update mbedtls to v3.6.5-idf by ericschaal · Pull Request #103 · esp-rs/mbedtls-rs

ericschaal · 2026-01-26T20:44:02Z

Upgrade mbedtls to mbedtls-3.6.5-idf

This PR upgrades from 3.4.x to 3.6.5 to resolve TLS 1.3 issues I encountered during testing.

Context

I'm new to both esp-mbedtls and mbedtls in general, so I'm not sure if there was a specific reason for staying on 3.4.x
The upgrade fixed my TLS 1.3 problems, and basic testing looks good
However, I haven't done extensive testing across all use cases

Would appreciate review from maintainers familiar with the project to assess whether this is a safe upgrade path.

Addresses #72

ivmarkov · 2026-01-29T10:48:05Z

@ericschaal Do you plan to finish this? It is still in draft, and there is no description (though it is pretty obvious what you are doing).

Let me know if you do, and once ready "un"-draft this so that I can take a look.

AnthonyGrondin · 2026-01-29T15:34:53Z

Are we still dealing with the same issue as here: fortanix/rust-mbedtls#320 ?

ivmarkov · 2026-01-29T15:36:38Z

Are we still dealing with the same issue as here: fortanix/rust-mbedtls#320 ?

Not sure how that's related. Can you elaborate?

I think this PR is just addressing #72?

AnthonyGrondin · 2026-01-29T15:39:26Z

I don't remember if it was you or someone else that said it, but I remember someone saying that one roadblock to upgrading mbedtls would be this "thread-safety" issue.

I could be hallucinating tho...

ivmarkov · 2026-01-29T15:48:42Z

I don't remember if it was you or someone else that said it, but I remember someone saying that one roadblock to upgrading mbedtls would be this "thread-safety" issue.

I could be hallucinating tho...

I never said this I think. If for nothing else, because the current 3.4.x MbedTLS we use is having exactly the same thread-safety issues which rust-mbedtls refers to.

I don't understand the thread-safety issues in a good detail ATM, I must admit.

But also and for embedded use-cases where you don't have threads they shouldn't matter. That is, unless you use esp-mbedtls from interrupt executors in addition to using it from the main executor.

ericschaal · 2026-01-29T16:54:08Z

Hey @ivmarkov, just updated the description and removed the draft status.

ivmarkov · 2026-01-29T16:56:40Z

This PR upgrades from 3.4.x to 3.6.5 to resolve TLS 1.3 issues I encountered during testing.

Out of pure curiosity, can you elaborate a bit on the issues you were having?

ivmarkov · 2026-01-30T11:27:11Z

@ericschaal I think the PR looks good! If only you could:

Restore the imports' order (there is a comment about that)
Explain a bit why we have to introduce inttypes.h with so many types inside

ericschaal

Hey @ivmarkov, I revised my approach for inttypes.h, let me know want you think.

AnthonyGrondin · 2026-01-30T15:22:22Z

Before merging, we will need to test that examples are still fully working, within their performance range or better.

Also, we should check if there's a significant change in the final binary size.

ivmarkov · 2026-01-30T15:32:46Z

Before merging, we will need to test that examples are still fully working, within their performance range or better.

Also, we should check if there's a significant change in the final binary size.

True. @ericschaal Would you mind testing the examples?

@AnthonyGrondin I'm very tempted to merge this here.

It is "a lot of scripts", but we can hide it in .github and mostly forget about it.

@bjoernQ Hope you don't mind? This is what rs-matter is using for tracking binary sizes. Also the C++ Matter SDK, from where it was ripped off. Might be interesting for esp-hal too?

Here, how it looks typically: project-chip/rs-matter#366 (comment)

AnthonyGrondin · 2026-01-30T15:48:36Z

Before merging, we will need to test that examples are still fully working, within their performance range or better.
Also, we should check if there's a significant change in the final binary size.

True. @ericschaal Would you mind testing the examples?

@AnthonyGrondin I'm very tempted to merge this here.

