* Bump up to MBed-TLS V3.5.1, make changes to Visual Studio Projects to account for this.
* Update MBedTLS Transport files to call psa_crypto_init() if the MBEDTLS_PSA_CRYPTO_C is set.
* Add WIN32_LEAN_AND_MEAN to the corePKCS11_MQTT_Mutual_Auth_Windows_Simulator demo. Add in a check for MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET when making a TLS handshake.
* Change transport interface files from using void * to mbedtls_pk_context * instead per changes in the MbedTLS API.
* Changes to Fleet Provisioning Demo and Demo Setup to use ECDSA keys
* Remove non-32 bit configs from various VisualStudio Projects. Enforce all projects using WIN32_LEAN_AND_MEAN as well as winsock2.h
* Use new version of CI-CD Actions, checkout@v3 instead of checkout@v2 on all jobs
* Use cSpell spell check, and use ubuntu-20.04 for formatting check
* Add in bot formatting action
* Update freertos_demo.yml and freertos_plus_demo.yml files to increase github log readability
* Add in a Qemu demo onto the workflows.
Update transport interface for compatibility
* Update the network transport that using socket wrapper to depend on socket wrapper only.
* AT command timeout should not be changed for cellular socket buffer access mode.
* mbedTLS config include using MBEDTLS_CONFIG_FILE macro.
* Remove strnlen usage in using_mbedtls_pkcs11.
* Update History.txt and README.md for December release (#744)
* Update History.txt and README.md for release
* Bump mbedtls submodule to v2.28.0 (#745)
* Patch project files for mbedtls (#751)
* Apply group 1 patches
* Apply patches for group 2
* Update project files for mbedTLS new version
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
* Fix warnings in projects
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
* Fix warnings in HTTP_S3_Download demo
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Co-authored-by: Gaurav Aggarwal <aggarg@amazon.com>
* Update changelog and history for corePKCS11 update (#752)
* Update submodule pointer and manifest.yml for corePKCS11 (#754)
* Update readme and history.txt to show that Sigv4 is a newly added library (#756)
* Revert update to v143 of VS toolset (#757)
* [AUTO][RELEASE]: Bump file header version to "202112.00"
* Update file headers to satisfy core checks
Co-authored-by: Muneeb Ahmed <54290492+muneebahmed10@users.noreply.github.com>
Co-authored-by: Gaurav Aggarwal <aggarg@amazon.com>
Co-authored-by: johnrhen <johnrhen@users.noreply.github.com>
The previous "using_mbedtls_pkcs11.c" implementation requires using the device key and device certificate stored under the labels "pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS" and "pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS".
This commit updates the NetworkCredentials to include fields for pClientCertLabel and pPrivateKeyLabel, so other labels can be used with PKCS11. This matches the behavior seen in the CSDK.
This commit also updates the "pkcs11_mqtt_mutual_auth_demo" to set the newly-added NetworkCredentials fields.
Move the contents of FreeRTOS/FreeRTOS-Plus/Source/Application-Protocols/network_transport/using_mbedtls/
to its parent folder i.e. FreeRTOS/FreeRTOS-Plus/Source/Application-Protocols/network_transport/.
This removes one unnecessary folder in the hierarchy.
* [Cellular] Add cellulr lib submodule and demo app
* [Cellular] Fix memory violation in transport layer and add using LoggingPrintf
* Update FreeRTOS Cellular Interface
* Change the mbedtls usage in FreeRTOS-Plus
* [Cellular] Fix missing spell
* [Cellular] Add manifest.yml
* Fix missing spell
* Update manifest.yml
* [Cellular] Add integration test
* Modify the demo log level to LOG_INFO
* Update cellular interface
* The modification of the folder structure for cellular library
* Rename the naming of demo
* Adjust the location of using_mbedtls and socket_wrapper
* Adjust project setting for relocating using_mbedtls and socket_wrapper
* Turn off PSM mode
* Add start marker for CI validation.
* The modification for mbedtls platform send/recv function for cellular
* Change the project file due to the changes of mbedtls platform send/recv function for cellular
* Fix missing newline and remove unused file
* Add missing configuration.
* Make cellular and freertos tcp plus use the same transport implementation
* Add comment for the macro MBEDTLS_SSL_SEND and MBEDTLS_SSL_RECV
* Make changes from the github comment.
Since `mbedtls_error.c` is already part of the mbedTLS submodule, the duplicate files are removed from this repository.
Co-authored-by: Cobus van Eeden <35851496+cobusve@users.noreply.github.com>
* Clean up demo config for wolfSSL mutual auth.
