compatible with ESP platform

2026-06-05 21:14:49 +00:00 · 2025-12-04 12:09:34 +08:00
parent b74711cc5e
commit e16325e99f
2 changed files with 23 additions and 22 deletions
@@ -33,9 +33,9 @@

 #include "mbedtls.hpp"

-#include <mbedtls/ctr_drbg.h>
+// #include <mbedtls/ctr_drbg.h>
 #include <mbedtls/debug.h>
-#include <mbedtls/entropy.h>
+// #include <mbedtls/entropy.h>
 #include <mbedtls/platform.h>
 #include <mbedtls/threading.h>

@@ -69,8 +69,8 @@ Error MbedTls::MapError(int aMbedTlsError)
    switch (aMbedTlsError)
    {
 #if OPENTHREAD_CONFIG_ECDSA_ENABLE
-    case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
-    case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
+    // case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
+    // case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
    case MBEDTLS_ERR_MPI_INVALID_CHARACTER:
 #endif
 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
@@ -84,7 +84,7 @@ Error MbedTls::MapError(int aMbedTlsError)
    case MBEDTLS_ERR_PK_INVALID_PUBKEY:
    case MBEDTLS_ERR_PK_INVALID_ALG:
    case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE:
-    case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
+    // case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
    case MBEDTLS_ERR_X509_SIG_MISMATCH:
    case MBEDTLS_ERR_X509_BAD_INPUT_DATA:
    case MBEDTLS_ERR_X509_FILE_IO_ERROR:
@@ -102,42 +102,42 @@ Error MbedTls::MapError(int aMbedTlsError)
    case MBEDTLS_ERR_X509_UNKNOWN_VERSION:
 #endif // MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
    case MBEDTLS_ERR_SSL_BAD_INPUT_DATA:
-    case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
-    case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG:
+    // case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
+    // case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG:
        error = kErrorInvalidArgs;
        break;

 #if OPENTHREAD_CONFIG_ECDSA_ENABLE
-    case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL:
-    case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL:
-    case MBEDTLS_ERR_MPI_ALLOC_FAILED:
+    // case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL:
+    // case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL:
+    // case MBEDTLS_ERR_MPI_ALLOC_FAILED:
 #endif
 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-    case MBEDTLS_ERR_PEM_ALLOC_FAILED:
+    // case MBEDTLS_ERR_PEM_ALLOC_FAILED:
    case MBEDTLS_ERR_PK_ALLOC_FAILED:
    case MBEDTLS_ERR_X509_BUFFER_TOO_SMALL:
-    case MBEDTLS_ERR_X509_ALLOC_FAILED:
+    // case MBEDTLS_ERR_X509_ALLOC_FAILED:
 #endif
-    case MBEDTLS_ERR_SSL_ALLOC_FAILED:
+    // case MBEDTLS_ERR_SSL_ALLOC_FAILED:
    case MBEDTLS_ERR_SSL_WANT_WRITE:
-    case MBEDTLS_ERR_ENTROPY_MAX_SOURCES:
+    // case MBEDTLS_ERR_ENTROPY_MAX_SOURCES:
        error = kErrorNoBufs;
        break;

 #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
    case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE:
-    case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
+    // case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
    case MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE:
    case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:
 #endif // MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-    case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
-    case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
-    case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
-    case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
+    // case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
+    // case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
+    // case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
+    // case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
 #if (MBEDTLS_VERSION_NUMBER < 0x03000000)
    case MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED:
 #endif
-    case MBEDTLS_ERR_THREADING_BAD_INPUT_DATA:
+    // case MBEDTLS_ERR_THREADING_BAD_INPUT_DATA:
    case MBEDTLS_ERR_THREADING_MUTEX_ERROR:
        error = kErrorSecurity;
        break;
@@ -199,7 +199,7 @@ Error SecureSession::Setup(void)
    }
 #endif

-    mbedtls_ssl_conf_rng(&mConf, Crypto::MbedTls::CryptoSecurePrng, nullptr);
+    // mbedtls_ssl_conf_rng(&mConf, Crypto::MbedTls::CryptoSecurePrng, nullptr);
 #if (MBEDTLS_VERSION_NUMBER >= 0x03020000)
    mbedtls_ssl_conf_min_tls_version(&mConf, MBEDTLS_SSL_VERSION_TLS1_2);
    mbedtls_ssl_conf_max_tls_version(&mConf, MBEDTLS_SSL_VERSION_TLS1_2);
@@ -278,7 +278,8 @@ Error SecureSession::Setup(void)

        if (mIsServer)
        {
-            rval = mbedtls_ssl_cookie_setup(&mCookieCtx, Crypto::MbedTls::CryptoSecurePrng, nullptr);
+            // rval = mbedtls_ssl_cookie_setup(&mCookieCtx, Crypto::MbedTls::CryptoSecurePrng, nullptr);
+            rval = mbedtls_ssl_cookie_setup(&mCookieCtx);
            VerifyOrExit(rval == 0);

            mbedtls_ssl_conf_dtls_cookies(&mConf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &mCookieCtx);