24253 Commits

Author SHA1 Message Date
Jouni Malinen
f4d7329ae6 EAP peer: Clear keying material on deinit
Reduce the amount of time keying material (MSK, EMSK, temporary private
data) remains in memory in EAP methods. This provides additional
protection should there be any issues that could expose process memory
to external observers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:52 +05:30
Jouni Malinen
bb16734aa9 EAP-TLS: Update Session-Id derivation with TLS v1.3
Move to the version used in draft-ietf-emu-eap-tls13-03.txt, i.e.,
include the 0x0D prefix and use a different TLS-Exporter() label string.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:52 +05:30
Jouni Malinen
ed8452d53f EAP-TLS: Derive Session-Id using TLS-Exporter when TLS v1.3 is used
This updates Session-Id derivation with TLS v1.3 per
draft-ietf-emu-eap-tls13-00.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:51 +05:30
Jouni Malinen
a2336b74f9 EAP-TLS: Update key derivation label per draft-ietf-emu-eap-tls13-00
The label strings used for deriving Key_Material with TLS v1.3 were
changed, so update the implementation to match the new values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:51 +05:30
Jouni Malinen
e9f6949d7e EAP-TLS peer: MSK/EMSK derivation with TLS v1.3
Use new MSK/EMSK derivation mechanism if TLS v1.3 or newer is used per
draft-mattsson-eap-tls13-02.txt.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:51 +05:30
Jouni Malinen
34a8628d4e EAP-TLS peer: Allow NewSessionTicket after Client Finished with TLS v1.3
The EAP session cannot be marked fully completed on sending Client
Finished with TLS v1.3 since the server may still send NewSessionTicket
before EAP-Success.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:51 +05:30
Jouni Malinen
6a83540ae0 EAP-TLS peer: Support fragmentation of last message
With TLS v1.3, the Finished message from the client can require
fragmentation. Postpone key derivation and marking of the EAP session
fully completed until all the fragments of that last message are sent to
avoid losing all the subsequent fragments.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:51 +05:30
Jouni Malinen
77d87edbb2 EAP-TLS peer: Determine whether TLS v1.3 or newer is used
This is needed to be able to handle different key derivation and message
handshakes in EAP implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:33:48 +05:30
Ilan Peer
a539c63d68 EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap()
The msg buffer needs to be freed on these two error paths.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2024-03-20 09:32:32 +05:30
Jouni Malinen
5c0fb10902 EAP peer: External server certificate chain validation
This adds support for optional functionality to validate server
certificate chain in TLS-based EAP methods in an external program.
wpa_supplicant control interface is used to indicate when such
validation is needed and what the result of the external validation is.

This external validation can extend or replace the internal validation.
When ca_cert or ca_path parameter is set, the internal validation is
used. If these parameters are omitted, only the external validation is
used. It needs to be understood that leaving those parameters out will
disable most of the validation steps done with the TLS library and that
configuration is not really recommend.

By default, the external validation is not used. It can be enabled by
addingtls_ext_cert_check=1 into the network profile phase1 parameter.
When enabled, external validation is required through the CTRL-REQ/RSP
mechanism similarly to other EAP authentication parameters through the
control interface.

The request to perform external validation is indicated by the following
event:
CTRL-REQ-EXT_CERT_CHECK-<id>:External server certificate validation needed for SSID <ssid>

Before that event, the server certificate chain is provided with the
CTRL-EVENT-EAP-PEER-CERT events that include the cert=<hexdump>
parameter. depth=# indicates which certificate is in question (0 for the
server certificate, 1 for its issues, and so on).

The result of the external validation is provided with the following
command:
CTRL-RSP-EXT_CERT_CHECK-<id>:<good|bad>

It should be noted that this is currently enabled only for OpenSSL (and
BoringSSL/LibreSSL). Due to the constraints in the library API, the
validation result from external processing cannot be reported cleanly
with TLS alert. In other words, if the external validation reject the
server certificate chain, the pending TLS handshake is terminated
without sending more messages to the server.