It is "a lot of scripts", but we can hide it in .github and mostly forget about it.

@bjoernQ Hope you don't mind? This is what rs-matter is using for tracking binary sizes. Also the C++ Matter SDK, from where it was ripped off. Might be interesting for esp-hal too?

Here, how it looks typically: project-chip/rs-matter#366 (comment)

I opened a new issue about that:

CI: Add workflow to check and monitor final binary size of example builds #105

ericschaal · 2026-02-02T15:32:37Z

For sure, I'll test what I can and report back! But I only have an esp32s3 on hand at the moment unfortunately.

ericschaal · 2026-02-02T17:12:20Z

No-std examples

Crypto Self Test (baremetal no-std)

MCU: esp32s3
Command: cargo +esp run --no-default-features --features esp32s3 --target xtensa-esp32s3-none-elf -Zbuild-std=core,alloc,panic_abort --bin crypto_self_test --release

INFO - === SUMMARY ===
INFO - | Hash Algorithm | Software (cycles) | Hardware (cycles) | Hardware Faster (x times) |
INFO - |----------------|-------------------|-------------------|---------------------------|
INFO - | Mpi            |          10576695 |           4169913 |                      2.54 |
INFO - | Rsa            |         108351355 |          45901180 |                      2.36 |
INFO - | Sha1           |          69820049 |          10896714 |                      6.41 |
INFO - | Sha224         |         103086687 |          10905303 |                      9.45 |
INFO - | Sha256         |         103052499 |          10891906 |                      9.46 |
INFO - | Sha384         |         193719786 |           9158714 |                     21.15 |
INFO - | Sha512         |         193678314 |           9141451 |                     21.19 |
INFO - | Aes            |         235133478 |         235036235 |                      1.00 |
INFO - | Md5            |             74607 |             70995 |                      1.05 |

Crypto Mini Test (baremetal no-std)

MCU: esp32s3
Command: cargo +esp run --no-default-features --features esp32s3 --target xtensa-esp32s3-none-elf -Zbuild-std=core,alloc,panic_abort --bin crypto_mini_test

INFO - Starting...
INFO - ============
Input: "hello world"                                                                                                                                                                   
INFO - SW SHA-1 = [2a, ae, 6c, 35, c9, 4f, cf, b4, 15, db, e9, 5f, 40, 8b, 9c, e9, 1e, e8, 46, ed]
INFO - HW SHA-1 = [2a, ae, 6c, 35, c9, 4f, cf, b4, 15, db, e9, 5f, 40, 8b, 9c, e9, 1e, e8, 46, ed]
INFO - HW/SW SHA-1 match.
INFO - ============
Input: "The quick brown fox jumps over the lazy dog"                                                                                                                                   
INFO - SW SHA-1 = [2f, d4, e1, c6, 7a, 2d, 28, fc, ed, 84, 9e, e1, bb, 76, e7, 39, 1b, 93, eb, 12]
INFO - HW SHA-1 = [2f, d4, e1, c6, 7a, 2d, 28, fc, ed, 84, 9e, e1, bb, 76, e7, 39, 1b, 93, eb, 12]
INFO - HW/SW SHA-1 match.
INFO - ============
Input: "sderjgrwrt;klhngfh;kf;lkjfgbmsd'mstrklshjrwssderjgrwrt;klhngfh;kf;lkjfgbmsd'mstrklshjrwssderjgrwrt;klhngfh;kf;lkjfgbmsd'mstrklshjrwssderjgrwrt;klhngfh;kf;lkjfgbmsd'mstrklshjrwssderjgrwrt;klhngfh;kf;lkjfgbmsd'mstrklshjrwssderjgrwrt;klhngfh;kf;lkjfgbmsd'mstrklshjrws"                                                                                             
INFO - SW SHA-1 = [10, b5, 34, 5f, 7b, 15, 4a, ce, 35, 76, e2, d2, dd, 6b, 7d, 1c, f6, 8c, 5d, 81]
INFO - HW SHA-1 = [10, b5, 34, 5f, 7b, 15, 4a, ce, 35, 76, e2, d2, dd, 6b, 7d, 1c, f6, 8c, 5d, 81]
INFO - HW/SW SHA-1 match.

