From 1d8e7fe2d7549714d9f7a5cba288b5275d8a0ce7 Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Tue, 6 Sep 2022 16:30:12 +0530 Subject: [PATCH 1/6] wifi_prov: Update behaviour for wifi_prov_mgr_start_provisioning to avoid breaking the usage for sec1 --- .../include/wifi_provisioning/manager.h | 19 ++++++++++-- components/wifi_provisioning/src/manager.c | 30 +++++++++++++++++-- .../provisioning/provisioning.rst | 1 - .../release-5.x/provisioning.rst | 3 +- .../wifi_prov_mgr/main/app_main.c | 7 ++--- 5 files changed, 46 insertions(+), 14 deletions(-) diff --git a/components/wifi_provisioning/include/wifi_provisioning/manager.h b/components/wifi_provisioning/include/wifi_provisioning/manager.h index 417ff3af8e..a2870cff01 100644 --- a/components/wifi_provisioning/include/wifi_provisioning/manager.h +++ b/components/wifi_provisioning/include/wifi_provisioning/manager.h @@ -188,11 +188,13 @@ typedef struct { * These are same as the security modes provided by protocomm */ typedef enum wifi_prov_security { +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0 /** * No security (plain-text communication) */ WIFI_PROV_SECURITY_0 = 0, - +#endif +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 /** * This secure communication mode consists of * X25519 key exchange @@ -200,16 +202,27 @@ typedef enum wifi_prov_security { * + AES-CTR encryption */ WIFI_PROV_SECURITY_1, - +#endif +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 /** * This secure communication mode consists of * SRP6a based authentication and key exchange * + AES-GCM encryption/decryption */ WIFI_PROV_SECURITY_2 +#endif } wifi_prov_security_t; -typedef protocomm_security1_params_t wifi_prov_security1_params_t; +/** + * @brief Security 1 params structure + * This needs to be passed when using WIFI_PROV_SECURITY_1 + */ +typedef const char wifi_prov_security1_params_t; + +/** + * @brief Security 2 params structure + * This needs to be passed when using WIFI_PROV_SECURITY_2 + */ typedef protocomm_security2_params_t wifi_prov_security2_params_t; /** diff --git a/components/wifi_provisioning/src/manager.c b/components/wifi_provisioning/src/manager.c index 1d36a38b0a..13074a1fd0 100644 --- a/components/wifi_provisioning/src/manager.c +++ b/components/wifi_provisioning/src/manager.c @@ -600,6 +600,12 @@ static bool wifi_prov_mgr_stop_service(bool blocking) /* Free proof of possession */ if (prov_ctx->protocomm_sec_params) { + if (prov_ctx->security == 1) { + // In case of security 1 we keep an internal copy of "pop". + // Hence free it at this point + uint8_t *pop = (uint8_t *)((protocomm_security1_params_t *) prov_ctx->protocomm_sec_params)->data; + free(pop); + } prov_ctx->protocomm_sec_params = NULL; } @@ -1474,20 +1480,38 @@ esp_err_t wifi_prov_mgr_start_provisioning(wifi_prov_security_t security, const goto err; } +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0 /* Initialize app data */ if (security == WIFI_PROV_SECURITY_0) { prov_ctx->mgr_info.capabilities.no_sec = true; - } else if (security == WIFI_PROV_SECURITY_1) { + } else +#endif +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1 + if (security == WIFI_PROV_SECURITY_1) { if (wifi_prov_sec_params) { - prov_ctx->protocomm_sec_params = wifi_prov_sec_params; + static protocomm_security1_params_t sec1_params; + // Generate internal copy of "pop", that shall be freed at the end + char *pop = strdup(wifi_prov_sec_params); + if (pop == NULL) { + ESP_LOGE(TAG, "Failed to allocate memory for pop"); + ret = ESP_ERR_NO_MEM; + goto err; + } + sec1_params.data = (const uint8_t *)pop; + sec1_params.len = strlen(pop); + prov_ctx->protocomm_sec_params = (const void *) &sec1_params; } else { prov_ctx->mgr_info.capabilities.no_pop = true; } - } else if (security == WIFI_PROV_SECURITY_2) { + } else +#endif +#ifdef CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 + if (security == WIFI_PROV_SECURITY_2) { if (wifi_prov_sec_params) { prov_ctx->protocomm_sec_params = wifi_prov_sec_params; } } +#endif prov_ctx->security = security; diff --git a/docs/en/api-reference/provisioning/provisioning.rst b/docs/en/api-reference/provisioning/provisioning.rst index 29d136992a..d4f373f943 100644 --- a/docs/en/api-reference/provisioning/provisioning.rst +++ b/docs/en/api-reference/provisioning/provisioning.rst @@ -146,7 +146,6 @@ Security1 scheme details are shown in the below sequence diagram - CLIENT -> CLIENT [label = "Verify Device", rightnote = "check (cli_pubkey == aes_ctr_dec(dev_verify...)"]; } -.. note:: We shall soon migrate to ``Security2 scheme`` as the default scheme in our examples as it provides enhanced security. This change shall be done once we have our phone apps (Android/iOS) upgraded to handle ``Security2 scheme``. Security2 Scheme >>>>>>>>>>>>>>>> diff --git a/docs/en/migration-guides/release-5.x/provisioning.rst b/docs/en/migration-guides/release-5.x/provisioning.rst index 84f51af72d..f9950203ce 100644 --- a/docs/en/migration-guides/release-5.x/provisioning.rst +++ b/docs/en/migration-guides/release-5.x/provisioning.rst @@ -14,8 +14,7 @@ Wi-Fi Provisioning ------------------ .. list:: - * The ``pop`` field in the :cpp:func:`wifi_prov_mgr_start_provisioning` API is now deprecated. Please use the ``wifi_prov_sec_params`` field instead of ``pop``. This parameter should contain the structure (containing the security parameters) as required by the protocol version used. For example, when using security version 2, the ``wifi_prov_sec_params`` parameter should contain the pointer to the structure of type :cpp:type:`wifi_prov_security2_params_t`. - + * The ``pop`` field in the :cpp:func:`wifi_prov_mgr_start_provisioning` API is now deprecated. For backward compatibility, ``pop`` can be still passed as a string for security1. However for Security2 the ``wifi_prov_sec_params`` argument needs to be passed instead of ``pop``. This parameter should contain the structure (containing the security parameters) as required by the protocol version used. For example, when using security version 2, the ``wifi_prov_sec_params`` parameter should contain the pointer to the structure of type :cpp:type:`wifi_prov_security2_params_t`. For security 1 the behaviour and the usage of the API remains same. * The API :cpp:func:`wifi_prov_mgr_is_provisioned` does not return :c:macro:`ESP_ERR_INVALID_STATE` error any more. This API now works without any dependency on provisioning manager initialization state. ESP Local Control diff --git a/examples/provisioning/wifi_prov_mgr/main/app_main.c b/examples/provisioning/wifi_prov_mgr/main/app_main.c index 9f17dfe1b2..8b20a640da 100644 --- a/examples/provisioning/wifi_prov_mgr/main/app_main.c +++ b/examples/provisioning/wifi_prov_mgr/main/app_main.c @@ -343,11 +343,8 @@ void app_main(void) * for the protocomm security 1. * This does not need not be static i.e. could be dynamically allocated */ - wifi_prov_security1_params_t sec1_params = { - .data = (const uint8_t *)pop, - .len = strlen(pop), - }; - wifi_prov_security1_params_t *sec_params = &sec1_params; + wifi_prov_security1_params_t *sec_params = pop; + const char *username = NULL; #elif CONFIG_EXAMPLE_PROV_SECURITY_VERSION_2 From 0e3c630f9a6eb430815d8b0bac9c80f5e41b5f4c Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Tue, 6 Sep 2022 19:30:16 +0530 Subject: [PATCH 2/6] wifi_prov_mgr: Add security version in the proto-ver endpoint. --- components/wifi_provisioning/src/manager.c | 1 + 1 file changed, 1 insertion(+) diff --git a/components/wifi_provisioning/src/manager.c b/components/wifi_provisioning/src/manager.c index 13074a1fd0..7aa7353f4a 100644 --- a/components/wifi_provisioning/src/manager.c +++ b/components/wifi_provisioning/src/manager.c @@ -246,6 +246,7 @@ static cJSON* wifi_prov_get_info_json(void) /* Version field */ cJSON_AddStringToObject(prov_info_json, "ver", prov_ctx->mgr_info.version); + cJSON_AddNumberToObject(prov_info_json, "sec_ver", prov_ctx->security); /* Capabilities field */ cJSON_AddItemToObject(prov_info_json, "cap", prov_capabilities); From 244f4ce1d9966e4b195993d5e7bfb05944667dd3 Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Tue, 6 Sep 2022 19:32:12 +0530 Subject: [PATCH 3/6] protocomm: Enable security version 2 by default --- components/protocomm/Kconfig | 2 +- docs/en/api-guides/performance/size.