RSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ELLIPTIC_CURVE=y @@ -361,11 +372,11 @@ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA=y CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA=y CONFIG_MBEDTLS_SSL_RENEGOTIATION=y -# CONFIG_MBEDTLS_SSL_PROTO_SSL3 is not set +CONFIG_MBEDTLS_SSL_PROTO_SSL3= CONFIG_MBEDTLS_SSL_PROTO_TLS1=y CONFIG_MBEDTLS_SSL_PROTO_TLS1_1=y CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y -# CONFIG_MBEDTLS_SSL_PROTO_DTLS is not set +CONFIG_MBEDTLS_SSL_PROTO_DTLS= CONFIG_MBEDTLS_SSL_ALPN=y CONFIG_MBEDTLS_SSL_SESSION_TICKETS=y @@ -373,16 +384,16 @@ CONFIG_MBEDTLS_SSL_SESSION_TICKETS=y # Symmetric Ciphers # CONFIG_MBEDTLS_AES_C=y -# CONFIG_MBEDTLS_CAMELLIA_C is not set -# CONFIG_MBEDTLS_DES_C is not set +CONFIG_MBEDTLS_CAMELLIA_C= +CONFIG_MBEDTLS_DES_C= CONFIG_MBEDTLS_RC4_DISABLED=y -# CONFIG_MBEDTLS_RC4_ENABLED_NO_DEFAULT is not set -# CONFIG_MBEDTLS_RC4_ENABLED is not set -# CONFIG_MBEDTLS_BLOWFISH_C is not set -# CONFIG_MBEDTLS_XTEA_C is not set +CONFIG_MBEDTLS_RC4_ENABLED_NO_DEFAULT= +CONFIG_MBEDTLS_RC4_ENABLED= +CONFIG_MBEDTLS_BLOWFISH_C= +CONFIG_MBEDTLS_XTEA_C= CONFIG_MBEDTLS_CCM_C=y CONFIG_MBEDTLS_GCM_C=y -# CONFIG_MBEDTLS_RIPEMD160_C is not set +CONFIG_MBEDTLS_RIPEMD160_C= # # Certificates @@ -411,16 +422,50 @@ CONFIG_MBEDTLS_ECP_NIST_OPTIM=y # # OpenSSL # -# CONFIG_OPENSSL_DEBUG is not set +CONFIG_OPENSSL_DEBUG= CONFIG_OPENSSL_ASSERT_DO_NOTHING=y -# CONFIG_OPENSSL_ASSERT_EXIT is not set +CONFIG_OPENSSL_ASSERT_EXIT= + +# +# PThreads +# +CONFIG_ESP32_PTHREAD_TASK_PRIO_DEFAULT=5 +CONFIG_ESP32_PTHREAD_TASK_STACK_SIZE_DEFAULT=2048 # # SPI Flash driver # -# CONFIG_SPI_FLASH_ENABLE_COUNTERS is not set +CONFIG_SPI_FLASH_ENABLE_COUNTERS= CONFIG_SPI_FLASH_ROM_DRIVER_PATCH=y +# +# SPIFFS Configuration +# +CONFIG_SPIFFS_MAX_PARTITIONS=3 + +# +# SPIFFS Cache Configuration +# +CONFIG_SPIFFS_CACHE=y +CONFIG_SPIFFS_CACHE_WR=y +CONFIG_SPIFFS_CACHE_STATS= +CONFIG_SPIFFS_PAGE_CHECK=y +CONFIG_SPIFFS_GC_MAX_RUNS=10 +CONFIG_SPIFFS_GC_STATS= +CONFIG_SPIFFS_OBJ_NAME_LEN=32 +CONFIG_SPIFFS_USE_MAGIC=y +CONFIG_SPIFFS_USE_MAGIC_LENGTH=y + +# +# Debug Configuration +# +CONFIG_SPIFFS_DBG= +CONFIG_SPIFFS_API_DBG= +CONFIG_SPIFFS_GC_DBG= +CONFIG_SPIFFS_CACHE_DBG= +CONFIG_SPIFFS_CHECK_DBG= +CONFIG_SPIFFS_TEST_VISUALISATION= + # # tcpip adapter # @@ -429,6 +474,6 @@ CONFIG_IP_LOST_TIMER_INTERVAL=120 # # Wear Levelling # -# CONFIG_WL_SECTOR_SIZE_512 is not set +CONFIG_WL_SECTOR_SIZE_512= CONFIG_WL_SECTOR_SIZE_4096=y CONFIG_WL_SECTOR_SIZE=4096