feat: add esp_mbedtls_dynamic

components/mbedtls/include/mbedtls/mbedtls_config.h

@@ -1940,7 +1940,7 @@
  *
  * Uncomment this to enable internal use of PSA Crypto and new associated APIs.
  */
-#define MBEDTLS_USE_PSA_CRYPTO
+// #define MBEDTLS_USE_PSA_CRYPTO
 
 /**
  * \def MBEDTLS_PSA_CRYPTO_CONFIG
@@ -3740,7 +3740,10 @@
  *
  * Uncomment to set the maximum plaintext size of the incoming I/O buffer.
  */
-//#define MBEDTLS_SSL_IN_CONTENT_LEN              16384
+
+#ifdef CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN
+#define MBEDTLS_SSL_IN_CONTENT_LEN              CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN
+#endif
 
 /** \def MBEDTLS_SSL_CID_IN_LEN_MAX
  *
@@ -3790,7 +3793,9 @@
  *
  * Uncomment to set the maximum plaintext size of the outgoing I/O buffer.
  */
-//#define MBEDTLS_SSL_OUT_CONTENT_LEN             16384
+#ifdef CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN
+#define MBEDTLS_SSL_OUT_CONTENT_LEN             CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN
+#endif
 
 /** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
  *

components/network/CMakeLists.txt

@@ -3,4 +3,20 @@ message("network")
 sdk_generate_library()
 file(GLOB_RECURSE SOURCES src/*.c)
 sdk_library_add_sources(${SOURCES})
-sdk_add_include_directories(inc)
+sdk_add_include_directories(inc)
+
+if(CONFIG_MBEDTLS_DYNAMIC_BUFFER)
+    sdk_add_link_options(
+        -Wl,--wrap=mbedtls_ssl_write_client_hello
+        -Wl,--wrap=mbedtls_ssl_handshake_client_step
+        -Wl,--wrap=mbedtls_ssl_handshake_server_step
+        -Wl,--wrap=mbedtls_ssl_read
+        -Wl,--wrap=mbedtls_ssl_write
+        -Wl,--wrap=mbedtls_ssl_session_reset
+        -Wl,--wrap=mbedtls_ssl_free
+        -Wl,--wrap=mbedtls_ssl_setup
+        -Wl,--wrap=mbedtls_ssl_send_alert_message
+        -Wl,--wrap=mbedtls_ssl_close_notify
+)
+
+endif()

components/network/Kconfig

@@ -12,6 +12,35 @@ if NETWORK
         bool "ENANBLE TCP"
         default y
 
+    config MBEDTLS_DYNAMIC_BUFFER
+        bool "MBEDTLS DYNAMIC BUFFER"
+        depends on MBEDTLS
+        default n
+
+    config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA
+        bool "MBEDTLS DYNAMIC FREE CONFIG DATA"
+        depends on MBEDTLS
+        default n
+
+    config MBEDTLS_DYNAMIC_FREE_CA_CERT
+        bool "MBEDTLS DYNAMIC FREE CA CERT"
+        depends on MBEDTLS
+        default n
+
+    config MBEDTLS_SSL_IN_CONTENT_LEN
+        int "MBEDTLS SSL IN CONTENT LEN"
+        depends on MBEDTLS
+        default 16384
+        help
+            MBEDTLS SSL IN CONTENT LEN
+
+    config MBEDTLS_SSL_OUT_CONTENT_LEN
+        int "MBEDTLS SSL OUT CONTENT LEN"
+        depends on MBEDTLS
+        default 4096
+        help
+            MBEDTLS SSL OUT CONTENT LEN
+
 choice
     prompt "TLS bankend choice" 
     default NETWORK_MBEDTLS_TLS_ENABLE
@@ -24,6 +53,8 @@ choice
         bool "ENANBLE WOLFSSL TLS"
         depends on WOLFSSL
         depends on NETWORK_TCP_ENABLE
+
+
 
