SAE: Derive a variable length PMK with the new AKM suites
Select the PMK length based on the used group (prime length) when using
the new AKM suites for SAE.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
SAE: Indicate AKM suite selector in commit for new AKM suites
SAE authentication needs to known which AKM suite is being used to be
able to determine the correct PMK length for the new AKM suite selectors
that use variable length keys.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
SAE: EAPOL-Key and key/MIC length information for the new AKM suites
Update the AKM suite specific mapping of various EAPOL-Key key lengths
and algorithms to include the new SAE AKM suites with variable length
keys.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
SAE: Internal WPA_KEY_MGMT_* defines for extended key AKMs
Define new WPA_KEY_MGMT_* values for the new SAE AKM suite selectors
with variable length keys. This includes updates to various mapping and
checking of the SAE key_mgmt values.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
SAE: Use wpa_key_mgmt_sae() helper
Use the existing helper function instead of maintaining multiple copies
of lists of SAE key management suites.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Define new RSN AKM suite selector values
Add the new AKM suite selectors defined in IEEE P802.11-REVme/D1.3.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
* All components which won't build (yet) on Linux are excluded.
This enables switching to Linux in an application without
explicitly setting COMPONENTS to main in the main
CMakeLists.txt.
* ESP Timer provides headers for Linux now
* automatically disabling LWIP in Kconfig if it is not available
doc(linux): brought section
"Component Linux/Mock Support Overview" up to date
- fix relative includes
- remove ESP32-H2-related TODO — an ifdef is not needed now since the
whole app is built only for SOC_WIFI_SUPPORTED=y
- set leak threshold in test case
- sort includes
- fix relative includes
- replace TEMPORARY_DISABLED_FOR_TARGETS with just IDF_TARGET_ESP32,
to avoid having to change this file when bringing up new chips
- astyle formatting
- set leak threshold in test cases
- use the new 'wifi_two_dut' environment marker instead of UT_T2_1
- sort includes, fix relative includes
- make all globals static
- remove ifdef SOC_WIFI_SUPPORTED since the whole test app is only
built when SOC_WIFI_SUPPORTED is set
- esp_supp_dpp_init : Ensures that the mode is set to station before
the API call.
- Ensures that dpp follows the path of init(esp_supp_dpp_init) ->
bootstrap(esp_supp_dpp_bootstrap_gen) -> listen(esp_supp_dpp_start_listen)
by returning errors if any of them is invoked out of order.
-Merges the addition of extended caps IE for assoc req, probe resp
and beacons in a single place. This ensures that there are no
duplicate Extended Caps IE in the frame. Moves the capability
indication for BTM and HT20/40 from supplicant to wifi libs.
-Fix issue with frequent disconections when scanning for only a single
channel.
-Prints error message and returns ESP_ERR_NOT_SUPPORTED in case
esp32c2 tries to set bandwidth to HT40.
Add changes to use fast_pbkdf2 as default for PMK calculations.
fast_pbkdf2 is significantly faster than current implementations
for esp chips.
Also removes unnecessary code for pbkdf-sha256 and pbkdf-sha512.
1. Update documentation for WPA3 Enterprise and WPA3 Enterprise 192-bit
mode
2. Update documentation for WPA3 OWE and OWE transition mode
3. Update documentation related to SAE PK, SAE PWE and Transition Disable
4. Update documnetation for wifi connect API
5. Fix config paramter information for wifi scan start
6. Fix documentation related to scan threshold config setting
7. Replace ESP_ERR_WIFI_ARG error code as ESP_ERR_INVALID_ARG
8. Update documentation for 802.11R Fast transition
Fix crash in sending new RRM neighbour report requests by removing
the call to neighbour report request timeout callback in case of
already ongoing neighbour report request timer.
1) Ignore immediate assoc req received from the station while we are
processing the older one
2) Create station mutex (sta->lock) only for stations connecting with wpa3
security
3) Fix regression caused by 4cb4faa9
Fix crash due to premature deallocation of neighbour report elements
by scan_done. Post event to btm_rrm_t task to handle scan_done serially
rather than when btm_rrm_t task is processing btm request rx frame.
This fixes a subtle bug in which ESP_ERR_DPP_TX_FAILURE errors would
call esp_supp_dpp_stop_listen which sets the s_dpp_stop_listening flag
to true. Subsequent attempts to restart listening with
esp_supp_dpp_start_listen then only attempt to listen once more for
500ms before reading the s_dpp_stop_listening flag again and giving up.
This contributes greatly to #10615, but the fix here is still largely
a work-around as it sometimes requires manually retrying a couple times
before it works. Without this fix, any number of retries by
deinit/init again will seemingly not work as the retries for currently
unknown reasons.
Signed-off-by: Shreyas Sheth <shreyas.sheth@espressif.com>
Closes https://github.com/espressif/esp-idf/pull/10865
Executing supplicant WIFI_EVENT_STA_CONNECTED and WIFI_EVENT_STA_DISCONNECTED handlers in event-handler context can lead to concurrency issues.
Moving the functionality into 'wpa_sta_connected_cb' and 'wpa_sta_disconnected_cb' callbacks and execute in ppTask context.
1) Set NVS PMF required true if not specified by application when
authmode is WPA3
2) Fix issue regarding cleanup of non associated sta_info
3) Fix implementation of sta lock to avoid concurrency issues
4) Fix softAP deinit crash when password is configured with max length