Commit graph

10590 commits

Author SHA1 Message Date
Angus Gratton
08bcb587ec Merge branch 'fix/ci_example_test_prov_v4.0' into 'release/v4.0'
CI: Fix prov example test exception handle (v4.0)

See merge request espressif/esp-idf!8440
2020-05-06 16:59:20 +08:00
Jiang Jiang Jian
c5a8dc85b7 Merge branch 'feature/wpa3_pmf_pmk_caching_backport_v4.0' into 'release/v4.0'
WPA3, PMF & PMK caching support (backport v4.0)

See merge request espressif/esp-idf!8625
2020-05-06 15:41:05 +08:00
Shivani Tipnis
a7ca14b064 CI: Fix prov example test cryptography package version exception handling 2020-05-06 04:54:59 +00:00
Nachiket Kukade
4557c686b8 wpa_supplicant: Fix EAP Re-authentication issue
EAP reauth frames are dropped at various stages due to current
implementation of WPA2 ENT states and EAP SM init/deinit logic.
Route EAPOL frames based on EAP pkt type and maintain EAP SM
to facilitate EAP re-authentication process.
2020-05-06 10:21:45 +05:30
Nachiket Kukade
5e33a351f1 esp_wifi: Enable WPA3 & PMF by default 2020-05-06 10:21:41 +05:30
Nachiket Kukade
1fc54cfad8 Increase example cmake parallel jobs number 2020-05-06 10:21:29 +05:30
Nachiket Kukade
bc7a34b494 wpa_supplicant: Disable TLSv1.2 by default
Some Enterprise Authentication Servers do not support TLS v1.2.
Move this option to Menuconfig and disable by default.
2020-05-06 10:21:25 +05:30
Nachiket Kukade
ab81940982 esp_wifi: Additional changes for WPA3 & PMF testcases
Added WPA3 Testcases support for -
1. Anti-Clogging Token Request support
2. Return correct status from SAE modules for invalid scenarios
3. Add PMK Caching support for WPA3

wifi lib includes fixes for below PMF Certification issues -
1. Check return status of decrypt operation. Fixes 5.3.3.1.
2. Allow PMF negotiation for WPA2-Enterprise. Fixes 5.3.3.2, 5.3.3.4.
3. Add NULL check on key before encrypting PMF, fixes crash.
2020-05-06 10:20:46 +05:30
Sagar Bijwe
6d6b7b09e8 wifi: Add PMF and WPA3 documentation 2020-05-06 10:20:40 +05:30
Nachiket Kukade
d36663b798 wpa_supplicant: Support WPA3 4-way handshake, add config option
1. Add changes in 4-way handshake path to allow SAE key mgmt.
2. Support for configuring WAP3 at init time, added Kconfig option.
3. Handle and propagate error conditions properly.
2020-05-06 10:20:35 +05:30
Nachiket Kukade
6b76228fcb wpa_supplicant: Add SAE handshake support for WPA3-PSK
Under WPA3-Personal, SAE authentication is used to derive PMK
which is more secure and immune to offline dictionary attacks.
1. Add modules to generate SAE commit/confirm for the handshake
2. Add modules that build and parse SAE data in Auth frames
3. Add WPA3 association and key mgmt definitions
4. Invert y-bit while solving for ECC co-ordinate -
     Once an X co-ordinate is obtained, solving for Y co-ordinate
     using an elliptical curve equation results in 2 possible values,
     Y and (P - Y), where p is the prime number. The co-ordinates are
     used for deriving keys in SAE handshake. As par the 802.11 spec
     if LSB of X is same as LSB of Y then Y is chosen, (P - Y) otherwise.
     This is not what is implemented, so fix this behavior to obtain the
     correct Y co-ordinate.
2020-05-06 10:20:26 +05:30
Sagar Bijwe
8f5f828ad6 wpa_supplicant: Adding SAE modules with testcase
This change ports SAE(Simultaneous Authentication of Equals)
feature from wpa_supplicant and makes it work with mbedtls
crypto APIs. Currently only group 19 is supported. A sample
SAE handshake is included in the testcase. Other minor
changes for DH groups are also included.
2020-05-06 10:20:22 +05:30
Nachiket Kukade
5c5ae96be2 Add encryption/decryption support for PMF
1. Add CCMP, AES crypto modules for unicast protected Mgmt frames
2. Add support for computing SHA256 MIC on Bcast Mgmt frames
3. Add support for storing iGTK during 4-way handshake.
4. Provide APIs to MLME for utilizing the SW crypto modules
2020-05-06 10:20:16 +05:30
Nachiket Kukade
1b7f3fee5c Add support for PMF configuration and negotiation
1. Add APIs for configuring PMF through set config.
2. Map Supplicant and Wifi Cipher types.
3. Add support for PMF negotiation while generating RSN IE.
2020-05-06 10:20:11 +05:30
Hrudaynath Dhabe
b7dc47108f wifi: Add code required to backport PMK Caching 2020-05-06 10:19:52 +05:30
liu zhifu
8cd210b38b esp_wifi/supplicant: fix some WiFi stop memory leak 2020-05-06 10:15:51 +05:30
Hrudaynath Dhabe
19e840aa53 wpa_supplicant: Set assoc_ie_len based on generated RSN/WPA IE 2020-05-06 10:15:46 +05:30
Hrudaynath Dhabe
39acf9c4dd wifi: Add PMK caching feature for station WPA2-enterprise
4. Pmksa cache expiry after dot11RSNAConfigPMKLifetime timeout.
2020-05-06 10:15:43 +05:30
Sagar Bijwe
2da4ffa2aa wifi: Add PMK caching feature for station WPA2-enterprise
1) Added PMK caching module from wpa_supplicant.
2) Modified wpa_sm to
    a) Add entry to PMK cache when first time associated to an AP.
    b) Maintain entry across the associations.
    c) Clear current PMKSA when deauth happens.
    d) Search for an entry when re-associating to the same AP and
       set it as current PMKSA
    e) Wait for msg 1/4 from AP instead of starting EAP authentication.
    f) Check PMKID in msg 1 with current PMKSA/cache.
    g) Use the cached PMK to complete 4-way handshake.
3) Remove config_bss callback as it was redundant and used to cause
   problems for PMK caching flow.

Closes IDF-969
2020-05-06 10:15:36 +05:30
Jiang Jiang Jian
b9fa6b0b1a Merge branch 'bugfix/can_not_get_IP_address_from_China_mobile_v4.0' into 'release/v4.0'
wifi: fix the bug that ESP32 can't get IP address from China Mobile router (v4.0)

See merge request espressif/esp-idf!8401
2020-05-06 11:16:24 +08:00
Island
5f71ec3640 Merge branch 'bugfix/ble_mesh_rpl_list_size_v4.0' into 'release/v4.0'
ble_mesh: Associate replay protection list size with nodes count (v4.0)

See merge request espressif/esp-idf!8495
2020-05-06 11:14:21 +08:00
Island
a44f473d4a Merge branch 'doc/ble_mesh_fixes_v4.0' into 'release/v4.0'
doc: Fix some ble mesh description (v4.0)

See merge request espressif/esp-idf!8503
2020-05-06 11:12:57 +08:00
Island
beb64a1af4 Merge branch 'bugfix/ble_mesh_add_missing_cpp_v4.0' into 'release/v4.0'
ble_mesh: Add missing #ifdef __cplusplus (v4.0)

See merge request espressif/esp-idf!8506
2020-05-06 11:12:25 +08:00
Island
7b8356ee2f Merge branch 'bugfix/ble_mesh_time_scene_wrong_name_v4.0' into 'release/v4.0'
ble_mesh: Fix time scene wrong macro name (v4.0)

See merge request espressif/esp-idf!8511
2020-05-06 11:11:00 +08:00
lly
b97d4c617b ble_mesh: Fix time scene wrong macro name 2020-04-27 16:26:23 +08:00
lly
765bd76ba3 ble_mesh: Add missing #ifdef __cplusplus 2020-04-27 15:34:14 +08:00
lly
9370264cac doc: Fix some ble mesh description 2020-04-27 15:25:46 +08:00
lly
8bfa01cc28 ble_mesh: Fix client local parameters not initialized 2020-04-27 14:39:40 +08:00
lly
90a9444696 ble_mesh: Continue node info restore even if failure happens
During BLE Mesh Provisioner initialization, the stack will restore
the nodes information if settings storage is enabled.
Previously when a failure happens (e.g. found the same uuid) during
the restore procedure, the information of the following nodes will
not be restored and error will be directly returned.
But this will introduce some problem with user experience, because
some newly provisioned nodes information will not be restored and
Provisioner will not be able to control those nodes.
So we change the operation here, when a failure happens during the
restore procedure, Provisioner will only ignore the information of
the current node and continue restoring other nodes information.
2020-04-27 14:39:40 +08:00
lly
b9fd2673a7 ble_mesh: Remove some redundant functions 2020-04-27 14:39:39 +08:00
lly
7595116353 ble_mesh: Notify unprovisioned device beacon to application layer
With this change, if a Provisioner has provisioned the maximum
number of nodes, it can still report the unprovisioned device
beacon from other nodes to the application layer. And this will
be more reasonable compared with the previous implementation.
Previously when the node array of Provisioner is full, no beacon
from unprovisioned devices will be reported, only some warning
logs will be given.
2020-04-27 14:39:38 +08:00
lly
9aae0f2dee ble_mesh: Check if assigned node address is duplicated
Previously only check the node address when it is assigned by the
application layer. Here we also check the address when the address
is allocated internally. And this will be useful when some mesh
internal tests are performed.
2020-04-27 14:39:38 +08:00
lly
f137546a4b ble_mesh: Update next alloc address when node info is added 2020-04-27 14:39:37 +08:00
lly
388043c203 ble_mesh: Fix Provisioner provisioning deadlock 2020-04-27 14:39:37 +08:00
lly
c496fa79de ble_mesh: Remove BLE_MESH_MAX_STORED_NODES option
Previously the BLE_MESH_MAX_STORED_NODES option is added for
internal mesh test, which will be a little confusing for the
users to understand.
Here we remove this option, instead the BLE_MESH_MAX_PROV_NODES
will be used for all the cases. For mesh internal test, when
the test function is called to add some nodes info, the info
will be stored in the array of provisioned nodes directly.
2020-04-27 14:39:36 +08:00
lly
2af16b92e5 ble_mesh: Associate replay protection list size with nodes count
The replay protection list of Provisioner should be at least equal
to the number of nodes with the precondition that each node contains
only one element.
The help information of replay protection list is updated, and the
maximum number of nodes for Provisioner is adjusted based on the
replay protection list size.
2020-04-27 14:39:35 +08:00
Krzysztof Budzynski
c955b7d133 Merge branch 'docs/backport_6147' into 'release/v4.0'
backport changes in 6147