Client (baremetal no-std)

MCU: esp32s3
Command: cargo +esp run --no-default-features --features esp32s3 --target xtensa-esp32s3-none-elf -Zbuild-std=core,alloc,panic_abort --bin client

INFO - Starting...
WARN - esp_wifi_internal_tx(interface, ptr, len) returned an error: 12290 (12290)
INFO - Start connection task
INFO - Device capabilities: Ok(EnumSet(Station | AccessPoint | AccessPointStation))
INFO - Starting wifi
INFO - Wifi started!
INFO - Scan
INFO - AccessPointInfo { ssid: "REDACTED", bssid: REDACTED, channel: 6, secondary_channel: None, signal_strength: -72, auth_method: Some(Wpa2Personal), country: Some(CountryInfo { country: [67, 65], operating_class: AllEnvironments }) }                                                                                                        
INFO - AccessPointInfo { ssid: "REDACTED", bssid: REDACTED, channel: 6, secondary_channel: None, signal_strength: -58, auth_method: Some(Wpa2Personal), country: Some(CountryInfo { country: [0, 0], operating_class: Repr(0) }) }                                                                                                                   
INFO - About to connect...
INFO - Wifi connected!
INFO - Waiting to get IP address...
INFO - Got IP: 10.130.1.103/24
INFO - 
                                                                                                                                                                                       
                                                                                                                                                                                       
                                                                                                                                                                                       
REQUEST 0, MTLS: false =============================                                                                                                                                   
INFO - Resolving server httpbin.org
INFO - Using IP addr 98.91.115.81
INFO - Creating TCP connection
INFO - Creating TLS session
INFO - Requesting GET /ip from server
INFO - (MbedTLS) Perform PSA-based ECDH/FFDH computation. (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_generic.c:1552)
INFO - Reading response
=============================                                                                                                                                                          
INFO - HTTP/1.1 200 OK
Date: Mon, 02 Feb 2026 17:08:40 GMT                                                                                                                                                    
Content-Type: application/json                                                                                                                                                         
Content-Length: 32                                                                                                                                                                     
Connection: close                                                                                                                                                                      
Server: gunicorn/19.9.0                                                                                                                                                                
Access-Control-Allow-Origin: *                                                                                                                                                         
Access-Control-Allow-Credentials: true                                                                                                                                                 
                                                                                                                                                                                       
{                                                                                                                                                                                      
  "origin": "REDACTED"                                                                                                                                                            
}                                                                                                                                                                                      
                                                                                                                                                                                       
INFO - (MbedTLS) mbedtls_ssl_handle_message_type() returned -30848 (-0x7880) (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_msg.c:4354)
INFO - (MbedTLS) mbedtls_ssl_read_record() returned -30848 (-0x7880) (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_msg.c:5989)
INFO - 
=============================                                                                                                                                                          
INFO - Done
INFO - 
                                                                                                                                                                                       
                                                                                                                                                                                       
                                                                                                                                                                                       
REQUEST 1, MTLS: true =============================                                                                                                                                    
INFO - Resolving server certauth.cryptomix.com
INFO - Using IP addr 217.154.9.114
INFO - Creating TCP connection
INFO - Creating TLS session
INFO - Requesting GET /json/ from server
INFO - (MbedTLS) Perform PSA-based ECDH/FFDH computation. (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_generic.c:1552)
INFO - (MbedTLS) Switch to handshake keys for inbound traffic (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_client.c:1950)
INFO - (MbedTLS) mbedtls_ssl_tls13_process_certificate_verify() returned 0 (-0x0000) (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_generic.c:403)                                                                                                                                                                                   
INFO - (MbedTLS) Switch to handshake traffic keys for outbound traffic (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_client.c:2640)
INFO - (MbedTLS) Switch to application keys for inbound traffic (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_generic.c:1235)
INFO - (MbedTLS) Switch to application keys for outbound traffic (at /Users/eschaal/src/github.com/esp-mbedtls/esp-mbedtls-sys/mbedtls/library/ssl_tls13_generic.c:1238)
INFO - Reading response
=============================                                                                                                                                                          
INFO - HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)                                                                                                                                                          
Date: Mon, 02 Feb 2026 17:08:42 GMT                                                                                                                                                    
Content-Type: application/json                                                                                                                                                         
Connection: close

