particle-iot · avtolstoy · Aug 15, 2023 · Jul 19, 2023 · Jul 19, 2023 · Jul 19, 2023
diff --git a/hal/inc/wlan_hal.h b/hal/inc/wlan_hal.h
@@ -190,6 +190,7 @@ typedef enum {
     WLAN_SEC_WPA2,
     WLAN_SEC_WPA_ENTERPRISE,
     WLAN_SEC_WPA2_ENTERPRISE,
+    WLAN_SEC_WPA3,
     WLAN_SEC_NOT_SET = 0xFF
 } WLanSecurityType;
 
@@ -279,6 +280,7 @@ typedef struct {
 #define WLAN_CREDENTIALS_CURRENT_VERSION  (WLAN_CREDENTIALS_VERSION_3)
 
 #define WLAN_SET_CREDENTIALS_FLAGS_DRY_RUN  (1<<0)
+#define WLAN_SET_CREDENTIALS_FLAGS_HIDDEN   (1<<1)
 
 #define WLAN_SET_CREDENTIALS_UNKNOWN_SECURITY_TYPE (-1)
 #define WLAN_SET_CREDENTIALS_CIPHER_REQUIRED (-2)

diff --git a/hal/network/ncp/wifi/wifi_network_manager.cpp b/hal/network/ncp/wifi/wifi_network_manager.cpp
@@ -98,7 +98,8 @@ int loadConfig(Vector<WifiNetworkConfig>* networks) {
             .ssid(dSsid.data)
             .bssid(bssid)
             .security((WifiSecurity)pbConf.security)
-            .credentials(std::move(cred));
+            .credentials(std::move(cred))
+            .hidden(pbConf.hidden);
         if (!networks->append(std::move(conf))) {
             return false;
         }
@@ -153,6 +154,7 @@ int saveConfig(const Vector<WifiNetworkConfig>& networks) {
                 ePwd.data = s;
                 ePwd.size = strlen(s);
             }
+            pbConf.hidden = conf.hidden();
             if (!pb_encode_tag_for_field(strm, field)) {
                 return false;
             }
@@ -234,7 +236,7 @@ int WifiNetworkManager::connect(const char* ssid) {
                 index = 0;
                 for (; index < networks.size(); ++index) {
                     network = &networks.at(index);
-                    if (strcmp(network->ssid(), ap.ssid()) == 0) {
+                    if (strcmp(network->ssid(), ap.ssid()) == 0 && !network->hidden()) {
                         break;
                     }
                 }
@@ -256,7 +258,21 @@ int WifiNetworkManager::connect(const char* ssid) {
             }
         }
         if (!connected) {
-            return SYSTEM_ERROR_NOT_FOUND;
+            // Attempt to connect to hidden SSIDs
+            index = 0;
+            for (; index < networks.size(); ++index) {
+                network = &networks.at(index);
+                if (network->hidden()) {
+                    r = client_->connect(network->ssid(), network->bssid(), network->security(), network->credentials());
+                    if (r == 0) {
+                        connected = true;
+                        break;
+                    }
+                }
+            }
+            if (!connected) {
+                return SYSTEM_ERROR_NOT_FOUND;
+            }
         }
     } else if (network->bssid() == INVALID_MAC_ADDRESS) {
         // Update BSSID

diff --git a/hal/network/ncp/wifi/wifi_network_manager.h b/hal/network/ncp/wifi/wifi_network_manager.h
@@ -40,7 +40,9 @@ enum class WifiSecurity {
     WEP = 1,
     WPA_PSK = 2,
     WPA2_PSK = 3,
-    WPA_WPA2_PSK = 4
+    WPA_WPA2_PSK = 4,
+    WPA3_PSK = 5,
+    WPA2_WPA3_PSK = 6
 };
 
 class WifiCredentials {
@@ -70,6 +72,9 @@ class WifiNetworkConfig {
     WifiNetworkConfig& ssid(const char* ssid);
     const char* ssid() const;
 
