- Additional menuconfig option to select either mbedTLS or Tinycrypt from NimBLE.
- Addition of `CMAC` and `ECP_RESTARTABLE` to mbedTLS menuconfig option and
`esp_config.h`.
- Changes NimBLE `component.mk` and `CMakeLists.txt` to support mbedTLS option.
- Minor changes to `app_mesh.c` application.
host/nimble/nimble/nimble/host/store/ram/include
host/nimble/nimble/nimble/host/store/config/include
host/nimble/nimble/porting/npl/freertos/include
- host/nimble/nimble/ext/tinycrypt/include
host/nimble/esp-hci/include)
+ if(NOT CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS)
+
+ list(APPEND include_dirs
+ host/nimble/nimble/ext/tinycrypt/include)
+
list(APPEND srcs "host/nimble/nimble/ext/tinycrypt/src/utils.c"
"host/nimble/nimble/ext/tinycrypt/src/sha256.c"
"host/nimble/nimble/ext/tinycrypt/src/ecc.c"
"host/nimble/nimble/ext/tinycrypt/src/hmac_prng.c"
"host/nimble/nimble/ext/tinycrypt/src/ecc_platform_specific.c"
"host/nimble/nimble/ext/tinycrypt/src/hmac.c"
- "host/nimble/nimble/ext/tinycrypt/src/cbc_mode.c"
- "host/nimble/nimble/nimble/host/util/src/addr.c"
+ "host/nimble/nimble/ext/tinycrypt/src/cbc_mode.c")
+ endif()
+
+ list(APPEND srcs "host/nimble/nimble/nimble/host/util/src/addr.c"
"host/nimble/nimble/nimble/host/services/gatt/src/ble_svc_gatt.c"
"host/nimble/nimble/nimble/host/services/tps/src/ble_svc_tps.c"
"host/nimble/nimble/nimble/host/services/ias/src/ble_svc_ias.c"
esp_ble_mesh/mesh_models/common \
esp_ble_mesh/mesh_models/client \
esp_ble_mesh/api/core \
- esp_ble_mesh/api/models
+ esp_ble_mesh/api/models
endif
ifdef CONFIG_BT_NIMBLE_ENABLED
+
COMPONENT_ADD_INCLUDEDIRS += host/nimble/nimble/nimble/include \
host/nimble/nimble/nimble/host/include \
host/nimble/nimble/porting/nimble/include \
host/nimble/nimble/nimble/host/util/include \
host/nimble/nimble/nimble/host/store/ram/include \
host/nimble/nimble/nimble/host/store/config/include \
- host/nimble/nimble/ext/tinycrypt/include \
host/nimble/esp-hci/include \
host/nimble/port/include
+ifndef CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS
+COMPONENT_ADD_INCLUDEDIRS += host/nimble/nimble/ext/tinycrypt/include
+endif
+
COMPONENT_SRCDIRS += host/nimble/nimble/nimble/host/src \
host/nimble/nimble/porting/nimble/src \
host/nimble/nimble/porting/npl/freertos/src \
- host/nimble/nimble/ext/tinycrypt/src \
host/nimble/nimble/nimble/host/services/ans/src \
host/nimble/nimble/nimble/host/services/bas/src \
host/nimble/nimble/nimble/host/services/gap/src \
host/nimble/nimble/nimble/host/store/config/src \
host/nimble/esp-hci/src
+ifndef CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS
+COMPONENT_SRCDIRS += host/nimble/nimble/ext/tinycrypt/src
+endif
+
COMPONENT_OBJEXCLUDE += host/nimble/nimble/nimble/host/store/config/src/ble_store_config_conf.o
ifdef CONFIG_BT_NIMBLE_MESH
Enable security manager secure connections
config BT_NIMBLE_DEBUG
- bool "Enable host debugging"
+ bool "Enable extra runtime asserts and host debugging"
default n
depends on BT_NIMBLE_ENABLED
help
- This enables extra runtime assertions
+ This enables extra runtime asserts and host debugging
config BT_NIMBLE_SVC_GAP_DEVICE_NAME
string "BLE GAP default device name"
help
This value defines Bluetooth Mesh device/node name
+config BT_NIMBLE_CRYPTO_STACK_MBEDTLS
+ bool "Override TinyCrypt with mbedTLS for crypto computations"
+ default y
+ depends on BT_NIMBLE_ENABLED
+ select MBEDTLS_ECP_RESTARTABLE
+ select MBEDTLS_CMAC_C
+ help
+ Enable this option to choose mbedTLS instead of TinyCrypt for crypto
+ computations.
-Subproject commit adcd9408695cb4f873f117eb8c92007455b2c066
+Subproject commit 6c91a9a153c421231b686d30c822e53fea7510c0
#define MYNEWT_VAL_BLE_SM_THEIR_KEY_DIST (0)
#endif
+#ifndef MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS
+#define MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS (CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS)
+#endif
+
#ifndef MYNEWT_VAL_BLE_STORE_MAX_BONDS
#define MYNEWT_VAL_BLE_STORE_MAX_BONDS CONFIG_BT_NIMBLE_MAX_BONDS
#endif
default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG
default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE
+ config MBEDTLS_ECP_RESTARTABLE
+ bool "Enable mbedTLS ecp restartable"
+ default n
+ help
+ Enable "non-blocking" ECC operations that can return early and be resumed.
+
+ config MBEDTLS_CMAC_C
+ bool "Enable CMAC mode for block ciphers"
+ default n
+ help
+ Enable the CMAC (Cipher-based Message Authentication Code) mode for
+ block ciphers.
+
config MBEDTLS_HARDWARE_AES
bool "Enable hardware AES acceleration"
default y
-Subproject commit 97959e77912524bd8db7cbb2e00fc9f6189f7a82
+Subproject commit f5f2e5926cd294ae7cb579ff6a12ad9303caeb6e
/**
* \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES & MBEDTLS_ARC4_C
- *
+ *
* MBEDTLS_ARC4_C
* Enable the ARCFOUR stream cipher.
*
#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
#endif
+/**
+ * \def MBEDTLS_ECP_RESTARTABLE
+ *
+ * Enable "non-blocking" ECC operations that can return early and be resumed.
+ *
+ * This allows various functions to pause by returning
+ * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
+ * order to further progress and eventually complete their operation. This is
+ * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
+ * number of ECC operations a function may perform before pausing; see
+ * mbedtls_ecp_set_max_ops() for more information.
+ *
+ * This is useful in non-threaded environments if you want to avoid blocking
+ * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
+ *
+ * Uncomment this macro to enable restartable ECC computations.
+ *
+ * \note This option only works with the default software implementation of
+ * elliptic curve functionality. It is incompatible with
+ * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
+ */
+#ifdef CONFIG_MBEDTLS_ECP_RESTARTABLE
+#define MBEDTLS_ECP_RESTARTABLE
+#endif
+
+/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module: library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+#ifdef CONFIG_MBEDTLS_CMAC_C
+#define MBEDTLS_CMAC_C
+#endif
+
/**
* \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
*
#include "mesh/mesh.h"
static const char *tag = "NimBLE_MESH";
-void ble_store_ram_init(void);
+void ble_store_config_init(void);
#define BT_DBG_ENABLED (MYNEWT_VAL(BLE_MESH_DEBUG))
health_pub_init();
nimble_port_run();
+ nimble_port_freertos_deinit();
}
void app_main(void)
bt_mesh_register_gatt();
/* XXX Need to have template for store */
- ble_store_ram_init();
+ ble_store_config_init();
nimble_port_freertos_init(blemesh_host_task);
}
projects / esp-idf / commitdiff