EDIT: re-ran crypto self test with --release

ericschaal · 2026-02-02T17:30:02Z

std examples

Crypto Self Test (std)

MCU: esp32s3
Command: cargo +esp run --target xtensa-esp32s3-espidf -Zbuild-std=std,alloc,panic_abort --bin crypto_self_test --release

 (350) crypto_self_test: Running MbedTLS self tests...
I (350) crypto_self_test: TESTS OUTPUT >>>>>>>>
I (360) crypto_self_test: Testing Mpi
  MPI test #1 (mul_mpi): passed
  MPI test #2 (div_mpi): passed
  MPI test #3 (exp_mod): passed
  MPI test #4 (inv_mod): passed
  MPI test #5 (simple gcd): passed

I (390) crypto_self_test: Took 21.112ms
I (390) crypto_self_test: Testing Rsa
  RSA key validation: passed
  PKCS#1 encryption : passed
  PKCS#1 decryption : passed
  PKCS#1 data sign  : passed
  PKCS#1 sig. verify: passed

I (590) crypto_self_test: Took 197.488ms
I (590) crypto_self_test: Testing Sha1
  SHA-1 test #1: passed
  SHA-1 test #2: passed
  SHA-1 test #3: passed

I (630) crypto_self_test: Took 43.141ms
I (630) crypto_self_test: Testing Sha224
  SHA-224 test #1: passed
  SHA-224 test #2: passed
  SHA-224 test #3: passed

I (670) crypto_self_test: Took 42.192ms
I (670) crypto_self_test: Testing Sha256
  SHA-256 test #1: passed
  SHA-256 test #2: passed
  SHA-256 test #3: passed

I (720) crypto_self_test: Took 42.246ms
I (720) crypto_self_test: Testing Sha384
  SHA-384 test #1: passed
  SHA-384 test #2: passed
  SHA-384 test #3: passed

I (760) crypto_self_test: Took 44.675ms
I (760) crypto_self_test: Testing Sha512
  SHA-512 test #1: passed
  SHA-512 test #2: passed
  SHA-512 test #3: passed

I (810) crypto_self_test: Took 44.623ms
I (810) crypto_self_test: Testing Aes
  AES note: alternative implementation.
  AES-ECB-128 (dec): passed
  AES-ECB-128 (enc): passed
  AES-ECB-192 (dec): skipped
  AES-ECB-192 (enc): skipped
  AES-ECB-256 (dec): passed
  AES-ECB-256 (enc): passed

  AES-CBC-128 (dec): passed
  AES-CBC-128 (enc): passed
  AES-CBC-192 (dec): skipped
  AES-CBC-192 (enc): skipped
  AES-CBC-256 (dec): passed
  AES-CBC-256 (enc): passed

  AES-CFB128-128 (dec): passed
  AES-CFB128-128 (enc): passed
  AES-CFB128-192 (dec): skipped
  AES-CFB128-192 (enc): skipped
  AES-CFB128-256 (dec): passed
  AES-CFB128-256 (enc): passed

  AES-OFB-128 (dec): passed
  AES-OFB-128 (enc): passed
  AES-OFB-192 (dec): skipped
  AES-OFB-192 (enc): skipped
  AES-OFB-256 (dec): passed
  AES-OFB-256 (enc): passed

  AES-CTR-128 (dec): passed
  AES-CTR-128 (enc): passed
  AES-CTR-128 (dec): passed
  AES-CTR-128 (enc): passed
  AES-CTR-128 (dec): passed
  AES-CTR-128 (enc): passed

  AES-XTS-128 (dec): passed
  AES-XTS-128 (enc): passed
  AES-XTS-128 (dec): passed
  AES-XTS-128 (enc): passed
  AES-XTS-128 (dec): passed
  AES-XTS-128 (enc): passed

I (4210) crypto_self_test: Took 3.397316s
I (4210) crypto_self_test: Testing Md5
  MD5 test #1: passed
  MD5 test #2: passed
  MD5 test #3: passed
  MD5 test #4: passed
  MD5 test #5: passed
  MD5 test #6: passed
  MD5 test #7: passed

I (4230) crypto_self_test: Took 14.083ms
I (4230) crypto_self_test: <<<<<<<< TESTS OUTPUT
I (4240) crypto_self_test: Done
I (4240) main_task: Returned from app_main()

Server (std)

MCU: esp32s3
Command: cargo +esp run --target xtensa-esp32s3-espidf -Zbuild-std=std,alloc,panic_abort --bin server

I (5209) esp_netif_handlers: sta ip: 10.130.1.103, mask: 255.255.255.0, gw: 10.130.1.1
I (5209) server::bootstrap: Wifi netif up
I (5209) server::bootstrap: Wifi DHCP info: IpInfo { ip: 10.130.1.103, subnet: Subnet { gateway: 10.130.1.1, mask: Mask(24) }, dns: Some(8.8.8.8), secondary_dns: Some(8.8.4.4) }
I (5229) server: Initializing TLS
I (5239) async_io_mini::reactor: Starting reactor
I (5239) server: Listening on port 8443
I (37449) server: Accepted connection from 10.130.1.100:65083
I (37449) server::server: Creating TLS session
I (37459) server::server: Waiting for GET request from client
I (38339) server::server: Replying to request:
GET / HTTP/1.1                                                                                                                                                                         
Host: 10.130.1.103:8443                                                                                                                                                                
User-Agent: curl/8.7.1                                                                                                                                                                 
Accept: */*                                                                                                                                                                            
                                                                                                                                                                                       
                                                                                                                                                                                       
I (38349) server::server: Done

❯ curl -k https://10.130.1.103:8443/
Hello from esp-mbedtls!

Client (baremetal no-std)

MCU: esp32s3
Command: cargo +esp run --target xtensa-esp32s3-espidf -Zbuild-std=std,alloc,panic_abort --bin client

I (3815) client::bootstrap: Wifi connected
I (3885) wifi:AP's beacon interval = 102400 us, DTIM period = 1
I (5815) esp_netif_handlers: sta ip: 10.130.1.103, mask: 255.255.255.0, gw: 10.130.1.1
I (5815) client::bootstrap: Wifi netif up
I (5815) client::bootstrap: Wifi DHCP info: IpInfo { ip: 10.130.1.103, subnet: Subnet { gateway: 10.130.1.1, mask: Mask(24) }, dns: Some(8.8.8.8), secondary_dns: Some(8.8.4.4) }
I (5835) client: Initializing TLS
I (5835) client: 
                                                                                                                                                                                       
                                                                                                                                                                                       
                                                                                                                                                                                       
REQUEST 0, MTLS: false =============================                                                                                                                                   
I (5845) client: Resolving server httpbin.org
I (5865) client: Using socket addr 3.210.41.225:443
I (5865) client: Creating TCP connection
I (5875) async_io_mini::reactor: Starting reactor
I (5905) client::client: Creating TLS session
I (5915) client::client: Requesting GET /ip from server
I (6325) client::client: Reading response
=============================                                                                                                                                                          
I (6555) client::client: HTTP/1.1 200 OK
Date: Mon, 02 Feb 2026 17:21:54 GMT                                                                                                                                                    
Content-Type: application/json                                                                                                                                                         
Content-Length: 32                                                                                                                                                                     
Connection: close                                                                                                                                                                      
Server: gunicorn/19.9.0                                                                                                                                                                
Access-Control-Allow-Origin: *                                                                                                                                                         
Access-Control-Allow-Credentials: true                                                                                                                                                 
                                                                                                                                                                                       