+    WifiNetworkConfig& hidden(bool hidden);
+    bool hidden() const;
+
     WifiNetworkConfig& bssid(const MacAddress& bssid);
     const MacAddress& bssid() const;
 
@@ -84,6 +89,7 @@ class WifiNetworkConfig {
     MacAddress bssid_;
     WifiCredentials cred_;
     WifiSecurity sec_;
+    bool hidden_;
 };
 
 class WifiNetworkInfo {
@@ -185,7 +191,8 @@ inline WifiCredentials::Type WifiCredentials::type() const {
 
 inline WifiNetworkConfig::WifiNetworkConfig() :
         bssid_(INVALID_MAC_ADDRESS),
-        sec_(WifiSecurity::NONE) {
+        sec_(WifiSecurity::NONE),
+        hidden_(false) {
 }
 
 inline WifiNetworkConfig& WifiNetworkConfig::ssid(const char* ssid) {
@@ -197,6 +204,16 @@ inline const char* WifiNetworkConfig::ssid() const {
     return ssid_;
 }
 
+
+inline WifiNetworkConfig& WifiNetworkConfig::hidden(bool state) {
+    hidden_ = state;
+    return *this;
+}
+
+inline bool WifiNetworkConfig::hidden() const {
+    return hidden_;
+}
+
 inline WifiNetworkConfig& WifiNetworkConfig::bssid(const MacAddress& bssid) {
     bssid_ = bssid;
     return *this;

diff --git a/hal/network/ncp/wifi/wlan_hal.cpp b/hal/network/ncp/wifi/wlan_hal.cpp
@@ -47,6 +47,7 @@ bool isSupportedSecurityType(WLanSecurityType type) {
     case WLanSecurityType::WLAN_SEC_WEP:
     case WLanSecurityType::WLAN_SEC_WPA:
     case WLanSecurityType::WLAN_SEC_WPA2:
+    case WLanSecurityType::WLAN_SEC_WPA3:
         return true;
     default:
         return false;
@@ -63,6 +64,8 @@ WifiSecurity toWifiSecurity(WLanSecurityType type) {
         return WifiSecurity::WPA_PSK;
     case WLanSecurityType::WLAN_SEC_WPA2:
         return WifiSecurity::WPA2_PSK;
+    case WLanSecurityType::WLAN_SEC_WPA3:
+        return WifiSecurity::WPA3_PSK;
     default:
         return WifiSecurity::NONE;
     }
@@ -79,6 +82,9 @@ WLanSecurityType fromWifiSecurity(WifiSecurity sec) {
     case WifiSecurity::WPA2_PSK:
     case WifiSecurity::WPA_WPA2_PSK:
         return WLanSecurityType::WLAN_SEC_WPA2;
+    case WifiSecurity::WPA3_PSK:
+    case WifiSecurity::WPA2_WPA3_PSK:
+        return WLanSecurityType::WLAN_SEC_WPA3;
     default:
         return WLanSecurityType::WLAN_SEC_UNSEC;
     }
@@ -169,6 +175,9 @@ int wlan_set_credentials(WLanCredentials* halCred) {
     const auto ssid = CString::wrap(strndup(halCred->ssid, halCred->ssid_len));
     WifiNetworkConfig conf;
     conf.ssid(ssid);
+    if (halCred->flags & WLAN_SET_CREDENTIALS_FLAGS_HIDDEN) {
+        conf.hidden(true);
+    }
     conf.security(toWifiSecurity(halCred->security));
     conf.credentials(std::move(cred));
     const auto mgr = wifiNetworkManager();
@@ -370,8 +379,9 @@ int wlan_scan(wlan_scan_result_t callback, void* cookie) {
         // FIXME: As the ESP32 doesn't return the cipher type of an AP, we manually set it here.
         if (ap.security == WLAN_SEC_WPA || ap.security == WLAN_SEC_WPA2) {
             ap.cipher = WLAN_CIPHER_AES_TKIP;
-        }
-        else {
+        } else if (ap.security == WLAN_SEC_WPA3) {
+            ap.cipher = WLAN_CIPHER_AES;
+        } else {
             ap.cipher = WLAN_CIPHER_NOT_SET;
         }
         ap.channel = result.channel();
@@ -414,8 +424,9 @@ int wlan_get_credentials(wlan_scan_result_t callback, void* callback_data) {
         // FIXME: As the ESP32 doesn't return the cipher type of an AP, we manually set it here.
         if (ap.security == WLAN_SEC_WPA || ap.security == WLAN_SEC_WPA2) {
             ap.cipher = WLAN_CIPHER_AES_TKIP;
-        }
-        else {
+        } else if (ap.security == WLAN_SEC_WPA3) {
+            ap.cipher = WLAN_CIPHER_AES;
+        } else {
             ap.cipher = WLAN_CIPHER_NOT_SET;
         }
         const auto d = (Data*)data;

