Commit Graph

134 Commits

Author SHA1 Message Date
Jiang Jiang Jian
803cf064d2 Merge branch 'bugfix/eap_client_crash' into 'master'
wpa_supplicant: Fix null pointer deference and memleak

Closes IDFGH-3699

See merge request espressif/esp-idf!9690
2020-07-23 10:16:05 +08:00
Jiang Jiang Jian
bdca464da6 Merge branch 'bugfix/wpa3_to_wpa2_transition_fix' into 'master'
Fix WPA3 and WPA2 transition related failures

Closes WIFI-2555

See merge request espressif/esp-idf!9533
2020-07-23 09:51:05 +08:00
kapil.gupta
5502a553a7 wpa_supplicant: Fix invalid pointer deference and memleak
Add following changes as part of this:

1. EAP client will crash during validation of key size when CA
certs and keys not present. Add changes to validate it first.
2. Free memory allocated in TLS context
2020-07-20 19:56:06 +05:30
ronghulin
5f76927d96 bugfix: fix softap mode wpa memory leak 2020-07-16 07:26:19 +00:00
Nachiket Kukade
df14475c5b wpa_supplicant: Fix WPA3 and WPA2 transition related failures
1. If Device is connected to AP in WPA3-PSK mode, AP switching
security to WPA2-PSK causes connection failures even after reset.
Fix is to not store WPA3's PMK in NVS for caching.

2. AP switching back to WPA3 causes even more connection failures.
This is due to device not clearing Supplicant level PMK Cache when
it is no longer valid. Fix is to clear the Cache when 4-way handshake
fails and to check Key Mgmt of Cache before using.

3. When AP switches from WPA3 to WPA2, device's PMF config in
Supplicant remains enabled. This may cause failures during
4-way handshake. So clear PMF config in when PMF is no longer used.
2020-07-15 12:20:16 +00:00
Nachiket Kukade
81f037a299 Fix handling of multiple AP credentials in WPS
WPS can send multiple AP credentials, while existing implementation
will only use the first credentials which could be for the 5G band.
Fix this by passing these credentials to the App and attempting
to connect using each of those. Older Apps will remain compatible
without breaking WPS, but the issue will remain.
2020-07-08 11:02:55 +00:00
kapil.gupta
bd2815db10 wpa_supplicant: Support for mbedtls tls handshake
Add support for mbedtls based tls handshake, this removes
dependency from internal implementation of EAP client.
2020-06-26 17:20:22 +05:30
kapil.gupta
1cabd06f0c wpa_supplicant: Replace internal RSA APIs by mbedtls APIs
Curretly wpa_supplicant uses internal APIs for RSA operations
which internally uses lots of big num operations.

Big num operations are CPU expensive and can take a lot of time
which can cause watchdog timer to tigger.

This can be optimize by using mbedtls APIs which uses
hardware blocks for big num operations.

To fix this, write new crypto_mbedtls-rsa.c which has APIs
similar to crypto_internal-rsa.c but uses mbedtls APIs.
2020-06-07 15:31:12 +00:00
Angus Gratton
33bfe2393a Merge branch 'bugfix/wpa_supplicant_no_hw_mpi' into 'master'
wpa_supplicant: Allow building with mbedTLS integration but no hardware MPI

Closes IDFGH-3344

See merge request espressif/esp-idf!8822
2020-06-01 14:48:06 +08:00
Jiang Jiang Jian
af97a5abc3 Merge branch 'workaround/wps_iot_fixes' into 'master'
wpa_supplicant: WPS Inter operatability Fixes

See merge request espressif/esp-idf!8654
2020-05-20 11:32:34 +08:00
Angus Gratton
0927ec029e wpa_supplicant: Allow building with mbedTLS integration but no hardware MPI
Also disable the relevant function in bignum.h based on config, so fails at
compile not link time.

Closes https://github.com/espressif/esp-idf/issues/5321
2020-05-20 12:06:07 +10:00
kapil.gupta
fb53a454b9 ESP-WIFI: Optimize 4way handshake failure time
In case of wrong passpharse, AP will keep on sending 1/4 multiple
times which may take around 10 secs to disconnect and detect
wrong password event.

