Using same IV in AES-GCM across multiple invocation of
encryption/decryption operations can pose a security risk. It can help
to reveal co-relation between different plaintexts.
This commit introduces a change to use part of IV as a monotonic
counter, which must be incremented after every AES-GCM invocation
on both the client and the device side.
Concept of patch version for a security scheme has been introduced here
which can help to differentiate a protocol behavior for the provisioning
entity. The security patch version will be available in the JSON
response for `proto-ver` endpoint request with the field
`sec_patch_ver`.
Please refer to documentation for more details on the changes required
on the provisioning entity side (e.g., PhoneApps).
1. Structurally dead code: Removed dead code
2. Resource leak: Added a free for allocated memory, in case of failure
3. too_few_printf_args: Corrected print statement to pass arguments
4. Fixed nesting levels
5. Fixed unused value warnings
6. Illegal memory access fix
* All components which won't build (yet) on Linux are excluded.
This enables switching to Linux in an application without
explicitly setting COMPONENTS to main in the main
CMakeLists.txt.
* ESP Timer provides headers for Linux now
* automatically disabling LWIP in Kconfig if it is not available
doc(linux): brought section
"Component Linux/Mock Support Overview" up to date
- `protocomm` depends on a config option `CONFIG_WIFI_PROV_BLE_FORCE_ENCRYPTION`
from `wifi_provisioning`; however, a lower layer component (`protocomm`) should
not have any `#ifdef` guard dependent on an upper layer component (`wifi_provisioning`).
- Added a new `ble_link_encryption` flag in `protocomm_ble_config_t` to manage the same
Closes https://github.com/espressif/esp-idf/issues/9443
By default, disabled the BLE Encrpyption requirement for provisioning characteristic.
With this flag enabled, when remote attempts to read and if the ACL link is not encrypted,
ESP device will return Insufficient Authentication. It is remote device responsibility to go
for link encryption which may result in pairing.
Some devices do not proceed for any pairing and just show failure pop-up. Also, user needs
to remove bonding on remote phone manually and then try again. This is causing bad user experience.
End user can enable it as per their use case.
`wifi_prov_mgr_is_provisioned()` API uses the `esp_wifi_get_config()` API
to check if Wi-Fi credentials are configured. It does not really require
any other information from the wifi_prov component. Hence, this commit
removed dependency of this API on provisioning manager initialization state.
Closes IDF-5878
Fix dependency tree so that lwip doesn't depend on any specific network
interface component.
Network interface drivers shall depend on esp_netif.
esp_netif shall depend on lwip (but not on any specific interface
driver) -- it optionally depends on vfs and esp_eth (need ethernet
header for L2/bridge mode)
1) Rename srp component to esp_srp
2) Remove dependency on hkdf sha
3) Restructure protocomm component APIs to make them more flexible for allowing multiple security versions
4) esp_srp: convert API return type from int to esp_err_t
5) esp_srp: Formatting changes
6) Added mbedtls_gcm instead of aes_ctr
Co-authored-by: Laukik hase <laukik.hase@espressif.com>
This updates the minimal supported version of CMake to 3.16, which in turn enables us to use more CMake features and have a cleaner build system.
This is the version that provides most new features and also the one we use in our latest docker image for CI.