diff --git a/hal/network/ncp_client/realtek/rtl_ncp_client.cpp b/hal/network/ncp_client/realtek/rtl_ncp_client.cpp
@@ -167,6 +167,12 @@ rtw_security_t wifiSecurityToRtlSecurity(WifiSecurity sec) {
         // FIXME
         return RTW_SECURITY_WPA_WPA2_MIXED_PSK;
     }
+    case WifiSecurity::WPA2_WPA3_PSK: {
+        return RTW_SECURITY_WPA2_WPA3_MIXED;
+    }
+    case WifiSecurity::WPA3_PSK: {
+        return RTW_SECURITY_WPA3_AES_PSK;
+    }
     }
     return RTW_SECURITY_UNKNOWN;
 }
@@ -408,7 +414,8 @@ int RealtekNcpClient::scan(WifiScanCallback callback, void* data) {
                                             ( record->security == RTW_SECURITY_WPA_WPA2_AES_PSK) ? "WPA/WPA2 AES" :
                                             ( record->security == RTW_SECURITY_WPA_WPA2_MIXED_PSK) ? "WPA/WPA2 Mixed" :
             #ifdef CONFIG_SAE_SUPPORT
-                                            ( record->security == RTW_SECURITY_WPA3_AES_PSK) ? "WP3-SAE AES" :
+                                            ( record->security == RTW_SECURITY_WPA3_AES_PSK) ? "WPA3-SAE AES" :
+                                            ( record->security == RTW_SECURITY_WPA2_WPA3_MIXED) ? "WPA2/WPA3 Mixed" :
             #endif
                                             "Unknown" );
 

diff --git a/proto_defs/internal/network_config.proto b/proto_defs/internal/network_config.proto
@@ -14,6 +14,7 @@ message WifiConfig {
     bytes bssid = 2 [(nanopb).max_size = 6];
     ctrl.wifi.Security security = 3;
     ctrl.wifi.Credentials credentials = 4;
+    bool hidden = 5;
   }
 
   repeated Network networks = 1;

diff --git a/proto_defs/shared b/proto_defs/shared
diff --git a/proto_defs/src/control/wifi_new.pb.h b/proto_defs/src/control/wifi_new.pb.h
@@ -22,7 +22,9 @@ typedef enum _particle_ctrl_wifi_Security {
     particle_ctrl_wifi_Security_WEP = 1, /* WEP */
     particle_ctrl_wifi_Security_WPA_PSK = 2, /* WPA PSK */
     particle_ctrl_wifi_Security_WPA2_PSK = 3, /* WPA2 PSK */
-    particle_ctrl_wifi_Security_WPA_WPA2_PSK = 4 /* WPA/WPA2 PSK */
+    particle_ctrl_wifi_Security_WPA_WPA2_PSK = 4, /* WPA/WPA2 PSK */
+    particle_ctrl_wifi_Security_WPA3_PSK = 5, /* WPA3 PSK */
+    particle_ctrl_wifi_Security_WPA2_WPA3_PSK = 6 /* WPA2/WPA3 PSK */
 } particle_ctrl_wifi_Security;
 
