Commit Graph

225 Commits

Author SHA1 Message Date
Kapil Gupta
e8dbfee7de docs: update vulnerabilities guide to mention CVE-2026-25532 2026-02-04 14:30:51 +05:30
Zhang Shuxian
79bb3ff3c6 docs: implement comments 2025-11-28 10:18:05 +08:00
Zheng Zhong
57b5376c65 fix : apply the suggestion from doc team 2025-11-28 10:18:05 +08:00
Zheng Zhong
34a54e8aee docs: fix some description in security guide docs 2025-11-28 10:18:04 +08:00
Mahavir Jain
ea36c4f609 Merge branch 'feature/esp_tee_c5_v5.5' into 'release/v5.5'
feat(esp_tee): Initial support for ESP32-C5 and related changes (v5.5)

See merge request espressif/esp-idf!42357
2025-10-16 09:39:23 +05:30
Laukik Hase
78737a757a feat(esp_tee): Added support for PBKDF2-based (HMAC) ECDSA signing 2025-10-14 10:12:13 +05:30
Shen Mengjing
bd0c21fef0 docs: Add the updated CN translation 2025-10-13 10:40:16 +05:30
harshal.patil
70a8b4d842 fix(bootloader_support): Reorder write disabling ECDSA_CURVE_MODE 2025-10-13 10:40:16 +05:30
harshal.patil
d902072d80 fix(bootloader_support): Reorder write protection bits of some shared security efuses 2025-10-13 10:40:16 +05:30
Zhang Hai Peng
a2e44fffc8 docs(ble): add advisory for CVE-2025-55297 found in Blufi example
(cherry picked from commit 1952f0333c)

Co-authored-by: zhanghaipeng <zhanghaipeng@espressif.com>
2025-08-25 17:53:39 +08:00
Zhang Shuxian
ff5fea1186 docs: Update CN translation for secure boot 2025-07-25 14:43:56 +05:30
harshal.patil
3d6423a251 docs(secure-boot-v2): Update the signature verification timings
- THe timings are calculated for the ROM verifying the bootloader's signature
2025-07-25 14:43:56 +05:30
harshal.patil
c473b3deee docs(secure_boot_v2): Add documentation for Secure Boot V2 using ECDSA-P384 2025-07-25 14:43:56 +05:30
harshal.patil
476f8f6f51 feat(bootloader_support): Support Secure Boot using ECDSA-P384 curve 2025-07-25 14:25:31 +05:30
zhangyanjiao
65d4e3f06f fix(wifi): Added CVE-2025-52471 to vulnerabilities list 2025-06-30 10:59:58 +08:00
nilesh.kale
4722f49bc7 feat: update documentation for esp32h21
This also updated log files for other targets to make consistent.
2025-05-12 12:07:36 +05:30
Aditya Patwardhan
ec659cbe93 Merge branch 'docs/update_cn_translation_for_secure_boot' into 'master'
docs: Update CN translation for Secure Boot

Closes DOC-10935

See merge request espressif/esp-idf!38862
2025-05-08 17:24:08 +08:00
Laukik Hase
c16fc04c2d docs(esp_tee): Revise TEE secure storage and related documentation 2025-05-04 18:22:22 +05:30
Zhang Shuxian
111e453c4d docs: Update CN translation for Secure Boot 2025-04-30 14:20:45 +08:00
nilesh.kale
c65858287a feat: enabled secure boot support esp32h21 2025-04-25 17:48:25 +05:30
harshal.patil
75fd14efbc fix(docs): Fix unterminated quotes in secure-boot-v2.rst 2025-04-21 11:18:22 +05:30
Laukik Hase
4a4d63d36e feat(esp_tee): Protect the ECC peripheral from REE access 2025-04-16 19:19:04 +05:30
Laukik Hase
fc4802c0d6 feat(esp_tee): Protect the HMAC and DS peripherals from REE access 2025-04-16 19:19:04 +05:30
Laukik Hase
a5eca671c3 docs(esp_tee): Add the ESP-TEE logo to the user-guide 2025-03-28 09:54:46 +05:30
Laukik Hase
c23714f775 feat(esp_tee): Add support for flash memory isolation and protection (SPI1) 2025-02-11 12:30:05 +05:30
Laukik Hase
37525c605d refactor(esp_tee): Migrate secure services list from TBL to YAML 2025-02-11 10:15:20 +05:30
Laukik Hase
8f117c7f4c refactor(esp_tee): Add local components in TEE examples via idf_component.yml 2025-02-11 10:15:19 +05:30
Marius Vikhammer
85ec6a41f9 Merge branch 'feature/build_docs_h21' into 'master'
docs(build): add support for building H21 docs

Closes IDF-12105

See merge request espressif/esp-idf!36632
2025-02-06 11:25:36 +08:00
Marius Vikhammer
1e72b10b26 docs(build): add support for building H21 docs 2025-01-26 11:44:28 +08:00
Laukik Hase
a91f89026c feat(esp_tee): Make the attestation service configurable 2025-01-23 12:39:17 +05:30
Mahavir Jain
e1a737e401 refactor(docs): re-organize security docs for better navigation 2025-01-09 09:35:12 +05:30
Laukik Hase
cb84119600 docs(esp_tee): Added documentation for the ESP-TEE framework
- Co-authored-by: Shen Meng Jing <shenmengjing@espressif.com>
2025-01-08 11:37:42 +05:30
shenmengjing
29a7146b12 docs: Update CN translation for secure-boot-v2.rst 2024-12-20 11:24:49 +08:00
zhangyanjiao
4784b5aad8 fix(wifi): Added CVE-2024-53845 to vulnerabilities list 2024-12-12 14:07:20 +08:00
Mahavir Jain
6a4a124d65 Merge branch 'feature/enable_rsa_based_secure_boot_for_c5_eco1' into 'master'
feat(bootloader_support): enabled RSA based secure boot scheme for ESP32C5 ECO1

Closes IDF-10453 and IDF-11441

See merge request espressif/esp-idf!35104
2024-12-04 18:00:34 +08:00
nilesh.kale
1e11340061 feat(bootloader_support): enabled RSA based secure boot scheme for ESP32C5 ECO1
This commit enabled RSA based secure boot scheme for ESP32C5 ECO1 module.
This update also adds a check to ensure the selected secure boot scheme is
valid for ECO0 modules.
2024-12-03 16:48:56 +05:30
renpeiying
fb1105f449 docs: Update CN trans for security docs 2024-12-03 11:17:55 +05:30
harshal.patil
f02dc64ce6 feat(bootloader_support): Permanently enable pseudo rounds function for XTS-AES during start-up 2024-12-03 11:17:54 +05:30
harshal.patil
c6ea979efa feat(hal/aes): Enable pseudo rounds function during AES operations 2024-12-03 11:17:54 +05:30
shenmengjing
6f86f70f0a docs: Sync CN and EN files 2024-11-05 18:03:42 +08:00
renpeiying
46770a50a6 docs: standardize the names of bootloaders in esp-idf 2024-10-23 11:29:24 +08:00
Aditya Patwardhan
6dc8fe3db3 Merge branch 'docs/update_cn_trans_for_secure_boot_v2' into 'master'
docs: Update CN translation for secure-boot-v2.rst

Closes DOC-9082

See merge request espressif/esp-idf!33895
2024-10-08 15:13:59 +08:00
Mahavir Jain
27bcb047b4 Merge branch 'feature/qemu_doc_guide_updates' into 'master'
docs: misc updates to qemu guide, now enabled for ESP32-S3

See merge request espressif/esp-idf!33854
2024-10-08 12:45:23 +08:00
Zhang Shuxian
808a82de81 docs: Update CN translation for secure-boot-v2.rst 2024-10-08 11:09:40 +08:00
Mahavir Jain
c90dd52974 Merge branch 'feat/newlib-sbom-exclude_cve-2024-30949' into 'master'
fix(newlib): sbom: add CVE-2024-30949 to cve-exclude-list

See merge request espressif/esp-idf!33947
2024-10-03 12:30:44 +08:00
Alexey Lapshin
c4acf3faad fix(newlib): sbom: add CVE-2024-30949 to cve-exclude-list 2024-10-02 18:01:14 +07:00
Aditya Patwardhan
2c11c2ab81 fix(docs): Fix secure boot v2 documentation
Update the secure boot v2 documentation
    about the limitation of read-protection
    when secure boot is enabled

    Closes https://github.com/espressif/esp-idf/issues/14587
2024-10-01 11:56:37 +08:00
Mahavir Jain
1e94096e16 docs: update qemu guide for efuse commands
- add mention of qemu guide in security related chapters
- also added a note about secure boot v2 config in qemu workflow
2024-09-27 13:36:15 +05:30
Lucas Dekker
232f219321 docs: Explain revocation of unused but compromised keys
Explain the revocation of unused but compromised keys.

docs: Apply updates from code review

Add some nitpicks from AdityaHPatwardhan.

Closes  https://github.com/espressif/esp-idf/pull/14563

Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
2024-09-23 12:23:28 +05:30
Mahavir Jain
2b806c9772 Merge branch 'feature/update_security_docs_for_c61' into 'master'
feat: update security documents for ESP32C61

Closes IDF-10154, IDF-10155, IDF-10156, IDF-10157, and IDF-10158

See merge request espressif/esp-idf!31959
2024-09-03 19:11:09 +08:00