8000 ports/esp32: Enable mbedtls cert time validation. · micropython/micropython@93aff62 · GitHub
[go: up one dir, main page]
Skip to content

Commit 93aff62

Browse files
CarglglzCarglglz
committed
ports/esp32: Enable mbedtls cert time validation.
Signed-off-by: Carlos Gil <carlosgilglez@gmail.com>
1 parent 49fa3ce commit 93aff62

File tree

5 files changed

+36
-0
lines changed

5 files changed

+36
-0
lines changed

ports/esp32/boards/sdkconfig.base

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,9 @@ CONFIG_LWIP_PPP_CHAP_SUPPORT=y
5959
# SSL
6060
# Use 4kiB output buffer instead of default 16kiB
6161
CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y
62+
CONFIG_MBEDTLS_HAVE_TIME_DATE=y
63+
CONFIG_MBEDTLS_PLATFORM_TIME_ALT=y
64+
CONFIG_MBEDTLS_HAVE_TIME=y
6265

6366
# Disable ALPN support as it's not implemented in MicroPython
6467
CONFIG_MBEDTLS_SSL_ALPN=n

ports/esp32/esp32_common.cmake

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,7 @@ list(APPEND MICROPY_SOURCE_PORT
6363
mphalport.c
6464
fatfs_port.c
6565
help.c
66+
mbedtls/mbedtls_port.c
6667
machine_bitstream.c
6768
machine_timer.c
6869
machine_pin.c

ports/esp32/main.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,10 @@
6464
#include "modespnow.h"
6565
#endif
6666

67+
// mbedtls time cert validation
68+
#include "mbedtls/platform_time.h"
69+
#include "mbedtls/mbedtls_config.h"
70+
6771
// MicroPython runs as a task under FreeRTOS
6872
#define MP_TASK_PRIORITY (ESP_TASK_PRIO_MIN + 1)
6973

@@ -97,6 +101,8 @@ void mp_task(void *pvParameter) {
97101
uart_stdout_init();
98102
#endif
99103
machine_init();
104+
// mbedtls time cert validation
105+
mbedtls_platform_set_time(platform_mbedtls_time);
100106

101107
esp_err_t err = esp_event_loop_create_default();
102108
if (err != ESP_OK) {

ports/esp32/mbedtls/mbedtls_config.h

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
// Time mbedtls_platform
2+
#include <time.h>
3+
#include <sys/time.h>
4+
5+
#define MBEDTLS_HAVE_ASM
6+
7+
time_t platform_mbedtls_time(time_t *timer);

ports/esp32/mbedtls/mbedtls_port.c

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
#include <py/mpconfig.h>
2+
3+
#ifdef MICROPY_SSL_MBEDTLS
4+
5+
#include <time.h>
6+
#include <sys/time.h>
7+
#include "shared/timeutils/timeutils.h"
8+
#include "mbedtls/platform_time.h"
9+
10+
time_t platform_mbedtls_time(time_t *timer) {
11+
// mbedtls_time requires time in seconds from EPOCH 1970
12+
13+
struct timeval tv;
14+
gettimeofday(&tv, NULL);
15+
16+
return tv.tv_sec + TIMEUTILS_SECONDS_1970_TO_2000;
17+
}
18+
19+
#endif

0 commit comments

Comments
 (0)
0