kopia lustrzana https://github.com/espressif/esp-idf
mbedtls: Remove certs.c and certs.h from port directory
Aditya Patwardhan
rodzic
fa62f39ba8
commit
f31d8dd295
|
|
@ -9,7 +9,6 @@
|
|||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/certs.h"
|
||||
#include "mbedtls/esp_debug.h"
|
||||
#include "esp_log.h"
|
||||
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@
|
|||
#include "mbedtls/entropy.h"
|
||||
#include "mbedtls/ctr_drbg.h"
|
||||
#include "mbedtls/error.h"
|
||||
#include "mbedtls/certs.h"
|
||||
#ifdef CONFIG_ESP_TLS_SERVER_SESSION_TICKETS
|
||||
#include "mbedtls/ssl_ticket.h"
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -96,8 +96,7 @@ endif()
|
|||
set(mbedtls_targets mbedtls mbedcrypto mbedx509)
|
||||
|
||||
set(mbedtls_target_sources "${COMPONENT_DIR}/port/mbedtls_debug.c"
|
||||
"${COMPONENT_DIR}/port/net_sockets.c"
|
||||
"${COMPONENT_DIR}/port/certs.c")
|
||||
"${COMPONENT_DIR}/port/net_sockets.c")
|
||||
|
||||
if(CONFIG_MBEDTLS_DYNAMIC_BUFFER)
|
||||
set(mbedtls_target_sources ${mbedtls_target_sources}
|
||||
|
|
|
|||
Plik diff jest za duży
Load Diff
|
|
@ -1,239 +0,0 @@
|
|||
/*
|
||||
* SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
|
||||
*
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*/
|
||||
/**
|
||||
* \file certs.h
|
||||
*
|
||||
|
||||
*/
|
||||
#ifndef MBEDTLS_CERTS_H
|
||||
#define MBEDTLS_CERTS_H
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls_config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* List of all PEM-encoded CA certificates, terminated by NULL;
|
||||
* PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded
|
||||
* otherwise. */
|
||||
extern const char * mbedtls_test_cas[];
|
||||
extern const size_t mbedtls_test_cas_len[];
|
||||
|
||||
/* List of all DER-encoded CA certificates, terminated by NULL */
|
||||
extern const unsigned char * mbedtls_test_cas_der[];
|
||||
extern const size_t mbedtls_test_cas_der_len[];
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
/* Concatenation of all CA certificates in PEM format if available */
|
||||
extern const char mbedtls_test_cas_pem[];
|
||||
extern const size_t mbedtls_test_cas_pem_len;
|
||||
#endif /* MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
/*
|
||||
* CA test certificates
|
||||
*/
|
||||
|
||||
extern const char mbedtls_test_ca_crt_ec_pem[];
|
||||
extern const char mbedtls_test_ca_key_ec_pem[];
|
||||
extern const char mbedtls_test_ca_pwd_ec_pem[];
|
||||
extern const char mbedtls_test_ca_key_rsa_pem[];
|
||||
extern const char mbedtls_test_ca_pwd_rsa_pem[];
|
||||
extern const char mbedtls_test_ca_crt_rsa_sha1_pem[];
|
||||
extern const char mbedtls_test_ca_crt_rsa_sha256_pem[];
|
||||
|
||||
extern const unsigned char mbedtls_test_ca_crt_ec_der[];
|
||||
extern const unsigned char mbedtls_test_ca_key_ec_der[];
|
||||
extern const unsigned char mbedtls_test_ca_key_rsa_der[];
|
||||
extern const unsigned char mbedtls_test_ca_crt_rsa_sha1_der[];
|
||||
extern const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[];
|
||||
|
||||
extern const size_t mbedtls_test_ca_crt_ec_pem_len;
|
||||
extern const size_t mbedtls_test_ca_key_ec_pem_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_ec_pem_len;
|
||||
extern const size_t mbedtls_test_ca_key_rsa_pem_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_rsa_pem_len;
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len;
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len;
|
||||
|
||||
extern const size_t mbedtls_test_ca_crt_ec_der_len;
|
||||
extern const size_t mbedtls_test_ca_key_ec_der_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_ec_der_len;
|
||||
extern const size_t mbedtls_test_ca_key_rsa_der_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_rsa_der_len;
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_sha1_der_len;
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_sha256_der_len;
|
||||
|
||||
/* Config-dependent dispatch between PEM and DER encoding
|
||||
* (PEM if enabled, otherwise DER) */
|
||||
|
||||
extern const char mbedtls_test_ca_crt_ec[];
|
||||
