feat(ssl): Restructure ssl folder

Put mbedtls, axtls, openssl to ssl, also add kconfig to choose ssl library. Default use mbedtls.
2025-10-24 03:55:27 +08:00 · 2018-04-09 20:09:27 +08:00
parent 3720ca8dba
commit 7782d6adf2
203 changed files with 41 additions and 26 deletions
--- a/components/ssl/openssl/include/platform/ssl_opt.h
+++ b/components/ssl/openssl/include/platform/ssl_opt.h
@@ -0,0 +1,89 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_OPT_H_
+#define _SSL_OPT_H_
+
+/*
+ * Enable OpenSSL debugging function.
+ *
+ * If the option is enabled, "SSL_DEBUG" works.
+ */
+//#define CONFIG_OPENSSL_DEBUG
+
+#ifdef CONFIG_OPENSSL_DEBUG
+
+/*
+ * OpenSSL debugging level.
+ *
+ * Only function whose debugging level is higher than "OPENSSL_DEBUG_LEVEL" works.
+ *
+ * For example:
+ *     If OPENSSL_DEBUG_LEVEL = 2, you use function "SSL_DEBUG(1, "malloc failed")". 
+ *     Because 1 < 2, it will not print.
+ */
+//#define CONFIG_OPENSSL_DEBUG_LEVEL
+
+/*
+ * If the option is enabled, low-level module debugging function of OpenSSL is enabled, 
+ * e.g. mbedtls internal debugging function.
+ */
+//#define CONFIG_OPENSSL_LOWLEVEL_DEBUG
+
+#endif /* CONFIG_OPENSSL_DEBUG */
+
+/*
+ * OpenSSL function needs "assert" function to check if input parameters are valid.
+ *
+ * If you want to use assert debugging function, "OPENSSL_DEBUG" should be enabled.
+ *
+ * You must only select one of following:
+ *     1. CONFIG_OPENSSL_ASSERT_DO_NOTHING
+ *     2. CONFIG_OPENSSL_ASSERT_EXIT
+ *     3. CONFIG_OPENSSL_ASSERT_DEBUG (depend on "CONFIG_OPENSSL_DEBUG")
+ *     4. CONFIG_OPENSSL_ASSERT_DEBUG_EXIT (depend on "CONFIG_OPENSSL_DEBUG")
+ *     5. CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK (depend on "CONFIG_OPENSSL_DEBUG")
+ */
+
+/*
+ * Do nothing and "SSL_ASSERT" does not work.
+ */
+//#define CONFIG_OPENSSL_ASSERT_DO_NOTHING
+
+/*
+ * Enable assert exiting, it will check and return error code.
+ */
+#define CONFIG_OPENSSL_ASSERT_EXIT
+  
+#ifdef CONFIG_OPENSSL_DEBUG
+      
+/*
+ * Enable assert debugging, it will check and show debugging message.
+ */
+//#define CONFIG_OPENSSL_ASSERT_DEBUG
+
+/*
+ * Enable assert debugging and exiting, it will check, show debugging message and return error code.
+ */
+//#define CONFIG_OPENSSL_ASSERT_DEBUG_EXIT
+
+/*
+ * Enable assert debugging and blocking, it will check, show debugging message and block by "while (1);".
+ */
+//#define CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK
+
+#endif /* CONFIG_OPENSSL_DEBUG */
+
+#endif
+
--- a/components/ssl/openssl/include/platform/ssl_pm.h
+++ b/components/ssl/openssl/include/platform/ssl_pm.h
@@ -0,0 +1,59 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_PM_H_
+#define _SSL_PM_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include <string.h>
+#include "ssl_types.h"
+#include "ssl_port.h"
+
+int ssl_pm_new(SSL *ssl);
+void ssl_pm_free(SSL *ssl);
+
+int ssl_pm_handshake(SSL *ssl);
+int ssl_pm_shutdown(SSL *ssl);
+int ssl_pm_clear(SSL *ssl);
+
+int ssl_pm_read(SSL *ssl, void *buffer, int len);
+int ssl_pm_send(SSL *ssl, const void *buffer, int len);
+int ssl_pm_pending(const SSL *ssl);
+
+void ssl_pm_set_fd(SSL *ssl, int fd, int mode);
+int ssl_pm_get_fd(const SSL *ssl, int mode);
+
+OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl);
+
+void ssl_pm_set_bufflen(SSL *ssl, int len);
+
+int x509_pm_show_info(X509 *x);
+int x509_pm_new(X509 *x, X509 *m_x);
+void x509_pm_free(X509 *x);
+int x509_pm_load(X509 *x, const unsigned char *buffer, int len);
+
+int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk);
+void pkey_pm_free(EVP_PKEY *pk);
+int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len);
+
+long ssl_pm_get_verify_result(const SSL *ssl);
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif
--- a/components/ssl/openssl/include/platform/ssl_port.h
+++ b/components/ssl/openssl/include/platform/ssl_port.h
@@ -0,0 +1,78 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_PORT_H_
+#define _SSL_PORT_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "c_types.h"
+#include "esp_system.h"
+#include "string.h"
+
+#ifdef MEMLEAK_DEBUG
+
+extern void *pvPortMalloc( size_t xWantedSize, const char * file, unsigned line, bool use_iram);
+extern void *pvPortZalloc( size_t xWantedSize, const char * file, unsigned line);
+extern void vPortFree(void *pv, const char * file, unsigned line);
+
+#define ssl_mem_malloc(s)    \
+    ({  \
+        pvPortMalloc(s, __FILE__, __LINE__, false);  \
+    })
+
+#define ssl_mem_zalloc(s)    \
+    ({  \
+        pvPortZalloc(s, __FILE__, __LINE__);  \
+    })
+
+#define ssl_mem_free(s) \
+do{\
+    vPortFree(s, __FILE__, __LINE__);\
+}while(0)
+
+
+#else
+
+extern void *pvPortMalloc( size_t xWantedSize );
+extern void *pvPortZalloc( size_t xWantedSize );
+extern void vPortFree(void *pv);
+
+#define ssl_mem_zalloc(s) pvPortZalloc(s)
+#define ssl_mem_malloc(s) pvPortMalloc(s)
+#define ssl_mem_free(p) vPortFree(p)
+
+#endif
+
+#define ssl_memcpy memcpy
+#define ssl_strlen strlen
+
+#define ssl_speed_up_enter() system_update_cpu_freq(SYS_CPU_160MHZ)
+#define ssl_speed_up_exit()  system_update_cpu_freq(SYS_CPU_80MHZ)
+
+#ifndef os_printf
+#define os_printf(fmt, ...) do {    \
+        static const char flash_str[] ICACHE_RODATA_ATTR STORE_ATTR = fmt;  \
+        printf(flash_str, ##__VA_ARGS__);   \
+    } while(0)
+#endif
+
+#define SSL_DEBUG_LOG os_printf
+
+#define LOCAL_ATRR ICACHE_RODATA_ATTR STORE_ATTR
+
+#endif
+