Add changes to reject EAPOL1 after 3 consecutive reception
2020-05-19 16:55:42 +05:30
kapil.gupta
76335b2558 wpa_supplicant: WPS Inter operatability Fixes
Add WPS IOT fixes under config option

Current fixes under this flag.
1. Allow NULL-padded WPS attributes.
2. Bypass WPS-Config method validation
2020-05-19 08:05:52 +00:00
Nachiket Kukade
c643d0a611 wpa_supplicant: Allow NULL-padded WPS attributes
Some AP's keep NULL-padding at the end of some variable length WPS
Attributes. This is not as par the WPS2.0 specs, but to avoid interop
issues, ignore the padding by reducing the attribute length by 1.
2020-05-19 08:05:52 +00:00
Nachiket Kukade
b302b4bb43 wpa_supplicant: Fix memory leaks in WPA3 connection
1. Buffers for SAE messages are not freed after the handshake.
   This causes memory leak, free buffers after SAE handshake.
2. SAE global data is not freed until the next WPA3 connection
   takes place, holding up heap space without reason. Free this
   data after SAE handshake is complete or event fails.
3. Update wifi lib which includes memory leak fix during BIP
   encryption/decryption operations.
2020-05-13 22:54:03 +05:30
Nachiket Kukade
f36455052d wpa_supplicant: Fix formatting of file esp_wpa3.c
Replace tabs with spaces in esp_wpa3.c.
2020-05-13 22:54:03 +05:30
Jiang Jiang Jian
5f2be35525 Merge branch 'bugfix/supplicant_general_fixes' into 'master'
wpa_supplicant: Fix some memleaks and invalid memory access

Closes IDF-1335

See merge request espressif/esp-idf!8201
2020-05-12 11:03:14 +08:00
Zhang Jun Hao
e9b3feb85d fix(wpa_supplicant): fix memleak in wpa3 feature 2020-05-07 17:28:07 +08:00
kapil.gupta
3b5fcbe06f wpa_supplicant: Fix some memleaks and invalid memory access
Add changes to fix issues reported in clang analyzer
2020-05-06 10:31:59 +00:00
Shubham Kulkarni
f2cdebd906 esp_wps.c: Fix datatype for wps task handle 2020-05-04 13:26:58 +05:30
Jiang Jiang Jian
1b5c42b9b0 Merge branch 'bugfix/supplicant_log_enable_issue' into 'master'
wpa_supplicant: Minor bugfix with wpa_supplicant debug logs.

See merge request espressif/esp-idf!8397
2020-04-28 16:29:19 +08:00
Nachiket Kukade
59e8e407a0 wpa_supplicant: Disable TLSv1.2 by default
Some Enterprise Authentication Servers do not support TLS v1.2.
Move this option to Menuconfig and disable by default.
2020-04-28 10:05:35 +05:30
Hrudaynath Dhabe
d8a7cfdde4 wpa_supplicant: Minor bugfix with wpa_supplicant debug logs. 2020-04-19 16:40:06 +05:30
kapil.gupta
ab784bb53a wpa_supplicant: Port dpp feature from supplicant
Add files required for DPP feature from upstream.
These file expose the functionality to create DPP packets.
Ported crypto layer from openssl to mbedtls.

Interfacing to use these API will be added in seperate commit
2020-04-14 18:53:35 +05:30
Sagar Bijwe
665b0b4b3b wpa_supplicant: Fix compilation errors when USE_MBEDTLS is disabled.
This is a regression from earlier commit related to TLSV12 which used
sha functions that are currently declared static.
Solution: Follow upstream code structure and resolve the errors.
2020-04-09 16:53:41 +05:30
Sagar Bijwe
a830ddd9ba wpa_supplicant: Fix wpa_supplicant TLS 1.2 issues
1) Fixed compilation issues.
2) Added tlsprf.c from upstream
3) Enabled SHA256 in supplicant compilation.
2020-03-31 17:16:10 +05:30
David Cermak
62f9f42b54 wpa_supplicant: ignore static analysis violations 2020-03-27 19:17:36 +01:00
Renz Bagaporo
3d0967a58a test: declare requirements and include dirs private 2020-03-23 10:58:50 +08:00
Jiang Jiang Jian
2e7ae75011 Merge branch 'bugfix/wep40_key_parsing_bug' into 'master'
wpa_supplicant: Add parsing support for WEP40 key

See merge request espressif/esp-idf!7968
2020-03-17 15:42:02 +08:00
Marius Vikhammer
7e824508a9 mpi: refactor bignum into common and hw specific components
Closes IDF-1174
2020-03-16 19:44:30 +08:00
kapil.gupta
0ae58fc59f wpa_supplicant: Add parsing support for WEP40 key
WEP key is passed as ascii key without "", add parsing support
in supplicant for this.
2020-03-16 06:14:19 +00:00
Marius Vikhammer
e21bef3f28 mpi: active hw accel for S2
Actives MPI/RSA hardware acceleratio for ESP32 S2.