Signed-off-by: Jouni Malinen <j@w1.fi>
2024-03-20 09:32:32 +05:30
Wan Lei
a7355d3aba Merge branch 'feat/c6lite_c61_g0_component_s4' into 'master'
feat(esp32c61): add G0 component (hal, riscv) support (stage 4/8)

See merge request espressif/esp-idf!29551
2024-03-20 10:09:42 +08:00
Darian
53e3833f44 Merge branch 'refactor/usb_fsls_phy_hal' into 'master'
refactor(hal/usb): Update USB PHY related HAL/LL API

See merge request espressif/esp-idf!29659
2024-03-20 06:07:29 +08:00
Jiang Jiang Jian
8a06233051 Merge branch 'feature/updates_for_wpa3_spec_v3.3' into 'master'
feat(esp_wifi): Update Wi-Fi WPA3 authmodes as per WPA Specification v3.3

See merge request espressif/esp-idf!29608
2024-03-20 02:31:01 +08:00
Alexey Lapshin
00b55a654c Merge branch 'feature/cleanup-linker-scripts' into 'master'
feat(system): refactor linker scripts

See merge request espressif/esp-idf!29515
2024-03-20 02:25:11 +08:00
Darshan Dobariya
e0e89b8bde fix(nimble): Added support for deleting the oldest bonded device across reboot 2024-03-19 22:26:22 +05:30
Sudeep Mohanty
42c935e2c3 fix(freertos): Fixed an issue where accessing task lists could overrun memory
This commit fixes a potential issue of illegal memory access when
accessing the various task lists in FreeRTOS while fetching tasks using
the xTaskGetNext() function.
2024-03-19 17:33:18 +01:00
Rahul Tank
dd737f9821 Merge branch 'bugfix/fixed_task_invokation_after_pairing' into 'master'
fix(nimble): Fixed the call to ble_hid_task_startup after pairing

See merge request espressif/esp-idf!29655
2024-03-19 23:26:27 +08:00
Sudeep Mohanty
ca07ef3837 Merge branch 'contrib/github_pr_13180' into 'master'
ulp_riscv_print: Add convenience function that supports different widths (GitHub PR)

Closes IDFGH-12124

See merge request espressif/esp-idf!29716
2024-03-19 22:52:50 +08:00
Song Ruo Jing
34f05287ab Merge branch 'bugfix/dma2d_various_small_fixes' into 'master'
fix(dma2d): correct a few 2D-DMA driver issues

See merge request espressif/esp-idf!29705
2024-03-19 21:36:45 +08:00
Ondrej Kosta
9d0b8d62b0 Merge branch 'feature/emac_intr_prio' into 'master'
feat(esp_eth): added option to configure interrupt priority

Closes IDF-7969

See merge request espressif/esp-idf!29300
2024-03-19 21:09:30 +08:00
Roshan Bangar
23c702cdc1 fix(nimble): Fix compilation issues and Minor enhancements to esp_hid 2024-03-19 16:27:17 +05:30
Rahul Tank
1a9f9d69ea Merge branch 'bugfix/compilation_issue_on_disabling_security' into 'master'
fix(nimble): Fixed compilation issues on disabling security

See merge request espressif/esp-idf!29582
2024-03-19 17:44:50 +08:00
Jiang Jiang Jian
5f969c71be Merge branch 'bugfix/dpp_auth_deinit_crash' into 'master'
Fix issues with DPP stop listen and DPP auth data deinit

Closes WIFIBUG-443, WIFIBUG-442, WIFIBUG-421, and WIFIBUG-423

See merge request espressif/esp-idf!29404
2024-03-19 17:36:28 +08:00
Alexey Lapshin
40be44f827 feat(system): refactor linker scripts
- move .tbss to NOLOAD section
- remove xtensa-specific entities from riscv scripts
- explicit eh_frame terminator instead of "align magic"
- 80 characters line length limit
- refactor comments
- discard .rela sections (the rela data will go to relates sections)
2024-03-19 13:27:11 +04:00
Kevin (Lao Kaiyao)
a77a7ab550 Merge branch 'feature/add_system_components_to_esp32c5mp' into 'master'
feat(esp32c5mp): add system related components (Stage 5/7)

See merge request espressif/esp-idf!29603
2024-03-19 16:48:56 +08:00
Dr. Michael Lauer
08dead4b31 feat(ulp-riscv): Add convenience print function that supports different widths
This commit adds a convenience function to print hex numbers of
different widths on the ULP RISC-V core.

