esp-idf

mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00

Author	SHA1	Message	Date
Kapil Gupta	131dc6d1c0	fix(esp_wifi): cleanup for crypto_ec struct	2024-07-10 19:29:34 +08:00
Kapil Gupta	58ee771f3c	fix(wifi): Run tools/format.sh on WiFi component	2024-04-16 10:58:37 +05:30
Sarvesh Bodakhe	1d71178193	fix(wpa_supplicant): Add bugfixes related to ciphersuites in wifi enterprise - Avoid downgrading TLS ciphersuites when client RSA keys are larger than RSA-2048 bit. - Note that when using bigger certificates on low-power chips without crypto hardware acceleration, it is recommended to adjust the task watchdog timer (TWDT) if it is enabled. For precise information on timing requirements, you can check performance numbers at https://github.com/espressif/mbedtls/wiki/Performance-Numbers.	2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe	05b882baea	fix(wpa_supplicant): Update cipher suite list for TLSv1.3 suiteb and some refactoring - Use MBEDTLS_TLS1_3_AES_256_GCM_SHA384 cipher for TLSv1.3-suiteb - Call psa_crypto_init() in tls_connection_init() to reduce redundancy	2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe	ec09cdf885	feat(wpa_supplicant): Add TLS v1.3 support for WiFi enterprise * Add TLS v1.3 support for following EAP methods: - EAP-TLS (RFC 9190) - EAP-PEAP (RFC 9427) - EAP-TTLS (RFC 9427) * Add mbedtls porting for TLS v1.3 exporter (RFC 8446 Section 7.5) * Add new Kconfig flag to enable TLS v1.3 for EAP methods * Advertise TLS v1.3 signature algorithms if TLS 1.3 is enabled for EAP methods * Advertise TLS v1.3 cipher suites if CONFIG_ESP_WIFI_EAP_TLS1_3 enabled * Add support to Ack protected success indication (workaround for EAP-TLS 1.3 and 1.2 compatibilty)	2024-03-20 09:33:52 +05:30
Sarvesh Bodakhe	886bf9e82f	feat(wpa_supplicant): Add support for RFC 5705 TLS exporter context with mbedTLS	2024-03-20 09:33:52 +05:30
Ervin Oro	562bc59576	Add support for an optional context parameter to TLS exporter Allow an additional context value to be passed to TLS exporter as specified in RFC 5705 section 4. This does not yet implement it for the internal TLS implementation. However, as currently nothing uses context yet, this will not break anything right now. WolfSSL maintainers also stated that they are not going to add context support yet, but would look into it if/when this is required by a published draft or a standard. Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>	2024-03-20 09:33:52 +05:30
aditi_lonkar	90cc61588e	feat(esp_wifi): Add support of Network Introduction Protocol in DPP	2024-02-21 12:47:32 +05:30
Kapil Gupta	d033c3ebff	fix(wifi): add low memory options for eap enterprise	2024-01-30 22:54:22 +08:00
Jiang Jiang Jian	b10580fb04	Merge branch 'bugfix/supplicant_tls_fix' into 'master' fix(wpa_supplicant): Correct iv lenght passed in mbedtls_cipher_set_iv() Closes WIFIBUG-212 See merge request espressif/esp-idf!26837	2023-11-02 13:59:05 +08:00
Kapil Gupta	442f802102	fix(wpa_supplicant): Correct iv lenght passed in mbedtls_cipher_set_iv()	2023-11-01 17:31:02 +05:30
Kapil Gupta	04d874d6a3	fix(wpa_supplicant): implement sha1_finish for fastpbkdf2	2023-10-26 13:27:39 +05:30
Kapil Gupta	c82a792bc3	change(esp_wifi): Port fast_pbkdf2 implementation for mbedlts Add changes to use fast_pbkdf2 as default for PMK calculations. fast_pbkdf2 is significantly faster than current implementations for esp chips. Also removes unnecessary code for pbkdf-sha256 and pbkdf-sha512.	2023-09-11 19:33:17 +05:30
Kapil Gupta	fd04e98d28	change(esp_wifi): Copy fastpbkdf2 implementation Copy pbkdf2 implementation from https://github.com/ctz/fastpbkdf2(3c56895)	2023-09-11 06:08:16 +00:00
Kapil Gupta	7dc8de15aa	esp_wifi: Optimize sae crypto operations for esp32	2023-06-26 14:25:33 +05:30
Sarvesh Bodakhe	cd0d42d43b	wpa_supplicant: Use 'mbedtls_pk_parse_public_key' to parse compressed EC public key and remove unnecessary code Support to parse compressed EC public key is added from 'mbedtls-3.4.0'	2023-04-28 18:23:42 +05:30
Jiang Jiang Jian	58b3692540	Merge branch 'bugfix/add_unregister_wpa3_cb' into 'master' wpa_supplicant : Fix issues encountered in WFA testing Closes WIFI-5386 See merge request espressif/esp-idf!22396	2023-03-07 14:15:20 +08:00
jgujarathi	20c316d4cf	wpa_supplicant : Add disable for tls key usage check. Disable the key usage check this leads to false negative results while using wfa certificates during testing.	2023-03-01 14:14:26 +05:30
Shreyas Sheth	2b8e40e760	esp_wifi: WPA3-SAE support for softAP	2023-02-28 12:25:05 +08:00
Sarvesh Bodakhe	d2f6a3dacc	esp-wifi: add SAE-PK (Public Key) authentication support for station	2023-02-16 13:49:11 +05:30
Jiang Jiang Jian	3636495d33	Merge branch 'bugfix/remove_redundant_debug_print' into 'master' Remove redundant DEBUG_PRINT in supplicant Closes IDFGH-9037 See merge request espressif/esp-idf!21857	2023-01-18 16:45:44 +08:00
Laukik Hase	4f67662cab	Merge branch 'feature/mbedtls-3.3.0' into 'master' mbedtls: Update to v3.3.0 Closes IDF-6536 See merge request espressif/esp-idf!21897	2023-01-12 19:38:51 +08:00
Laukik Hase	c2ab1af47f	wpa_supplicant: Update deprecated API (`mbedtls_pkcs5_pbkdf2_hmac`) - The newer alternative does not require HMAC context for its operation	2023-01-09 15:41:36 +05:30
gauri patankar	68fb038f43	wpa_supplicant:Remove redundant DEBUG_PRINT in supplicant	2023-01-03 12:52:54 +05:30
Kapil Gupta	7a8a85877d	Removed sha384 hash for certs > 2k	2022-12-29 15:16:58 +05:30
gauri patankar	9a1e4e3b7b	wpa_supplicant:Remove stray \n in supplicant logging	2022-12-23 15:55:06 +05:30
jgujarathi	915fb4dfe2	Removed some occurences of the RC4 cipher suite(deprecated now)	2022-10-26 03:02:16 +00:00
Mahavir Jain	dd76328927	Merge branch 'feature/wpa_supp_mbedtls_private_cleanup' into 'master' wpa_supplicant: `MBEDTLS_PRIVATE` & `MBEDTLS_ALLOW_PRIVATE_ACCESS`-related cleanup Closes IDF-5861 See merge request espressif/esp-idf!20171	2022-10-19 12:13:14 +08:00
gauri patankar	84252e4eb8	wpa_supplicant: Update security patches from upstream 1. Adding security patch for SAE side channel attacks 2. Adding confirm message validation in error cases 3. Adding y coordinate for PWE in SAE	2022-10-11 11:33:33 +05:30
Laukik Hase	82c5bdcb76	wpa_supplicant: `MBEDTLS_PRIVATE` & `MBEDTLS_ALLOW_PRIVATE_ACCESS`-related cleanup	2022-10-10 11:48:16 +05:30
gauri patankar	c89686647d	esp_wifi:added hash key length validation	2022-09-30 10:40:27 +05:30
Mahavir Jain	fbd1972318	wpa_supplicant: fix issue with WPA2 enterprise TLS session Usage of `mbedtls_ssl_conf_sig_algs()` was incorrect, it must include signature algorithm with hash. This change is as per requirement defined in mbedTLS-3.2.1 release.	2022-08-24 11:59:35 +05:30
Laukik Hase	6319970ab7	esp_tls/wpa_supplicant: Updated deprecated mbedtls APIs	2022-08-24 11:59:34 +05:30
Kapil Gupta	964f0ad5ad	wpa_supplicant: remove RC4 and 3DES ciphers for TLS MbedTLS-3.x has dropped support for 3DES and RC4 TLS cipher suites. Removing them from supplicant as well Closes https://github.com/espressif/esp-idf/issues/9607	2022-08-23 13:02:05 +05:30
Kapil Gupta	951928960b	esp_wifi: WPA2 enterprise related changes 1. Removed DHE ciphers when mbedTLS is disabled since they take too much processing power. 2. Removed support of SHA384 and SHA512 when mbedTLS is disabled due to too much processing needed. 3. Fixed bugs in crypto_hash_init API which was causing EAP connections to fail when mbedTLS was enabled. 4. Cleaned some code of crypto_hash_***	2022-07-21 13:33:18 +05:30
Shyamal Khachane	88db86672d	fix for OWE memory leak	2022-07-15 14:29:32 +05:30
Shreyas Sheth	591c7a496c	esp_wifi: WPA3 SAE H2E support for station	2022-06-20 18:51:11 +05:30
Shyamal Khachane	6d55761f60	OWE support for station	2022-06-15 17:20:24 +05:30
Zhang Jun Hao	fcf8c84ad5	fix potential leak of memory check error	2022-05-28 08:52:55 +00:00
Kapil Gupta	c2429f1cf9	wpa_supplicant: sync eap code with upstream	2022-05-13 12:57:47 +08:00
Kapil Gupta	ecc87cfc8d	wpa_supplicant: wps code updation Update WPS code with upstream. Also moved ESP specific code in another esp code folder.	2022-05-11 12:18:52 +00:00

41 Commits