* Add comment about picking the correct ROOT CA.
* uncrustify using_wolfSSL.c and some other code style changes.
* Apply suggestions from code review
Co-authored-by: Archit Aggarwal <architag@amazon.com>
FreeRTOS_send adds the packet to be sent to the IP task's queue for
later processing. The packet is sent later by the IP task. When
FreeRTOS is used in collaborative mode (i.e. configUSE_PREEMPTION is 0),
the Plaintext_FreeRTOS_send function returns without actually sending
the packet as the IP task never gets a chance to run.
The fact that Plaintext_FreeRTOS_send returns without actually sending
the packet causes an issue in the MQTT_Connect which expects the CONNECT
packet to be actually sent and waits for CONNACK.
This commit adds a taskYIELD call after calling FreeRTOS_send to ensure
that the IP task gets a chance to run and send the packet before the
Plaintext_FreeRTOS_send function returns.
From the FreeRTOS documentation, pdFREERTOS_ERRNO_ENOSPC means that timeout occurred before any data could be sent or received.
- In the plaintext transport-interface implementation, we would directly return `-pdFREERTOS_ERRNO_ENOSPC`. However, an error like this can occur when the TCP buffer is full, so this ought to be retriable. Libraries that consume the transport interface interpret a return value of 0 to mean that send/recv can be invoked again to get the data. As such, we should appropriately set the return value as 0 when the status is `-pdFREERTOS_ERRNO_ENOSPC`.
- In the mbedTLS port, we would directly return whatever `FreeRTOS_send` or `FreeRTOS_recv` returns. However, sometimes, the return value can be an error. In such cases, we ought to map an error from FreeRTOS+TCP to an equivalent error in mbedTLS. In the case of `-pdFREERTOS_ERRNO_ENOSPC`, we map that to `MBEDTLS_ERR_SSL_TIMEOUT`. When the mbedTLS transport-interface send/recv wrapper sees that value, it appropriately returns 0, so that the library can retry the send/recv. I've verified that when the mbedTLS port returns an error, that same error is returned by `mbedtls_ssl_write` & `mbedtls_ssl_read`.
- The TCP socket may have a receive block time. If bytesToRecv is greater than 1 then a frame is likely already part way through reception and blocking to wait for the desired number of bytes to be available is the
most efficient thing to do. If bytesToRecv is 1 then this may be a speculative call to read to find the start of a new frame, in which case blocking is not desirable as it could block an entire protocol agent task for the duration of the read block time and therefore negatively impact performance. So if bytesToRecv is 1 then don't call recv unless it is known that bytes are already available.
Co-authored-by: abhidixi11 <44424462+abhidixi11@users.noreply.github.com>
Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com>
Small change that simply specifies why the NetworkContext must be defined by each compilation unit along with details on how to include it to your project.
Co-authored-by: Cobus van Eeden <35851496+cobusve@users.noreply.github.com>
By removing the definition of the NetworkContext struct in the header file, we allow the application to define it. This allows an application writer to use multiple transports in the same compilation unit. That way, multiple .c files do not have to be created for each transport.
* Update logging_stack.h file to avoid use of __FUNCTION__ macro
* Revert to use __FUNCTION__ instead of __FILE__
* Fix comment about metadata format
* Fix incorrect mapping of SdkLog function
* Fix typo causing LOG_METADATA_ARGS to be undefined
* Fix another bug with SdkLog macro definition
* Fix formatting
* Move mapping of SdkLog to vLoggingPrintf from logging_stack to config files
* Remove dependency of LIBRARY_LOG_NAME on LIBRARY_METADATA_* macros
* Minor improvements
Co-authored-by: Gary Wicker <14828980+gkwicker@users.noreply.github.com>
Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com>
This updates the platform and logging directory and moves it to the following places:
FreeRTOS\FreeRTOS-Plus\Source\Utilities
FreeRTOS\FreeRTOS-Plus\Source\Application-Protocols\network_transport\freertos_plus_tcp
Project files are updated to follow suite. All updated demos are tested to work as expected.
Soren Ptak
Tony Josi
Monika Singh
chinglee-iot
jasonpcarroll
Paul Bartell
ActoryOu
Soren Ptak
ActoryOu
johnrhen
andysun2015
aggarg
Gaurav-Aggarwal-AWS
tianmc1
Oscar Michael Abrina
Archit Aggarwal
TakayukiMatsuo
Carl Lundin
Marc-Antoine Lalonde
Joseph Julicher