Closes https://github.com/espressif/esp-idf/pull/13180
2024-03-19 09:41:05 +01:00
Tomas Rohlinek
f8054b1e66 Merge branch 'fix/wl_fatfsgen_safe_mode' into 'master'
fix(storage/fatfs): make wl_fatfsgen.py safe mode aware

Closes IDF-9379

See merge request espressif/esp-idf!29621
2024-03-19 16:19:24 +08:00
nilesh.kale
b11f286555 feat(esp_system/esp32c5): revised cypto clock to be used
This commit updated crypto clock to use 160M SPLL clock
2024-03-19 13:47:04 +05:30
nilesh.kale
ef3b40c5f1 feat: enable RSA support for c5
This commit enables RSA peripheral support for ESP32-C5.
2024-03-19 13:46:49 +05:30
Sarvesh Bodakhe
0ed1cadcf1 feat(esp_wifi): Update Wi-Fi WPA3 authmodes as per WPA Specification v3.3
* Merge 'WIFI_AUTH_WPA3_EXT_PSK' and 'WIFI_AUTH_WPA3_EXT_PSK_MIXED_MODE'
  into 'WIFI_AUTH_WPA3_PSK' as per specification.
2024-03-19 11:33:55 +05:30
C.S.M
5e47ed70c2 Merge branch 'bugfix/i2c_no_pull_up' into 'master'
fix(i2c_master): Fix issue that initialize esp32 fails and using i2c_master_probe issue IF NO PULL-UP ON PINS. And add nack check

Closes IDFGH-11838, IDFGH-13142, and IDFGH-13398

See merge request espressif/esp-idf!29667
2024-03-19 12:25:34 +08:00
Island
3cc70e8d76 Merge branch 'doc/update_ble_document_2403' into 'master'
Doc/update ble document 2403

See merge request espressif/esp-idf!29557
2024-03-19 11:39:16 +08:00
Marius Vikhammer
4700f709ca Merge branch 'feature/c5_ulp' into 'master'
feat(ulp): add basic support for running lp core on C5

Closes IDF-8637

See merge request espressif/esp-idf!29496
2024-03-19 11:33:51 +08:00
Cao Sen Miao
016877b7ce fix(i2c_master): Fix issue that initialize esp32 and using i2c_master_probe issue,
and probe might failed.
Fixed I2C cannot return err code when nack detected
Closes https://github.com/espressif/esp-idf/issues/13213,
Closes https://github.com/espressif/esp-idf/issues/12929,
Closes https://github.com/espressif/esp-idf/issues/13398,
2024-03-19 11:07:13 +08:00
C.S.M
61bb752cdb Merge branch 'bugfix/improve_jpeg_dec' into 'master'
fix(jpeg_decoder): Improve apis for better align strategy and provide buffer size parameter

See merge request espressif/esp-idf!29687
2024-03-19 10:10:52 +08:00
morris
3a9d082523 Merge branch 'bugfix/parlio_coverity_issue' into 'master'
feat(parlio_tx): minor clean up and fix

Closes IDF-9420

See merge request espressif/esp-idf!29663
2024-03-19 10:08:54 +08:00
Nachiket Kukade
4971764917 feat(esp_wifi): Refactor and improve FTM code
Enable FTM Responder mode for ESP32C6. Update wifi libs with below -

1. Break FTM State Machine code into separate functions
2. Use dynamic allocation for FTM session to save memory
3. Add API to get FTM report instead of event based mechanism
4. Add FTM Request retry and comeback support

Closes https://github.com/espressif/esp-idf/issues/6810
2024-03-18 22:01:36 +08:00
Jiang Jiang Jian
3fd985e276 Merge branch 'bugfix/wps_crash_issue' into 'master'
fix(wpa_supplicant): Avoid dereferencing a dangling function pointer in WPS