 /* *
@@ -139,13 +141,14 @@ typedef struct _particle_ctrl_wifi_JoinNewNetworkRequest {
     particle_ctrl_wifi_Security security; /* Network security */
     particle_ctrl_wifi_Credentials credentials; /* Network credentials */
     particle_ctrl_Interface interface_config; /* Network interface configuration (IP, mask, DNS etc) */
+    bool hidden; 
 } particle_ctrl_wifi_JoinNewNetworkRequest;
 
 
 /* Helper constants for enums */
 #define _particle_ctrl_wifi_Security_MIN particle_ctrl_wifi_Security_NO_SECURITY
-#define _particle_ctrl_wifi_Security_MAX particle_ctrl_wifi_Security_WPA_WPA2_PSK
-#define _particle_ctrl_wifi_Security_ARRAYSIZE ((particle_ctrl_wifi_Security)(particle_ctrl_wifi_Security_WPA_WPA2_PSK+1))
+#define _particle_ctrl_wifi_Security_MAX particle_ctrl_wifi_Security_WPA2_WPA3_PSK
+#define _particle_ctrl_wifi_Security_ARRAYSIZE ((particle_ctrl_wifi_Security)(particle_ctrl_wifi_Security_WPA2_WPA3_PSK+1))
 
 #define _particle_ctrl_wifi_CredentialsType_MIN particle_ctrl_wifi_CredentialsType_NO_CREDENTIALS
 #define _particle_ctrl_wifi_CredentialsType_MAX particle_ctrl_wifi_CredentialsType_PASSWORD
@@ -158,7 +161,7 @@ extern "C" {
 
 /* Initializer values for message structs */
 #define particle_ctrl_wifi_Credentials_init_default {_particle_ctrl_wifi_CredentialsType_MIN, {{NULL}, NULL}}
-#define particle_ctrl_wifi_JoinNewNetworkRequest_init_default {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_default, particle_ctrl_Interface_init_default}
+#define particle_ctrl_wifi_JoinNewNetworkRequest_init_default {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_default, particle_ctrl_Interface_init_default, 0}
 #define particle_ctrl_wifi_JoinNewNetworkReply_init_default {0}
 #define particle_ctrl_wifi_JoinKnownNetworkRequest_init_default {{{NULL}, NULL}}
 #define particle_ctrl_wifi_JoinKnownNetworkReply_init_default {0}
@@ -175,7 +178,7 @@ extern "C" {
 #define particle_ctrl_wifi_ScanNetworksReply_init_default {{{NULL}, NULL}}
 #define particle_ctrl_wifi_ScanNetworksReply_Network_init_default {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, 0, 0}
 #define particle_ctrl_wifi_Credentials_init_zero {_particle_ctrl_wifi_CredentialsType_MIN, {{NULL}, NULL}}
-#define particle_ctrl_wifi_JoinNewNetworkRequest_init_zero {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_zero, particle_ctrl_Interface_init_zero}
+#define particle_ctrl_wifi_JoinNewNetworkRequest_init_zero {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_zero, particle_ctrl_Interface_init_zero, 0}
 #define particle_ctrl_wifi_JoinNewNetworkReply_init_zero {0}
 #define particle_ctrl_wifi_JoinKnownNetworkRequest_init_zero {{{NULL}, NULL}}
 #define particle_ctrl_wifi_JoinKnownNetworkReply_init_zero {0}
@@ -216,6 +219,7 @@ extern "C" {
 #define particle_ctrl_wifi_JoinNewNetworkRequest_security_tag 3
 #define particle_ctrl_wifi_JoinNewNetworkRequest_credentials_tag 4
 #define particle_ctrl_wifi_JoinNewNetworkRequest_interface_config_tag 5
+#define particle_ctrl_wifi_JoinNewNetworkRequest_hidden_tag 6
 
 /* Struct field encoding specification for nanopb */
 #define particle_ctrl_wifi_Credentials_FIELDLIST(X, a) \
@@ -229,7 +233,8 @@ X(a, CALLBACK, SINGULAR, STRING,   ssid,              1) \
 X(a, STATIC,   SINGULAR, BYTES,    bssid,             2) \
 X(a, STATIC,   SINGULAR, UENUM,    security,          3) \
 X(a, STATIC,   SINGULAR, MESSAGE,  credentials,       4) \
-X(a, STATIC,   SINGULAR, MESSAGE,  interface_config,   5)
+X(a, STATIC,   SINGULAR, MESSAGE,  interface_config,   5) \
+X(a, STATIC,   SINGULAR, BOOL,     hidden,            6)
 #define particle_ctrl_wifi_JoinNewNetworkRequest_CALLBACK pb_default_field_callback
 #define particle_ctrl_wifi_JoinNewNetworkRequest_DEFAULT NULL
 #define particle_ctrl_wifi_JoinNewNetworkRequest_credentials_MSGTYPE particle_ctrl_wifi_Credentials

diff --git a/proto_defs/src/network_config.pb.h b/proto_defs/src/network_config.pb.h
@@ -33,6 +33,7 @@ typedef struct _particle_firmware_WifiConfig_Network {
     particle_firmware_WifiConfig_Network_bssid_t bssid; 
     particle_ctrl_wifi_Security security; 
     particle_ctrl_wifi_Credentials credentials; 
+    bool hidden; 
 } particle_firmware_WifiConfig_Network;
 
 
@@ -42,11 +43,11 @@ extern "C" {
 
 /* Initializer values for message structs */
 #define particle_firmware_WifiConfig_init_default {{{NULL}, NULL}}
-#define particle_firmware_WifiConfig_Network_init_default {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_default}
+#define particle_firmware_WifiConfig_Network_init_default {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_default, 0}
 #define particle_firmware_CellularConfig_init_default {particle_ctrl_cellular_AccessPoint_init_default, particle_ctrl_cellular_AccessPoint_init_default, _particle_ctrl_cellular_SimType_MIN}
 #define particle_firmware_NetworkConfig_init_default {{{NULL}, NULL}}
 #define particle_firmware_WifiConfig_init_zero   {{{NULL}, NULL}}
-#define particle_firmware_WifiConfig_Network_init_zero {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_zero}
+#define particle_firmware_WifiConfig_Network_init_zero {{{NULL}, NULL}, {0, {0}}, _particle_ctrl_wifi_Security_MIN, particle_ctrl_wifi_Credentials_init_zero, 0}
 #define particle_firmware_CellularConfig_init_zero {particle_ctrl_cellular_AccessPoint_init_zero, particle_ctrl_cellular_AccessPoint_init_zero, _particle_ctrl_cellular_SimType_MIN}
 #define particle_firmware_NetworkConfig_init_zero {{{NULL}, NULL}}
 
@@ -60,6 +61,7 @@ extern "C" {
 #define particle_firmware_WifiConfig_Network_bssid_tag 2
 #define particle_firmware_WifiConfig_Network_security_tag 3
 #define particle_firmware_WifiConfig_Network_credentials_tag 4
+#define particle_firmware_WifiConfig_Network_hidden_tag 5
 
 /* Struct field encoding specification for nanopb */
 #define particle_firmware_WifiConfig_FIELDLIST(X, a) \
@@ -72,7 +74,8 @@ X(a, CALLBACK, REPEATED, MESSAGE,  networks,          1)
 X(a, CALLBACK, SINGULAR, STRING,   ssid,              1) \
 X(a, STATIC,   SINGULAR, BYTES,    bssid,             2) \
 X(a, STATIC,   SINGULAR, UENUM,    security,          3) \
-X(a, STATIC,   SINGULAR, MESSAGE,  credentials,       4)
+X(a, STATIC,   SINGULAR, MESSAGE,  credentials,       4) \
+X(a, STATIC,   SINGULAR, BOOL,     hidden,            5)
 #define particle_firmware_WifiConfig_Network_CALLBACK pb_default_field_callback
 #define particle_firmware_WifiConfig_Network_DEFAULT NULL
 #define particle_firmware_WifiConfig_Network_credentials_MSGTYPE particle_ctrl_wifi_Credentials