 endchoice
 

components/network/inc/esp_mbedtls_dynamic_impl.h

@@ -0,0 +1,114 @@
+/*
+ * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#ifndef _DYNAMIC_IMPL_H_
+#define _DYNAMIC_IMPL_H_
+
+#include <stddef.h>
+#include <string.h>
+#include <stdbool.h>
+#include <stdio.h>  
+#include <stdlib.h>
+
+#include <sys/cdefs.h> // 
+
+// #define offsetof(TYPE, MEMBER) ((size_t) &((TYPE*)0)->MEMBER)
+#define container_of(ptr, type, member) ({          \
+        const typeof( ((type *)0)->member ) *__mptr = (const typeof( ((type *)0)->member ) *)(ptr); \
+        (type *)( (char *)__mptr - offsetof(type,member) );})
+
+#define __containerof(ptr, type, member) container_of(ptr, type, member)
+/* TODO: Remove this once the appropriate solution is found
+ *
+ * ssl_misc.h header uses private elements from
+ * mbedtls, which become undefined if the following flag
+ * is not defined
+ */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+// located at mbedtls/library/ssl_misc.h
+#include "ssl_misc.h"
+
+#include "mbedtls/ssl.h"
+#include "mbedtls/platform.h"
+// #include "esp_log.h"
+#include "dlg/dlg.h"
+
+#define TRACE_CHECK(_fn, _state) \
+({ \
+    dlg_info("%d " _state " to do \"%s\"", __LINE__, # _fn); \
+})
+
+#define CHECK_OK(_fn) \
+({ \
+    int _ret; \
+ \
+    TRACE_CHECK(_fn, "state"); \
+ \
+    if ((_ret = _fn) != 0) { \
+        dlg_info("\"%s\" result is %d", # _fn, -_ret); \
+        TRACE_CHECK(_fn, "fail"); \
+        return _ret; \
+    } \
+ \
+    TRACE_CHECK(_fn, "end"); \
+ \
+})
+
+#ifndef MAX
+#define MAX(a, b) ((a) > (b) ? (a) : (b))
+#endif
+typedef enum {
+    ESP_MBEDTLS_SSL_BUF_CACHED,
+    ESP_MBEDTLS_SSL_BUF_NO_CACHED,
+} esp_mbedtls_ssl_buf_states;
+
+struct esp_mbedtls_ssl_buf {
+    esp_mbedtls_ssl_buf_states state;
+    unsigned int len;
+    unsigned char buf[];
+};
+
+#define SSL_BUF_HEAD_OFFSET_SIZE ((int)offsetof(struct esp_mbedtls_ssl_buf, buf))
+
+void esp_mbedtls_free_buf(unsigned char *buf);
+
+int esp_mbedtls_setup_tx_buffer(mbedtls_ssl_context *ssl);
+
+void esp_mbedtls_setup_rx_buffer(mbedtls_ssl_context *ssl);
+
+int esp_mbedtls_reset_add_tx_buffer(mbedtls_ssl_context *ssl);
+
+int esp_mbedtls_reset_add_rx_buffer(mbedtls_ssl_context *ssl);
+
+int esp_mbedtls_reset_free_tx_buffer(mbedtls_ssl_context *ssl);
+
+void esp_mbedtls_reset_free_rx_buffer(mbedtls_ssl_context *ssl);
+
+int esp_mbedtls_add_tx_buffer(mbedtls_ssl_context *ssl, size_t buffer_len);
+
+int esp_mbedtls_add_rx_buffer(mbedtls_ssl_context *ssl);
+
+int esp_mbedtls_free_tx_buffer(mbedtls_ssl_context *ssl);
+
+int esp_mbedtls_free_rx_buffer(mbedtls_ssl_context *ssl);
+
+size_t esp_mbedtls_get_crt_size(mbedtls_x509_crt *cert, size_t *num);
+
+#ifdef CONFIG_MBEDTLS_DYNAMIC_FREE_CONFIG_DATA
+void esp_mbedtls_free_dhm(mbedtls_ssl_context *ssl);
+
+void esp_mbedtls_free_keycert(mbedtls_ssl_context *ssl);
+
+void esp_mbedtls_free_keycert_cert(mbedtls_ssl_context *ssl);
+
+void esp_mbedtls_free_keycert_key(mbedtls_ssl_context *ssl);
+#endif
+
+#ifdef CONFIG_MBEDTLS_DYNAMIC_FREE_CA_CERT
+void esp_mbedtls_free_cacert(mbedtls_ssl_context *ssl);
+#endif
+
+#endif /* _DYNAMIC_IMPL_H_ */