Closes WIFI-6373, WIFIBUG-301, and WIFIBUG-163

See merge request espressif/esp-idf!28521
2024-03-18 21:23:15 +08:00
Wu Zheng Hui
c6b884d2af Merge branch 'feature/esp32p4_sleep_cpu_retention_support' into 'master'
feat(esp_hw_support): esp32p4 sleep support (Stage 2: support dualcore software sleep retention 🔋)

See merge request espressif/esp-idf!28485
2024-03-18 20:12:00 +08:00
Song Ruo Jing
12325ff47e fix(dma2d): correct a few 2D-DMA driver issues
1. mem_burst_length register field correction
2. remove dma buffer addr range restriction
3. M2M periph sel ID no need to be identical for TX and RX channels
4. correct rx descriptor owner field auto clear
5. remove fsm idle assertion for ERR_EOF
2024-03-18 20:11:57 +08:00
Darian Leung
6d40e191f8
refactor(hal/usb): Refactor usb_wrap_ll.h
This commit rewrite the 'usb_wrap_ll.h' API as follows:

- All APIs renamed from 'usb_fsls_phy_ll_...()' to 'usb_wrap_ll_...()'
- APIs now match their equivalent counter parts in 'usb_serial_jtag_ll.h'
2024-03-18 19:23:44 +08:00
Darian Leung
a77e5cc718
refactor(hal/usb): Remove usb_fsls_phy_ll.h
For targets that only contain a USJ peripheral (and not a DWC OTG), their
'usb_fsls_phy_ll.h' headers only contain a single function
('usb_fsls_phy_ll_int_jtag_enable()') whose feature is already covered by
functions in 'usb_serial_jtag_ll.h'. Thus, this header is redundant.

This commit does the following:

- Remove 'usb_fsls_phy_ll.h' for targets that only contain a USJ peripheral
- Rename 'usb_fsls_phy_[hal|ll].[h|c]' to `usb_wrap_[hal|ll].[h|c]` for targets
that contain a DWC OTG peripheral. This better reflects the underlying peripheral
that the LL header accesses.
2024-03-18 19:23:43 +08:00
Darian Leung
5d091a9bb3
refactor(hal/usj): Add USB PHY related functions to USJ LL 2024-03-18 19:23:42 +08:00
Cao Sen Miao
ba6a0d59b0 fix(jpeg_decoder): Improve apis for better align strategy and provide buffer size parameter 2024-03-18 18:32:22 +08:00
Armando (Dou Yiwen)
9ffebf3cf2 Merge branch 'feature/esp32c5_beta3_mmap' into 'master'
cache / mmu: c5 support

Closes IDF-8646 and IDF-8658

See merge request espressif/esp-idf!29693
2024-03-18 18:05:36 +08:00
Armando (Dou Yiwen)
30ab38c791 Merge branch 'bugfix/fix_csi_driver_cache_msync_usage' into 'master'
csi: fix wrong cache invalidate location

Closes IDF-9519

See merge request espressif/esp-idf!29700
2024-03-18 18:00:05 +08:00
laokaiyao
24d6dcb829 feat(esp32c5mp): add system related components 2024-03-18 17:34:56 +08:00
jgujarathi
40ccd1525f fix(wpa_supplicant): Cancel offchannel listen operations before sending dpp fail
- Ensure that offchannel listening operations are cancelled before sending dpp
  fail event
2024-03-18 14:33:57 +05:30
jgujarathi
537cf9bfc0 fix(wpa_supplicant): Ensure dpp auth structure is deinited in dpp task context
- Ensure that the dpp auth data gets deinited only in DPP task context to ensure
  that there are no concurrency issues in usage of DPP auth data.
2024-03-18 14:33:57 +05:30
Alexey Lapshin
994b4ed459 Merge branch 'feature/update-toolchain-to-esp-13.2.0_20240305' into 'master'
feat(tools): update toolchain version to esp-13.2.0_20240305

Closes IDFGH-2549

See merge request espressif/esp-idf!29430
2024-03-18 16:58:39 +08:00