diff --git a/system/src/control/wifi_new.cpp b/system/src/control/wifi_new.cpp
@@ -86,6 +86,7 @@ int joinNewNetwork(ctrl_request* req) {
     MacAddress bssid = INVALID_MAC_ADDRESS;
     bssidFromPb(&bssid, pbReq.bssid);
     conf.bssid(bssid);
+    conf.hidden(pbReq.hidden);
     const auto wifiMgr = wifiNetworkManager();
     CHECK_TRUE(wifiMgr, SYSTEM_ERROR_UNKNOWN);
     const auto ncpClient = wifiMgr->ncpClient();

diff --git a/system/src/system_setup.cpp b/system/src/system_setup.cpp
@@ -427,12 +427,12 @@ void WiFiSetupConsole::handle(char c)
             print("Security 0=unsecured, 1=WEP, 2=WPA, 3=WPA2: ");
             read_line(security_type_string, 1);
         }
-        while ('0' > security_type_string[0] || '3' < security_type_string[0]);
+        while ('0' > security_type_string[0] || ('3' < security_type_string[0] && security_type_string[0] != '6' /* WPA3 */));
 #else
                 print("Security 0=unsecured, 1=WEP, 2=WPA, 3=WPA2, 4=WPA Enterprise, 5=WPA2 Enterprise: ");
                 read_line(security_type_string, 1);
             }
-            while ('0' > security_type_string[0] || '5' < security_type_string[0]);
+            while ('0' > security_type_string[0] || '6' < security_type_string[0]);
 #endif
             security_ = (WLanSecurityType)(security_type_string[0] - '0');
         }
@@ -464,7 +464,7 @@ void WiFiSetupConsole::handle(char c)
             credentials.setCipher(cipher_);
         }
 
-        if (0 < security_ && security_ <= 3)
+        if ((0 < security_ && security_ <= 3) || security_ == WLAN_SEC_WPA3)
         {
             print("Password: ");
             read_line(password, sizeof(password) - 1);

diff --git a/user/tests/wiring/api/wifi.cpp b/user/tests/wiring/api/wifi.cpp
@@ -114,6 +114,18 @@ test(api_wifi_set_credentials)
     (void)ok; // avoid unused warning
 }
 
+test(api_wifi_set_credentials_obj)
+{
+    WiFiCredentials cred;
+    API_COMPILE(cred.setSsid("ssid)"));
+    API_COMPILE(cred.setPassword("password"));
+    API_COMPILE(cred.setSecurity(WPA3));
+    API_COMPILE(cred.setCipher(WLAN_CIPHER_AES));
+    API_COMPILE(cred.setHidden(true));
+    API_COMPILE(WiFi.setCredentials(cred));
+}
+
+
 test(api_wifi_set_security)
 {
     WiFiCredentials credentials;

diff --git a/wiring/inc/spark_wiring_wifi_credentials.h b/wiring/inc/spark_wiring_wifi_credentials.h
@@ -42,7 +42,8 @@ enum SecurityType {
     WPA = WLAN_SEC_WPA,
     WPA2 = WLAN_SEC_WPA2,
     WPA_ENTERPRISE = WLAN_SEC_WPA_ENTERPRISE,
-    WPA2_ENTERPRISE = WLAN_SEC_WPA2_ENTERPRISE
+    WPA2_ENTERPRISE = WLAN_SEC_WPA2_ENTERPRISE,
+    WPA3 = WLAN_SEC_WPA3
 };
 
 #define SET_STRING_WITH_LEN_FIELD(field, value, len_field, len_value) \
@@ -143,6 +144,15 @@ class WiFiCredentials {
         return *this;
     }
 
+    virtual WiFiCredentials& setHidden(bool hidden = true) {
+        if (hidden) {
+            creds_.flags |= WLAN_SET_CREDENTIALS_FLAGS_HIDDEN;
+        } else {
+            creds_.flags &= ~(WLAN_SET_CREDENTIALS_FLAGS_HIDDEN);
+        }
+        return *this;
+    }
+
     operator WLanCredentials() {
         return getHalCredentials();
     }