{                                                                                                                                                                                      
  "origin": "REDACTED"                                                                                                                                                            
}                                                                                                                                                                                      
                                                                                                                                                                                       
I (6575) client::client: 
=============================                                                                                                                                                          
I (6575) client::client: Done
I (6585) client: 
                                                                                                                                                                                       
                                                                                                                                                                                       
                                                                                                                                                                                       
REQUEST 1, MTLS: true =============================                                                                                                                                    
I (6585) client: Resolving server certauth.cryptomix.com
I (6855) client: Using socket addr 217.154.9.114:443
I (6855) client: Creating TCP connection
I (7065) client::client: Creating TLS session
I (7075) client::client: Requesting GET /json/ from server
I (8615) client::client: Reading response
=============================                                                                                                                                                          
I (9015) client::client: HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)                                                                                                                                                          
Date: Mon, 02 Feb 2026 17:21:56 GMT                                                                                                                                                    
Content-Type: application/json                                                                                                                                                         
Connection: close                                                                                                                                                                      
                                                                                                                                                                                       
{"USER":"certauth13","HOME":"\/home\/certauth13","HTTP_HOST":"certauth.cryptomix.com","SSL_CLIENT_I_DN_CN":"esp-mbedtls.local","SSL_CLIENT_S_DN_CN":"esp-mbedtls.local","SSL_CLIENT_I_DN":"O=CA Certificate,CN=esp-mbedtls.local","SSL_CLIENT_S_DN":"CN=esp-mbedtls.local","SSL_CLIENT_VERIFY":"FAILED:unable to verify the first certificate","SSL_CLIENT_V_END":"Feb 28 18:54:59 2026 GMT","SSL_CLIENT_V_START":"Feb 28 18:54:59 2025 GMT","SSL_CLIENT_SERIAL":"5C403496F1E9B17A5A6E58137A6AC23759875CF9","SSL_CLIENT_FINGERPRINT":"547f9875d5da4b0bab359a17364caf01a81d9ee5","SSL_SERVER_NAME":"certauth.cryptomix.com","SSL_CIPHER":"ECDHE-RSA-AES256-GCM-SHA384","SSL_PROTOCOL":"TLSv1.2","HTTPS":"on","PATH_INFO":"","SERVER_NAME":"certauth.cryptomix.com","SERVER_PORT":"443","SERVER_ADDR":"217.154.9.114","REMOTE_PORT":"49657","REMOTE_ADDR":"76.68.246.229","SERVER_PROTOCOL":"HTTP\/1.0","DOCUMENT_URI":"                             
I (9095) client::client: \/json\/index.php","REQUEST_URI":"\/json\/","CONTENT_LENGTH":"","CONTENT_TYPE":"","REQUEST_METHOD":"GET","QUERY_STRING":"","SERVER_SOFTWARE":"nginx","GATEWAY_INTERFACE":"CGI\/1.1","FCGI_ROLE":"RESPONDER","REQUEST_TIME_FLOAT":1770052916.812883,"REQUEST_TIME":1770052916}                                                                        
                                                                                                                                                                                       
I (9125) client::client: 
=============================                                                                                                                                                          
I (9135) client::client: Done
I (9135) main_task: Returned from app_main()

ericschaal · 2026-02-04T20:44:59Z

I think we should also update config.h to the latest version as done in this commit.

ivmarkov · 2026-02-05T10:01:39Z

I think we should also update config.h to the latest version as done in this commit.

@ericschaal Good idea. Can you pull that update into this PR?

did my best to keep the same feature set as when using mbedtls 3.4.0

ivmarkov · 2026-02-05T14:27:12Z

@ericschaal You need to rebase on top of the main branch, which got #106 merged in the meantime.

ivmarkov · 2026-02-05T14:34:04Z

Once the build is ready (including the new libs) I'll test with esp32s3, esp32c3 and esp32c6 and if all is well, we can merge.

ivmarkov · 2026-02-05T16:31:08Z

Thanks!

