Under WPA3-Personal, SAE authentication is used to derive PMK
which is more secure and immune to offline dictionary attacks.
1. Add modules to generate SAE commit/confirm for the handshake
2. Add modules that build and parse SAE data in Auth frames
3. Add WPA3 association and key mgmt definitions
4. Invert y-bit while solving for ECC co-ordinate -
Once an X co-ordinate is obtained, solving for Y co-ordinate
using an elliptical curve equation results in 2 possible values,
Y and (P - Y), where p is the prime number. The co-ordinates are
used for deriving keys in SAE handshake. As par the 802.11 spec
if LSB of X is same as LSB of Y then Y is chosen, (P - Y) otherwise.
This is not what is implemented, so fix this behavior to obtain the
correct Y co-ordinate.
This change ports SAE(Simultaneous Authentication of Equals)
feature from wpa_supplicant and makes it work with mbedtls
crypto APIs. Currently only group 19 is supported. A sample
SAE handshake is included in the testcase. Other minor
changes for DH groups are also included.
1. Add CCMP, AES crypto modules for unicast protected Mgmt frames
2. Add support for computing SHA256 MIC on Bcast Mgmt frames
3. Add support for storing iGTK during 4-way handshake.
4. Provide APIs to MLME for utilizing the SW crypto modules
5. Link PMF changes from WiFi library submodule
1. Add APIs for configuring PMF through set config.
2. Map Supplicant and Wifi Cipher types.
3. Add support for PMF negotiation while generating RSN IE.
1. Fix high beacon and broadcast packets loss ratio of WiFi to make
MDNS test pass.
2. Improve stability of WiFi performance with a little
sacrifice of throughput.
3. Improve BLE advertising and connection performance with dynamic
priority. It sacrifices a little WiFi throughput, but achieves balance
between WiFi and Bluetooth.
1. resend eb which are pending in g_ic.tx_buf due to channel switch.
2. add lock for mgmg/xon/bcast to protect send from user flush.
3. softap: add check if secondary offset is correct when start softap.
4. softap: in inactive timer handler, add check if child bss is removed to avoid removing it again.
5. disable A-MPDU for non-root.
6. fix reusing a freed eb.
7. fix when node becomes root, it does not record assoc value to nvs.
8. discard unnecessary forwarded group packets.
9. fix toDS state is not updated in time.
10. fix s_sta_cnx_times is not cleared when deinit causes root sends ADD annoucement.
11. root: increase beacon timeout time from 6 seconds to 15 seconds to delay initiation of reconnection.
12. add esp_mesh_get_tsf_time to return TSF time.
13. send the whole routing table multi-times.
14. clear candidate settings if not receive candidate beacon within 8 seconds.
Move supplicant to idf and do following refactoring:
1. Make the folder structure consitent with supplicant upstream
2. Remove duplicated header files and minimize the public header files
3. Refactor for WiFi/supplicant interfaces