Changes include:
- Some mbedtls source files renamed or deprecated.
- Our `mbedtls_config.h` files are renamed to `mbedtls_config_port.h`, so
they don't clash with mbedtls's new default configuration file named
`mbedtls_config.h`.
- MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE is deprecated.
- MBEDTLS_HAVE_TIME now requires an `mbedtls_ms_time` function to be
defined but it's only used for TLSv1.3 (currently not enabled in
MicroPython so there is a lazy implementation, i.e. seconds * 1000).
- `tests/multi_net/ssl_data.py` is removed (due to deprecation of
MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE), there are the existing
`ssl_cert_rsa.py` and `sslcontext_server_client.py` tests which do very
similar, simple SSL data transfer.
- Tests now use an EC key by default (they are smaller and faster), and the
RSA key has been regenerated due to the old PKCS encoding used by openssl
rsa command, see
https://stackoverflow.com/questions/40822328/openssl-rsa-key-pem-and-der-conversion-does-not-match
(and `tests/README.md` has been updated accordingly).
Signed-off-by: Carlos Gil <carlosgilglez@gmail.com>
All ports using this common configuration already enable time/date
validation, so this commit is a no-op change.
Signed-off-by: Damien George <damien@micropython.org>
The RT1176 has two cores, but the actual firmware supports only the CM7.
There are currently no good plans on how to use the CM4.
The actual MIMXRT1170_EVK board is on par with the existing MIMXRT boards,
with the following extensions:
- Use 64 MB RAM for the heap.
- Support both LAN interfaces as LAN(0) and LAN(1), with LAN(1)
being the 1GB interface.
The dual LAN port interface can eventually be adapted as well for the
RT1062 MCU.
This work was done in collaboration with @alphaFred.
This is necessary to access sites that only support these protocols.
The rp2 port already has ECDH enabled, so this just adds ECDSA there. The
other ports now gain both ECDH and ECDSA. The code size increase is:
- rp2 (PICO_W): +2916 bytes flash, +24 bytes BSS
- stm32 (PYBD_SF6): +20480 bytes flash, +32 bytes data, +48 bytes BSS
- mimxrt (TEENSY41): +20708 bytes flash, +32 bytes data, +48 bytes BSS
- unix (standard x86-64): +39344 executable, +1744 bytes data, +96 BSS
This is obviously a large increase in code size. But there doesn't seem to
be any other option because without elliptic curve cryptography devices are
partially cut off from the internet. For use cases that require small
firmware size, they'll need to build custom firmware with a custom mbedtls
config.
Signed-off-by: Damien George <damien@micropython.org>
This commit implements 10/100 Mbit Ethernet support in the mimxrt port.
The following boards are configured without ETH network:
- MIMXRT1010_EVK
- Teensy 4.0
The following boards are configured with ETH network:
- MIMXRT1020_EVK
- MIMXRT1050_EVK
- MIMXRT1060_EVK
- MIMXRT1064_EVK
- Teensy 4.1
Ethernet support tested with TEENSY 4.1, MIMRTX1020_EVK and MIMXRT1050_EVK.
Build tested with Teensy 4.0 and MIMXRT1010_EVK to be still working.
Compiles and builds properly for MIMXRT1060_EVK and MIMXRT1064_EVK, but not
tested lacking suitable boards.
Tested functions are:
- ping works bothway
- simple UDP transfer works bothway
- ntptime works
- the ftp server works
- secure socker works
- telnet and webrepl works
The MAC address is 0x02 plus 5 bytes from the manifacturing info field,
which can be considered as unique per device.
Some boards do not wire the RESET and INT pin of the PHY transceiver. For
operation, these are not required. If they are defined, they will be used.