extern const char mbedtls_test_ca_key_ec[];
|
||||
extern const char mbedtls_test_ca_pwd_ec[];
|
||||
extern const char mbedtls_test_ca_key_rsa[];
|
||||
extern const char mbedtls_test_ca_pwd_rsa[];
|
||||
extern const char mbedtls_test_ca_crt_rsa_sha1[];
|
||||
extern const char mbedtls_test_ca_crt_rsa_sha256[];
|
||||
|
||||
extern const size_t mbedtls_test_ca_crt_ec_len;
|
||||
extern const size_t mbedtls_test_ca_key_ec_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_ec_len;
|
||||
extern const size_t mbedtls_test_ca_key_rsa_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_rsa_len;
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_sha1_len;
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_sha256_len;
|
||||
|
||||
/* Config-dependent dispatch between SHA-1 and SHA-256
|
||||
* (SHA-256 if enabled, otherwise SHA-1) */
|
||||
|
||||
extern const char mbedtls_test_ca_crt_rsa[];
|
||||
extern const size_t mbedtls_test_ca_crt_rsa_len;
|
||||
|
||||
/* Config-dependent dispatch between EC and RSA
|
||||
* (RSA if enabled, otherwise EC) */
|
||||
|
||||
extern const char * mbedtls_test_ca_crt;
|
||||
extern const char * mbedtls_test_ca_key;
|
||||
extern const char * mbedtls_test_ca_pwd;
|
||||
extern const size_t mbedtls_test_ca_crt_len;
|
||||
extern const size_t mbedtls_test_ca_key_len;
|
||||
extern const size_t mbedtls_test_ca_pwd_len;
|
||||
|
||||
/*
|
||||
* Server test certificates
|
||||
*/
|
||||
|
||||
extern const char mbedtls_test_srv_crt_ec_pem[];
|
||||
extern const char mbedtls_test_srv_key_ec_pem[];
|
||||
extern const char mbedtls_test_srv_pwd_ec_pem[];
|
||||
extern const char mbedtls_test_srv_key_rsa_pem[];
|
||||
extern const char mbedtls_test_srv_pwd_rsa_pem[];
|
||||
extern const char mbedtls_test_srv_crt_rsa_sha1_pem[];
|
||||
extern const char mbedtls_test_srv_crt_rsa_sha256_pem[];
|
||||
|
||||
extern const unsigned char mbedtls_test_srv_crt_ec_der[];
|
||||
extern const unsigned char mbedtls_test_srv_key_ec_der[];
|
||||
extern const unsigned char mbedtls_test_srv_key_rsa_der[];
|
||||
extern const unsigned char mbedtls_test_srv_crt_rsa_sha1_der[];
|
||||
extern const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[];
|
||||
|
||||
extern const size_t mbedtls_test_srv_crt_ec_pem_len;
|
||||
extern const size_t mbedtls_test_srv_key_ec_pem_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_ec_pem_len;
|
||||
extern const size_t mbedtls_test_srv_key_rsa_pem_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_rsa_pem_len;
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len;
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len;
|
||||
|
||||
extern const size_t mbedtls_test_srv_crt_ec_der_len;
|
||||
extern const size_t mbedtls_test_srv_key_ec_der_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_ec_der_len;
|
||||
extern const size_t mbedtls_test_srv_key_rsa_der_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_rsa_der_len;
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_sha1_der_len;
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_sha256_der_len;
|
||||
|
||||
/* Config-dependent dispatch between PEM and DER encoding
|
||||
* (PEM if enabled, otherwise DER) */
|
||||
|
||||
extern const char mbedtls_test_srv_crt_ec[];
|
||||
extern const char mbedtls_test_srv_key_ec[];
|
||||
extern const char mbedtls_test_srv_pwd_ec[];
|
||||
extern const char mbedtls_test_srv_key_rsa[];
|
||||
extern const char mbedtls_test_srv_pwd_rsa[];
|
||||
extern const char mbedtls_test_srv_crt_rsa_sha1[];
|
||||
extern const char mbedtls_test_srv_crt_rsa_sha256[];
|
||||
|
||||
extern const size_t mbedtls_test_srv_crt_ec_len;
|
||||
extern const size_t mbedtls_test_srv_key_ec_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_ec_len;
|
||||
extern const size_t mbedtls_test_srv_key_rsa_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_rsa_len;
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_sha1_len;
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_sha256_len;
|
||||
|
||||
/* Config-dependent dispatch between SHA-1 and SHA-256
|
||||
* (SHA-256 if enabled, otherwise SHA-1) */
|
||||