Tested and works on esp32s3, esp32c3 and esp32c6.
Also works with rs-matter.

ericschaal force-pushed the main branch 3 times, most recently from 09354b4 to b97c672 Compare January 29, 2026 15:29

ericschaal force-pushed the main branch 5 times, most recently from 421a495 to f61e782 Compare January 29, 2026 16:29

ivmarkov reviewed Jan 29, 2026

View reviewed changes

Comment thread esp-mbedtls-sys/gen/sysroot/include/inttypes.h Outdated

ivmarkov reviewed Jan 29, 2026

View reviewed changes

Comment thread esp-mbedtls-sys/gen/sysroot/include/inttypes.h Outdated

Comment thread esp-mbedtls-sys/src/accel/esp/exp_mod.rs Outdated

ericschaal marked this pull request as ready for review January 29, 2026 17:07

ivmarkov added the rebuild-libs This label will force rebuilding the libraries and push them onto the current PR label Jan 29, 2026

ericschaal commented Jan 30, 2026

View reviewed changes

Comment thread esp-mbedtls-sys/gen/sysroot/include/inttypes.h Outdated

Comment thread esp-mbedtls-sys/src/accel/esp/exp_mod.rs Outdated

chore: update mbedtls to v3.6.5-idf

425334a

ericschaal added 2 commits February 5, 2026 09:24

chore: update mbedtls to v3.6.5-idf continued

2afc2fa

chore: update config.h to include new config options in v3.6.5 release

fd5fbb3

did my best to keep the same feature set as when using mbedtls 3.4.0

chore: rebuild libs

d8d96b1

ericschaal force-pushed the main branch from 714037a to d8d96b1 Compare February 5, 2026 14:30

ivmarkov added rebuild-libs This label will force rebuilding the libraries and push them onto the current PR and removed rebuild-libs This label will force rebuilding the libraries and push them onto the current PR labels Feb 5, 2026

ivmarkov merged commit 0d86dcc into esp-rs:main Feb 5, 2026
22 checks passed

ivmarkov mentioned this pull request Feb 5, 2026

update mbedtls to current version #72

Closed

Conversation

ericschaal commented Jan 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Upgrade mbedtls to mbedtls-3.6.5-idf

Uh oh!

ivmarkov commented Jan 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

AnthonyGrondin commented Jan 29, 2026

Uh oh!

ivmarkov commented Jan 29, 2026

Uh oh!

AnthonyGrondin commented Jan 29, 2026

Uh oh!

ivmarkov commented Jan 29, 2026

Uh oh!

ericschaal commented Jan 29, 2026

Uh oh!

ivmarkov commented Jan 29, 2026

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ivmarkov commented Jan 30, 2026

Uh oh!

ericschaal left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

AnthonyGrondin commented Jan 30, 2026

Uh oh!

ivmarkov commented Jan 30, 2026

Uh oh!

AnthonyGrondin commented Jan 30, 2026

Uh oh!

ericschaal commented Feb 2, 2026

Uh oh!

ericschaal commented Feb 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Crypto Self Test (baremetal no-std)

Crypto Mini Test (baremetal no-std)

Client (baremetal no-std)

Uh oh!

ericschaal commented Feb 2, 2026

Crypto Self Test (std)

Server (std)

Client (baremetal no-std)

Uh oh!

ericschaal commented Feb 4, 2026

Uh oh!

ivmarkov commented Feb 5, 2026

Uh oh!

ivmarkov commented Feb 5, 2026

Uh oh!

ivmarkov commented Feb 5, 2026

Uh oh!

ivmarkov commented Feb 5, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

ericschaal commented Jan 26, 2026 •

edited

Loading

ivmarkov commented Jan 29, 2026 •

edited

Loading

ericschaal commented Feb 2, 2026 •

edited

Loading