net: wifi: add SAE extended key security type support
Add WPA3 SAE extended key security type support in L2 wifi mgmt and hostap. Signed-off-by: Fengming Ye <frank.ye@nxp.com>
This commit is contained in:
parent
baced6d315
commit
54ef1b54d1
4 changed files with 24 additions and 10 deletions
|
@ -84,6 +84,8 @@ enum wifi_security_type {
|
|||
WIFI_SECURITY_TYPE_FT_EAP,
|
||||
/** FT-EAP-SHA384 security */
|
||||
WIFI_SECURITY_TYPE_FT_EAP_SHA384,
|
||||
/** SAE Extended key (uses group-dependent hashing) */
|
||||
WIFI_SECURITY_TYPE_SAE_EXT_KEY,
|
||||
|
||||
/** @cond INTERNAL_HIDDEN */
|
||||
__WIFI_SECURITY_TYPE_AFTER_LAST,
|
||||
|
|
|
@ -464,6 +464,8 @@ static inline enum wifi_security_type wpas_key_mgmt_to_zephyr(bool is_hapd,
|
|||
return WIFI_SECURITY_TYPE_FT_EAP;
|
||||
case WPA_KEY_MGMT_FT_IEEE8021X_SHA384:
|
||||
return WIFI_SECURITY_TYPE_FT_EAP_SHA384;
|
||||
case WPA_KEY_MGMT_SAE_EXT_KEY:
|
||||
return WIFI_SECURITY_TYPE_SAE_EXT_KEY;
|
||||
default:
|
||||
return WIFI_SECURITY_TYPE_UNKNOWN;
|
||||
}
|
||||
|
@ -1022,7 +1024,8 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s,
|
|||
|
||||
if (params->security == WIFI_SECURITY_TYPE_SAE_HNP ||
|
||||
params->security == WIFI_SECURITY_TYPE_SAE_H2E ||
|
||||
params->security == WIFI_SECURITY_TYPE_SAE_AUTO) {
|
||||
params->security == WIFI_SECURITY_TYPE_SAE_AUTO ||
|
||||
params->security == WIFI_SECURITY_TYPE_SAE_EXT_KEY) {
|
||||
if (params->sae_password) {
|
||||
if ((params->sae_password_length < WIFI_PSK_MIN_LEN) ||
|
||||
(params->sae_password_length > WIFI_SAE_PSWD_MAX_LEN)) {
|
||||
|
@ -1045,19 +1048,26 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s,
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
if (!wpa_cli_cmd_v("set sae_pwe %d",
|
||||
(params->security == WIFI_SECURITY_TYPE_SAE_H2E)
|
||||
? 1
|
||||
: ((params->security == WIFI_SECURITY_TYPE_SAE_AUTO)
|
||||
? 2
|
||||
: 0))) {
|
||||
: ((params->security == WIFI_SECURITY_TYPE_SAE_HNP)
|
||||
? 0
|
||||
: 2))) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!wpa_cli_cmd_v("set_network %d key_mgmt SAE%s", resp.network_id,
|
||||
params->ft_used ? " FT-SAE" : "")) {
|
||||
goto out;
|
||||
if (params->security != WIFI_SECURITY_TYPE_SAE_EXT_KEY) {
|
||||
if (!wpa_cli_cmd_v("set_network %d key_mgmt SAE%s", resp.network_id,
|
||||
params->ft_used ? " FT-SAE" : "")) {
|
||||
goto out;
|
||||
}
|
||||
} else {
|
||||
if (!wpa_cli_cmd_v("set_network %d key_mgmt SAE-EXT-KEY%s",
|
||||
resp.network_id,
|
||||
params->ft_used ? " FT-SAE-EXT-KEY" : "")) {
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
} else if (params->security == WIFI_SECURITY_TYPE_PSK_SHA256) {
|
||||
if (!wpa_cli_cmd_v("set_network %d psk \"%s\"",
|
||||
|
|
|
@ -91,6 +91,8 @@ const char *wifi_security_txt(enum wifi_security_type security)
|
|||
return "FT-EAP";
|
||||
case WIFI_SECURITY_TYPE_FT_EAP_SHA384:
|
||||
return "FT-EAP-SHA384";
|
||||
case WIFI_SECURITY_TYPE_SAE_EXT_KEY:
|
||||
return "WPA3-SAE-EXT-KEY";
|
||||
case WIFI_SECURITY_TYPE_UNKNOWN:
|
||||
default:
|
||||
return "UNKNOWN";
|
||||
|
|
|
@ -3436,7 +3436,7 @@ SHELL_STATIC_SUBCMD_SET_CREATE(
|
|||
"0:None, 1:WPA2-PSK, 2:WPA2-PSK-256, 3:SAE-HNP, 4:SAE-H2E, 5:SAE-AUTO, 6:WAPI,"
|
||||
"7:EAP-TLS, 8:WEP, 9: WPA-PSK, 10: WPA-Auto-Personal, 11: DPP\n"
|
||||
"12: EAP-PEAP-MSCHAPv2, 13: EAP-PEAP-GTC, 14: EAP-TTLS-MSCHAPv2,\n"
|
||||
"15: EAP-PEAP-TLS\n"
|
||||
"15: EAP-PEAP-TLS, 20: SAE-EXT-KEY\n"
|
||||
"-w --ieee-80211w=<MFP> (optional: needs security type to be specified)\n"
|
||||
"0:Disable, 1:Optional, 2:Required\n"
|
||||
"-b --band=<band> (2 -2.6GHz, 5 - 5Ghz, 6 - 6GHz)\n"
|
||||
|
@ -3681,7 +3681,7 @@ SHELL_SUBCMD_ADD((wifi), connect, NULL,
|
|||
"0:None, 1:WPA2-PSK, 2:WPA2-PSK-256, 3:SAE-HNP, 4:SAE-H2E, 5:SAE-AUTO, 6:WAPI,"
|
||||
"7:EAP-TLS, 8:WEP, 9: WPA-PSK, 10: WPA-Auto-Personal, 11: DPP\n"
|
||||
"12: EAP-PEAP-MSCHAPv2, 13: EAP-PEAP-GTC, 14: EAP-TTLS-MSCHAPv2,\n"
|
||||
"15: EAP-PEAP-TLS\n"
|
||||
"15: EAP-PEAP-TLS, 20: SAE-EXT-KEY\n"
|
||||
"[-w, --ieee-80211w]: MFP (optional: needs security type to be specified)\n"
|
||||
": 0:Disable, 1:Optional, 2:Required.\n"
|
||||
"[-m, --bssid]: MAC address of the AP (BSSID).\n"
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue