Skip to content

Commit

Permalink
esp-wifi: add SAE-PK (Public Key) authentication support for station
Browse files Browse the repository at this point in the history
  • Loading branch information
sarveshb14 committed Feb 16, 2023
1 parent 2237847 commit d2f6a3d
Show file tree
Hide file tree
Showing 19 changed files with 1,407 additions and 25 deletions.
7 changes: 7 additions & 0 deletions components/esp_wifi/Kconfig
Original file line number Diff line number Diff line change
Expand Up @@ -255,6 +255,13 @@ menu "Wi-Fi"
PMF (Protected Management Frames) is a prerequisite feature for a WPA3 connection, it needs to be
explicitly configured before attempting connection. Please refer to the Wi-Fi Driver API Guide for details.

config ESP_WIFI_ENABLE_SAE_PK
bool "Enable SAE-PK"
default y
depends on ESP_WIFI_ENABLE_WPA3_SAE
help
Select this option to enable SAE-PK

config ESP_WIFI_ENABLE_WPA3_OWE_STA
bool "Enable OWE STA"
default y
Expand Down
8 changes: 8 additions & 0 deletions components/esp_wifi/include/esp_wifi_types.h
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,13 @@ typedef enum {
WPA3_SAE_PWE_BOTH,
} wifi_sae_pwe_method_t;

/** Configuration for SAE-PK */
typedef enum {
WPA3_SAE_PK_MODE_AUTOMATIC = 0,
WPA3_SAE_PK_MODE_ONLY = 1,
WPA3_SAE_PK_MODE_DISABLED = 2,
} wifi_sae_pk_mode_t;

/** @brief Soft-AP configuration settings for the device */
typedef struct {
uint8_t ssid[32]; /**< SSID of soft-AP. If ssid_len field is 0, this must be a Null terminated string. Otherwise, length is set according to ssid_len. */
Expand Down Expand Up @@ -304,6 +311,7 @@ typedef struct {
uint32_t phymode:6; /**< Operation phy mode, BIT[5]: indicate whether LR enabled, BIT[0-4]: wifi_phy_mode_t. */
uint32_t reserved:8; /**< Reserved for future feature set */
wifi_sae_pwe_method_t sae_pwe_h2e; /**< Whether SAE hash to element is enabled */
wifi_sae_pk_mode_t sae_pk_mode; /**< SAE-PK mode */
uint8_t failure_retry_cnt; /**< Number of connection retries station will do before moving to next AP. scan_method should be set as WIFI_ALL_CHANNEL_SCAN to use this config.
Note: Enabling this may cause connection time to increase incase best AP doesn't behave properly. */
uint32_t he_dcm_set:1; /**< Whether DCM max.constellation for transmission and reception is set. */
Expand Down
20 changes: 16 additions & 4 deletions components/wpa_supplicant/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -151,10 +151,7 @@ endif()

if(CONFIG_ESP_WIFI_11KV_SUPPORT OR CONFIG_ESP_WIFI_11R_SUPPORT)
set(roaming_src
"src/common/bss.c"
"src/common/scan.c"
"src/common/ieee802_11_common.c"
"esp_supplicant/src/esp_scan.c")
"src/common/ieee802_11_common.c")
if(CONFIG_ESP_WIFI_11KV_SUPPORT)
set(roaming_src ${roaming_src} "src/common/rrm.c" "src/common/wnm_sta.c")
endif()
Expand All @@ -165,6 +162,18 @@ else()
set(roaming_src "")
endif()

if(CONFIG_ESP_WIFI_ENABLE_SAE_PK)
set(srcs ${srcs}
"src/common/sae_pk.c")
endif()

if(CONFIG_ESP_WIFI_11KV_SUPPORT OR CONFIG_ESP_WIFI_11R_SUPPORT OR CONFIG_ESP_WIFI_ENABLE_SAE_PK)
set(srcs ${srcs}
"src/common/bss.c"
"src/common/scan.c"
"esp_supplicant/src/esp_scan.c")
endif()

if(CONFIG_ESP_WIFI_MBO_SUPPORT)
set(mbo_src "src/common/mbo.c")
else()
Expand Down Expand Up @@ -222,6 +231,9 @@ target_compile_definitions(${COMPONENT_LIB} PRIVATE
if(CONFIG_ESP_WIFI_ENABLE_WPA3_SAE)
target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_WPA3_SAE)
endif()
if(CONFIG_ESP_WIFI_ENABLE_SAE_PK)
target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_SAE_PK)
endif()
if(CONFIG_ESP_WIFI_WPS_STRICT)
target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_WPS_STRICT)
endif()
Expand Down
Loading

0 comments on commit d2f6a3d

Please sign in to comment.