diff --git a/components/esp_local_ctrl/src/esp_local_ctrl.c b/components/esp_local_ctrl/src/esp_local_ctrl.c index 5202576339..c1fef0ee23 100644 --- a/components/esp_local_ctrl/src/esp_local_ctrl.c +++ b/components/esp_local_ctrl/src/esp_local_ctrl.c @@ -143,20 +143,35 @@ esp_err_t esp_local_ctrl_start(const esp_local_ctrl_config_t *config) return ret; } - protocomm_security_t *proto_sec_handle; + protocomm_security_t *proto_sec_handle = NULL; switch (local_ctrl_inst_ctx->config.proto_sec.version) { case PROTOCOM_SEC_CUSTOM: proto_sec_handle = local_ctrl_inst_ctx->config.proto_sec.custom_handle; break; case PROTOCOM_SEC1: +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 proto_sec_handle = (protocomm_security_t *) &protocomm_security1; +#else + // Enable SECURITY_VERSION_1 in Protocomm configuration menu + return ESP_ERR_NOT_SUPPORTED; +#endif break; case PROTOCOM_SEC2: +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 proto_sec_handle = (protocomm_security_t *) &protocomm_security2; break; +#else + // Enable SECURITY_VERSION_2 in Protocomm configuration menu + return ESP_ERR_NOT_SUPPORTED; +#endif case PROTOCOM_SEC0: default: +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0 proto_sec_handle = (protocomm_security_t *) &protocomm_security0; +#else + // Enable SECURITY_VERSION_0 in Protocomm configuration menu + return ESP_ERR_NOT_SUPPORTED; +#endif break; } ret = protocomm_set_security(local_ctrl_inst_ctx->pc, "esp_local_ctrl/session", diff --git a/components/protocomm/CMakeLists.txt b/components/protocomm/CMakeLists.txt index cd9245ae2f..9f6f683e3b 100644 --- a/components/protocomm/CMakeLists.txt +++ b/components/protocomm/CMakeLists.txt @@ -4,18 +4,30 @@ set(include_dirs include/common set(priv_include_dirs proto-c src/common src/crypto/srp6a/include) set(srcs "src/common/protocomm.c" - "src/security/security0.c" - "src/security/security1.c" - "src/security/security2.c" "proto-c/constants.pb-c.c" "proto-c/sec0.pb-c.c" "proto-c/sec1.pb-c.c" "proto-c/sec2.pb-c.c" "proto-c/session.pb-c.c" "src/transports/protocomm_console.c" - "src/transports/protocomm_httpd.c" - "src/crypto/srp6a/esp_srp.c" - "src/crypto/srp6a/esp_srp_mpi.c") + "src/transports/protocomm_httpd.c") + +if(CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0) + list(APPEND srcs + "src/security/security0.c") +endif() + +if(CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1) + list(APPEND srcs + "src/security/security1.c") +endif() + +if(CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2) + list(APPEND srcs + "src/security/security2.c" + "src/crypto/srp6a/esp_srp.c" + "src/crypto/srp6a/esp_srp_mpi.c") +endif() if(CONFIG_BT_ENABLED) if(CONFIG_BT_BLUEDROID_ENABLED) diff --git a/components/protocomm/Kconfig b/components/protocomm/Kconfig new file mode 100644 index 0000000000..d85a7336fe --- /dev/null +++ b/components/protocomm/Kconfig @@ -0,0 +1,29 @@ +menu "Protocomm" + + config ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0 + bool "Support protocomm security version 0 (no security)" + default y + help + Enable support of security version 0. + Disabling this option saves some code size. + Consult the Enabling protocomm security version section of the + Protocomm documentation in ESP-IDF Programming guide for more details. + + config ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 + bool "Support protocomm security version 1 (Curve25519 key exchange + AES-CTR encryption/decryption)" + default y + help + Enable support of security version 1. + Disabling this option saves some code size. + Consult the Enabling protocomm security version section of the + Protocomm documentation in ESP-IDF Programming guide for more details. + + config ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 + bool "Support protocomm security version 2 (SRP6a-based key exchange + AES-GCM encryption/decryption)" + default n + help + Enable support of security version 2. + Disabling this option saves some code size. + Consult the Enabling protocomm security version section of the + Protocomm documentation in ESP-IDF Programming guide for more details. +endmenu diff --git a/components/protocomm/include/security/protocomm_security0.h b/components/protocomm/include/security/protocomm_security0.h index 9ae8744d47..5d7a4fab80 100644 --- a/components/protocomm/include/security/protocomm_security0.h +++ b/components/protocomm/include/security/protocomm_security0.h @@ -1,16 +1,8 @@ -// Copyright 2018 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +/* + * SPDX-FileCopyrightText: 2018-2022 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ #pragma once @@ -20,6 +12,7 @@ extern "C" { #endif +#if CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0 /** * @brief Protocomm security version 0 implementation * @@ -27,6 +20,7 @@ extern "C" { * security is required for the protocomm instance */ extern const protocomm_security_t protocomm_security0; +#endif #ifdef __cplusplus } diff --git a/components/protocomm/include/security/protocomm_security1.h b/components/protocomm/include/security/protocomm_security1.h index 12a05c322a..a984cf87de 100644 --- a/components/protocomm/include/security/protocomm_security1.h +++ b/components/protocomm/include/security/protocomm_security1.h @@ -1,16 +1,8 @@ -// Copyright 2018 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +/* + * SPDX-FileCopyrightText: 2018-2022 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ #pragma once @@ -20,6 +12,7 @@ extern "C" { #endif +#if CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 /** * @brief Protocomm security version 1 implementation * @@ -27,6 +20,7 @@ extern "C" { * Curve25519 key exchange and AES-256-CTR encryption */ extern const protocomm_security_t protocomm_security1; +#endif #ifdef __cplusplus } diff --git a/components/protocomm/include/security/protocomm_security2.h b/components/protocomm/include/security/protocomm_security2.h index 26b652a3f2..b9a0faf7fb 100644 --- a/components/protocomm/include/security/protocomm_security2.h +++ b/components/protocomm/include/security/protocomm_security2.h @@ -12,6 +12,7 @@ extern "C" { #endif +#if CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 /** * @brief Protocomm security version 2 implementation * @@ -20,6 +21,7 @@ extern "C" { * and AES-GCM encryption/decryption */ extern const protocomm_security_t protocomm_security2; +#endif #ifdef __cplusplus } diff --git a/components/wifi_provisioning/src/manager.c b/components/wifi_provisioning/src/manager.c index f2ff62ed67..d75aa60325 100644 --- a/components/wifi_provisioning/src/manager.c +++ b/components/wifi_provisioning/src/manager.c @@ -307,14 +307,29 @@ static esp_err_t wifi_prov_mgr_start_service(const char *service_name, const cha /* Set protocomm security type for endpoint */ if (prov_ctx->security == 0) { +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0 ret = protocomm_set_security(prov_ctx->pc, "prov-session", &protocomm_security0, NULL); +#else + // Enable SECURITY_VERSION_0 in Protocomm configuration menu + return ESP_ERR_NOT_SUPPORTED; +#endif } else if (prov_ctx->security == 1) { +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 ret = protocomm_set_security(prov_ctx->pc, "prov-session", &protocomm_security1, prov_ctx->protocomm_sec_params); +#else + // Enable SECURITY_VERSION_1 in Protocomm configuration menu + return ESP_ERR_NOT_SUPPORTED; +#endif } else if (prov_ctx->security == 2) { +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 ret = protocomm_set_security(prov_ctx->pc, "prov-session", &protocomm_security2, prov_ctx->protocomm_sec_params); +#else + // Enable SECURITY_VERSION_2 in Protocomm configuration menu + return ESP_ERR_NOT_SUPPORTED; +#endif } else { ESP_LOGE(TAG, "Unsupported protocomm security version %d", prov_ctx->security); ret = ESP_ERR_INVALID_ARG; diff --git a/docs/en/api-reference/protocols/esp_local_ctrl.rst b/docs/en/api-reference/protocols/esp_local_ctrl.rst index cfed730c9a..6c3cdeed1c 100644 --- a/docs/en/api-reference/protocols/esp_local_ctrl.rst +++ b/docs/en/api-reference/protocols/esp_local_ctrl.rst @@ -91,9 +91,12 @@ Similarly for HTTPS transport: You may set security for transport in ESP local control using following options: -1. `PROTOCOM_SEC1`: specifies that end to end encryption is used. -2. `PROTOCOM_SEC0`: specifies that data will be exchanged as a plain text. -3. `PROTOCOM_SEC_CUSTOM`: you can define your own security requirement. Please note that you will also have to provide `custom_handle` of type `protocomm_security_t *` in this context. +1. `PROTOCOM_SEC2`: specifies that SRP6a based key exchange and end to end encryption based on AES-GCM is used. This is the most preffered option as it adds a robust security with Augmented PAKE protocol i.e. SRP6a. +2. `PROTOCOM_SEC1`: specifies that Curve25519 based