|
||||
extern const char mbedtls_test_srv_crt_rsa[];
|
||||
extern const size_t mbedtls_test_srv_crt_rsa_len;
|
||||
|
||||
/* Config-dependent dispatch between EC and RSA
|
||||
* (RSA if enabled, otherwise EC) */
|
||||
|
||||
extern const char * mbedtls_test_srv_crt;
|
||||
extern const char * mbedtls_test_srv_key;
|
||||
extern const char * mbedtls_test_srv_pwd;
|
||||
extern const size_t mbedtls_test_srv_crt_len;
|
||||
extern const size_t mbedtls_test_srv_key_len;
|
||||
extern const size_t mbedtls_test_srv_pwd_len;
|
||||
|
||||
/*
|
||||
* Client test certificates
|
||||
*/
|
||||
|
||||
extern const char mbedtls_test_cli_crt_ec_pem[];
|
||||
extern const char mbedtls_test_cli_key_ec_pem[];
|
||||
extern const char mbedtls_test_cli_pwd_ec_pem[];
|
||||
extern const char mbedtls_test_cli_key_rsa_pem[];
|
||||
extern const char mbedtls_test_cli_pwd_rsa_pem[];
|
||||
extern const char mbedtls_test_cli_crt_rsa_pem[];
|
||||
|
||||
extern const unsigned char mbedtls_test_cli_crt_ec_der[];
|
||||
extern const unsigned char mbedtls_test_cli_key_ec_der[];
|
||||
extern const unsigned char mbedtls_test_cli_key_rsa_der[];
|
||||
extern const unsigned char mbedtls_test_cli_crt_rsa_der[];
|
||||
|
||||
extern const size_t mbedtls_test_cli_crt_ec_pem_len;
|
||||
extern const size_t mbedtls_test_cli_key_ec_pem_len;
|
||||
extern const size_t mbedtls_test_cli_pwd_ec_pem_len;
|
||||
extern const size_t mbedtls_test_cli_key_rsa_pem_len;
|
||||
extern const size_t mbedtls_test_cli_pwd_rsa_pem_len;
|
||||
extern const size_t mbedtls_test_cli_crt_rsa_pem_len;
|
||||
|
||||
extern const size_t mbedtls_test_cli_crt_ec_der_len;
|
||||
extern const size_t mbedtls_test_cli_key_ec_der_len;
|
||||
extern const size_t mbedtls_test_cli_key_rsa_der_len;
|
||||
extern const size_t mbedtls_test_cli_crt_rsa_der_len;
|
||||
|
||||
/* Config-dependent dispatch between PEM and DER encoding
|
||||
* (PEM if enabled, otherwise DER) */
|
||||
|
||||
extern const char mbedtls_test_cli_crt_ec[];
|
||||
extern const char mbedtls_test_cli_key_ec[];
|
||||
extern const char mbedtls_test_cli_pwd_ec[];
|
||||
extern const char mbedtls_test_cli_key_rsa[];
|
||||
extern const char mbedtls_test_cli_pwd_rsa[];
|
||||
extern const char mbedtls_test_cli_crt_rsa[];
|
||||
|
||||
extern const size_t mbedtls_test_cli_crt_ec_len;
|
||||
extern const size_t mbedtls_test_cli_key_ec_len;
|
||||
extern const size_t mbedtls_test_cli_pwd_ec_len;
|
||||
extern const size_t mbedtls_test_cli_key_rsa_len;
|
||||
extern const size_t mbedtls_test_cli_pwd_rsa_len;
|
||||
extern const size_t mbedtls_test_cli_crt_rsa_len;
|
||||
|
||||
/* Config-dependent dispatch between EC and RSA
|
||||
* (RSA if enabled, otherwise EC) */
|
||||
|
||||
extern const char * mbedtls_test_cli_crt;
|
||||
extern const char * mbedtls_test_cli_key;
|
||||
extern const char * mbedtls_test_cli_pwd;
|
||||
extern const size_t mbedtls_test_cli_crt_len;
|
||||
extern const size_t mbedtls_test_cli_key_len;
|
||||
extern const size_t mbedtls_test_cli_pwd_len;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* certs.h */
|
||||
|
|
@ -58,6 +58,9 @@ The Diffie-Hellman Key Exchange modes have now been disabled by default due to s
|
|||
|
||||
.. note:: During the initial step of the handshake (i.e. ``client_hello``), the server selects a cipher from the list that the client publishes. As the DHE_PSK/DHE_RSA ciphers have now been disabled by the above change, the server would fall back to an alternative cipher; if in a rare case, it does not support any other cipher, the handshake would fail. To retrieve the list of ciphers supported by the server, one must attempt to connect with the server with a specific cipher from the client-side. Few utilities can help do this, e.g. ``sslscan``.
|
||||
|
||||
Remove certs module from X509 library
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
`mbedtls/certs.h` header is no longer available in mbedtls 3.1, most applications can safely remove it from the list of includes.
|
||||
|
||||
ESP HTTPS SERVER
|
||||
-----------------
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue