diff --git a/components/esp_wifi/lib b/components/esp_wifi/lib index 1b748a8bae..ddc2cd5f6a 160000 --- a/components/esp_wifi/lib +++ b/components/esp_wifi/lib @@ -1 +1 @@ -Subproject commit 1b748a8baedbb72a61e116c963fdad83982f42a6 +Subproject commit ddc2cd5f6adf0c1503e0bb6843ea1b2ee1c4fd09 diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c b/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c index ab488f2155..45b7e90768 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c +++ b/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c @@ -22,6 +22,7 @@ #include "esp_wps.h" #include "esp_wps_i.h" +#include "rsn_supp/wpa.h" #include "ap/sta_info.h" #include "common/sae.h" #include "ap/ieee802_11.h" @@ -172,7 +173,7 @@ void *hostap_init(void) } #endif /* CONFIG_IEEE80211W */ - + esp_wifi_ap_set_group_mgmt_cipher_internal(cipher_type_map_supp_to_public(auth_conf->group_mgmt_cipher)); spp_attrubute = esp_wifi_get_spp_attrubute_internal(WIFI_IF_AP); auth_conf->spp_sup.capable = ((spp_attrubute & WPA_CAPABILITY_SPP_CAPABLE) ? SPP_AMSDU_CAP_ENABLE : SPP_AMSDU_CAP_DISABLE); auth_conf->spp_sup.require = ((spp_attrubute & WPA_CAPABILITY_SPP_REQUIRED) ? SPP_AMSDU_REQ_ENABLE : SPP_AMSDU_REQ_DISABLE); @@ -208,9 +209,6 @@ void *hostap_init(void) auth_conf->sae_require_mfp = 1; #endif /* CONFIG_SAE */ - //TODO change it when AP support GCMP-PSK - auth_conf->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC; - hapd->conf->ap_max_inactivity = 5 * 60; hostapd_setup_wpa_psk(hapd->conf); diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h b/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h index 0419b884bd..e4ca4879ed 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h +++ b/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h @@ -305,5 +305,6 @@ void esp_wifi_enable_sae_pk_only_mode_internal(void); uint8_t esp_wifi_ap_get_transition_disable_internal(void); int esp_wifi_softap_set_obss_overlap(bool overlap); void esp_wifi_set_sigma_internal(bool flag); +void esp_wifi_ap_set_group_mgmt_cipher_internal(wifi_cipher_type_t cipher); #endif /* _ESP_WIFI_DRIVER_H_ */ diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c index e4f52c4321..948f271397 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c +++ b/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2019-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ diff --git a/components/wpa_supplicant/src/ap/wpa_auth.c b/components/wpa_supplicant/src/ap/wpa_auth.c index dc4e4b28a4..6f1e6ae7f2 100644 --- a/components/wpa_supplicant/src/ap/wpa_auth.c +++ b/components/wpa_supplicant/src/ap/wpa_auth.c @@ -165,9 +165,8 @@ static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, if (key) { wpa_printf (MSG_DEBUG, "%s : igtk idx %d", __func__, idx); wifi_wpa_igtk_t *igtk = os_malloc(sizeof(wifi_wpa_igtk_t)); - if (igtk != NULL) { - memcpy(&igtk->igtk[0], key, WPA_IGTK_LEN); + memcpy(&igtk->igtk[0], key, key_len); memset((uint8_t*)&igtk->pn[0],0,6); igtk->keyid[0] = idx; igtk->keyid[1] = 0; @@ -2484,6 +2483,8 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, struct wpa_group *group) { int ret = 0; + size_t len; + len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher); if (wpa_auth_set_key(wpa_auth, group->vlan_id, wpa_cipher_to_alg(wpa_auth->conf.wpa_group), (uint8_t *)broadcast_ether_addr, group->GN, @@ -2495,7 +2496,7 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, wpa_auth_set_key(wpa_auth, group->vlan_id, WIFI_WPA_ALG_IGTK, broadcast_ether_addr, group->GN_igtk, group->IGTK[group->GN_igtk - 4], - WPA_IGTK_LEN) < 0) + len) < 0) ret = -1; #endif /* CONFIG_IEEE80211W */ diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index c65cd77851..62e2455c0d 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -110,6 +110,12 @@ wifi_cipher_type_t cipher_type_map_supp_to_public(unsigned wpa_cipher) case WPA_CIPHER_AES_128_CMAC: return WIFI_CIPHER_TYPE_AES_CMAC128; + case WPA_CIPHER_BIP_GMAC_128: + return WIFI_CIPHER_TYPE_AES_GMAC128; + + case WPA_CIPHER_BIP_GMAC_256: + return WIFI_CIPHER_TYPE_AES_GMAC256; + case WPA_CIPHER_SMS4: return WIFI_CIPHER_TYPE_SMS4;