Closes IDF-803
2020-03-13 18:33:18 +08:00
Nachiket Kukade
30d6220394 esp_wifi: Support for additional WPA3 testcases
1. Anti-Clogging Token Request support
2. Return correct status from SAE modules for invalid scenarios
3. Add PMK Caching support for WPA3
2020-03-03 19:01:51 +05:30
Sagar Bijwe
0f1710d878 wpa_supplicant: Fix SAE test-case failure on mbedtls version udpate
Problem:
mbedtls_ctr_drbg_context was initialized in crypto_ec_point_mul. This
was okay in releases before 2.16.4 as entropy_len used to get set to
MBEDTLS_CTR_DRBG_ENTROPY_LEN in function mbedtls_ctr_drbg_seed. The
function is now changed to set the length to
MBEDTLS_CTR_DRBG_ENTROPY_LEN if previous length is 0 and hence the bug.

Solution:
Initialize mbedtls_ctr_drbg_context in crypto_ec_point_mul.
2020-02-26 17:50:08 +05:30
michael
2529eda907 ci: disable failed cases for s2 temporarily 2020-02-15 18:28:25 +08:00
Jiang Jiang Jian
7647b5c668 Merge branch 'bugfix/eapol_log_verbosity' into 'master'
wpa_supplicant: Add wpa_supllicant debug logging as a configurable option

Closes WIFI-976

See merge request espressif/esp-idf!7289
2020-02-11 16:10:07 +08:00
David Cermak
50588ff3f7 esp-compiler: add designated init macros to make esp configuration pattern viable under C++ 2020-02-10 19:40:28 +01:00
Angus Gratton
98618333a1 Merge branch 'bugfix/wps_config_init' into 'master'
WPS_CONFIG_INIT_DEFAULT(type) error

See merge request espressif/esp-idf!7311
2020-02-06 14:04:31 +08:00
Konstantin Kondrashov
739eb05bb9 esp32: add implementation of esp_timer based on TG0 LAC timer
Closes: IDF-979
2020-02-06 14:00:18 +08:00
Hrudaynath Dhabe
9ebd2cc0f6 Fix wps config for support with gnu++11 as well as c99. 2020-01-31 05:36:41 +00:00
Hrudaynath Dhabe
ec50c5344b wpa_supplicant: Fix configurable debug log feature's warning issue 2020-01-31 05:34:07 +00:00
GOPTIONS\pfrost
851658109c Reduce log level of hexdumps to verbose
Revert "Reduce log level of hexdumps to verbose"

Add a menuconfig option to enable or disable the logging in wpa_supplicant

Clarify help message
2020-01-31 05:34:07 +00:00
morris
e30cd361a8 global: rename esp32s2beta to esp32s2 2020-01-22 12:14:38 +08:00
morris
1c2cc5430e global: bring up esp32s2(not beta) 2020-01-16 17:41:31 +08:00
Konstantin Kondrashov
2c793cef06 idf: Support a custom toolchain with time_t wide 64-bits
Allows resolving the Y2K38 problem.

Closes: IDF-350

Closes: https://github.com/espressif/esp-idf/issues/584
2020-01-10 12:58:54 +08:00
liu zhifu
fde2f33912 esp_wifi/supplicant: fix some WiFi stop memory leak 2019-12-18 13:51:27 +08:00
Marius Vikhammer
c63684cf6c hw crypto: activated hardware acceleration for esp32s2beta
Activated AES, RSA and SHA hardware acceleration for esp32s2 and enabled related unit tests.

Updated with changes made for ESP32 from 0a04034, 961f59f and caea288.

Added performance targets for esp32s2beta

Closes IDF-757
2019-12-12 12:37:29 +08:00
Ivan Grokhotkov
4872dcea2e wpa_supplicant: remove header file MD5 unit test 2019-11-27 23:00:11 +08:00
Nachiket Kukade
5618cf5100 wpa_supplicant: Fix MD5 mismatch in esp_wifi_driver.h
Make cosmetic changes in esp_wifi_driver.h in both IDF
and wifi library to match the md5sum.
2019-11-27 12:43:04 +00:00
Nachiket Kukade
f2e37c4ca8 wpa_supplicant: Support WPA3 4-way handshake, add config option
1. Add changes in 4-way handshake path to allow SAE key mgmt.
2. Support for configuring WAP3 at init time, added Kconfig option.
3. Handle and propagate error conditions properly.
4. Link changes from WiFi library.
2019-11-26 10:59:55 +05:30