key exchange and end to end encryption based on AES-CTR is used. +3. `PROTOCOM_SEC0`: specifies that data will be exchanged as a plain text (no security). +4. `PROTOCOM_SEC_CUSTOM`: you can define your own security requirement. Please note that you will also have to provide `custom_handle` of type `protocomm_security_t *` in this context. + +.. note:: The respective security schemes need to be enabled through the project configuration menu. Please refer to the Enabling protocom security version section in :doc:`Protocol Communication ` for more details. Creating a property ------------------- diff --git a/docs/en/api-reference/provisioning/protocomm.rst b/docs/en/api-reference/provisioning/protocomm.rst index 374b914322..816e9ee45e 100644 --- a/docs/en/api-reference/provisioning/protocomm.rst +++ b/docs/en/api-reference/provisioning/protocomm.rst @@ -19,6 +19,17 @@ Protocomm provides framework for various transports - WiFi (SoftAP+HTTPD), BLE, Note that the client still needs to establish session (for protocomm_security1 and protocomm_security2) by performing the two way handshake. See :doc:`provisioning` for more details about the secure handshake logic. +Enabling protocomm security version +----------------------------------- +Protocomm component provides project configuration menu to enable/disable support of respective security versions. +The respective configuration options can be found as follows: + + * Support protocomm security version 1 (no security): :ref:`CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0` (this option is enabled by default) + * Support protocomm security version 1 (Curve25519 key exchange + AES-CTR encryption/decryption): :ref:`CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1` (this option is enabled by default) + * Support protocomm security version 2 (SRP6a-based key exchange + AES-GCM encryption/decryption): :ref:`CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2` + +.. note:: Enabling multiple security versions allow to control them dynamically but also increases firmware size. + Transport Example (SoftAP + HTTP) with Security 2 ------------------------------------------------- For sample usage, see :component_file:`wifi_provisioning/src/scheme_softap.c` diff --git a/docs/en/api-reference/provisioning/provisioning.rst b/docs/en/api-reference/provisioning/provisioning.rst index 483881fef7..29d136992a 100644 --- a/docs/en/api-reference/provisioning/provisioning.rst +++ b/docs/en/api-reference/provisioning/provisioning.rst @@ -107,6 +107,8 @@ At present, unified provisioning supports the following security schemes: b. No Auth (Null PoP) - Shared key derived through key exchange only 3. Security2 - SRP6a-based shared key derivation and AES256-GCM mode encryption of the data. +.. note:: The respective security schemes need to be enabled through the project configuration menu. Please refer to the Enabling protocom security version section in :doc:`protocomm` (Protocol Communication) for more details. + Security1 Scheme >>>>>>>>>>>>>>>> diff --git a/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild b/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild index ecb6427038..269ad1866c 100644 --- a/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild +++ b/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild @@ -24,9 +24,11 @@ menu "Example Configuration" config EXAMPLE_PROV_SECURITY_VERSION_1 bool "Security version 1" + select ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 config EXAMPLE_PROV_SECURITY_VERSION_2 bool "Security version 2" + select ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 endchoice choice EXAMPLE_PROV_MODE diff --git a/tools/ci/check_copyright_ignore.txt b/tools/ci/check_copyright_ignore.txt index cde4ee31eb..a88152665b 100644 --- a/tools/ci/check_copyright_ignore.txt +++ b/tools/ci/check_copyright_ignore.txt @@ -1070,8 +1070,6 @@ components/nvs_flash/test_nvs_host/test_spi_flash_emulation.cpp components/openthread/include/esp_openthread.h components/openthread/include/esp_openthread_lock.h components/openthread/include/esp_openthread_netif_glue.h -components/protocomm/include/security/protocomm_security0.h -components/protocomm/include/security/protocomm_security1.h components/protocomm/include/transports/protocomm_console.h components/protocomm/include/transports/protocomm_httpd.h components/protocomm/proto-c/constants.pb-c.c