See merge request espressif/esp-idf!8101
2020-04-21 14:34:21 +08:00
liying
4131b51c16 Backport changes made in 6147 to release/4.0 2020-04-20 21:47:26 +08:00
Angus Gratton
1de273a901 Merge branch 'bugfix/error_on_building_in_idf_path_v4.0' into 'release/v4.0'
cmake: Error out when building in IDF_PATH dir (v4.0)

See merge request espressif/esp-idf!8298
2020-04-20 15:04:25 +08:00
zhangyanjiao
2139d40f5e wifi: fix the bug that ESP32 can't get IP address from China Mobile router 2020-04-20 11:18:07 +08:00
Jiang Jiang Jian
44d653adff Merge branch 'bugfix/btdm_backports_v4.0_0328' into 'release/v4.0'
Bugfix/btdm backports v4.0 0328

See merge request espressif/esp-idf!8151
2020-04-16 22:01:39 +08:00
Jiang Jiang Jian
41eabbefd6 Merge branch 'bugfix/coredump_no_ext_stacks_v4.0' into 'release/v4.0'
core dump: don't allow core dumps to Flash if PSRAM is used for stacks (backport v4.0)

See merge request espressif/esp-idf!8229
2020-04-16 15:24:21 +08:00
Jiang Jiang Jian
8972461611 Merge branch 'bugfix/fix_errors_with_mbedtls_disabled_v4.0' into 'release/v4.0'
wpa_supplicant: Fix compilation errors when USE_MBEDTLS is disabled. (v4.0)

See merge request espressif/esp-idf!8357
2020-04-16 15:23:03 +08:00
Angus Gratton
0e6bbdf683 Merge branch 'bufgix/esp_ota_get_app_elf_sha256_v4.0' into 'release/v4.0'
app_update: Fix case when elf file SHA256 should be printed by panic handler while cache is disabled (v4.0)

See merge request espressif/esp-idf!8367
2020-04-16 14:32:22 +08:00
Angus Gratton
778ebb4dba Merge branch 'bugfix/efuse_get_coding_scheme_and_ut_v4.0' into 'release/v4.0'
efuse: Fix get_coding_scheme() using ESP_EARLY_LOG* instead of ESP_LOG* (v4.0)

See merge request espressif/esp-idf!8361
2020-04-16 14:29:39 +08:00
Angus Gratton
f87df26cf4 Merge branch 'bugfix/transport_connection_active_v4.0' into 'release/v4.0'
fix(transport): Fix a bug of the connection whether be active (v4.0)

See merge request espressif/esp-idf!7743
2020-04-16 14:05:24 +08:00
Marius Vikhammer
93b8fcf664 app_update: fix test failure for get_app_elf_sha256 test
Commit fc03161f updated esp_ota_get_app_elf_sha256 to store and return
X number of bytes of the hash, but the test case still expected 64 bytes.

Updated test case to use CONFIG value for expected length.
2020-04-15 21:13:21 +08:00
KonstantinKondrashov
a78772bbc6 app_update: Fix case when elf file SHA256 should be printed by panic handler while cache is disabled
Closes: IDF-1342
2020-04-15 21:06:43 +08:00
KonstantinKondrashov
1490256968 efuse: Fix get_coding_scheme() when CONFIG_SECURE_FLASH_ENC_ENABLED and LOG_LEVEL is Debug
Closes: https://github.com/espressif/esp-idf/issues/4862
2020-04-15 20:52:50 +08:00
Sagar Bijwe
5209dff76b wpa_supplicant: Fix compilation errors when USE_MBEDTLS is disabled.
This is a regression from earlier commit related to TLSV12 which used
sha functions that are currently declared static.
Solution: Follow upstream code structure and resolve the errors.
2020-04-15 15:34:35 +05:30