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/components/protocomm/Kconfig b/components/protocomm/Kconfig index d85a7336fe..312d10d679 100644 --- a/components/protocomm/Kconfig +++ b/components/protocomm/Kconfig @@ -20,7 +20,7 @@ menu "Protocomm" config ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2 bool "Support protocomm security version 2 (SRP6a-based key exchange + AES-GCM encryption/decryption)" - default n + default y help Enable support of security version 2. Disabling this option saves some code size. diff --git a/docs/en/api-guides/performance/size.rst b/docs/en/api-guides/performance/size.rst index 8c131fcbd1..19b36e9de9 100644 --- a/docs/en/api-guides/performance/size.rst +++ b/docs/en/api-guides/performance/size.rst @@ -304,7 +304,7 @@ The following configuration options will reduce the final binary size of almost - Disabling :ref:`CONFIG_ESP_ERR_TO_NAME_LOOKUP` will remove the lookup table to translate user-friendly names for error values (see :doc:`/api-guides/error-handling`) in error logs, etc. This saves some binary size, but error values will be printed as integers only. - Setting :ref:`CONFIG_ESP_SYSTEM_PANIC` to "Silent reboot" will save a small amount of binary size, however this is *only* recommended if no one will use UART output to debug the device. :CONFIG_IDF_TARGET_ARCH_RISCV: - Set :ref:`CONFIG_COMPILER_SAVE_RESTORE_LIBCALLS` to reduce binary size by replacing inlined prologues/epilogues with library calls. - + - If the application binary uses only one of the security versions of the protocomm component, then the support for others can be disabled to save some code size. The support can be disabled through :ref:`CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_0`, :ref:`CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_1` or :ref:`CONFIG_ESP_PROTOCOMM_SUPPORT_SECURITY_VERSION_2` respectively. .. note:: In addition to the many configuration items shown here, there are a number of configuration options where changing the option from the default will increase binary size. These are not noted here. Where the increase is significant, this is usually noted in the configuration item help text. From 853715f3e2c8b9b29f8542db2eeb207c4a3ba275 Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Tue, 13 Sep 2022 14:49:31 +0530 Subject: [PATCH 4/6] wifi_prov_mgr: Fix comments --- examples/provisioning/wifi_prov_mgr/main/app_main.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/examples/provisioning/wifi_prov_mgr/main/app_main.c b/examples/provisioning/wifi_prov_mgr/main/app_main.c index 8b20a640da..525850d0e7 100644 --- a/examples/provisioning/wifi_prov_mgr/main/app_main.c +++ b/examples/provisioning/wifi_prov_mgr/main/app_main.c @@ -336,12 +336,9 @@ void app_main(void) * - NULL if not used */ const char *pop = "abcd1234"; - /* If the pop is allocated dynamically, then it should be valid till the provisioning process is running. - * it can be only freed when the WIFI_PROV_END event is triggered */ /* This is the structure for passing security parameters * for the protocomm security 1. - * This does not need not be static i.e. could be dynamically allocated */ wifi_prov_security1_params_t *sec_params = pop; @@ -366,7 +363,8 @@ void app_main(void) #endif /* This is the structure for passing security parameters * for the protocomm security 2. - * This does not need not be static i.e. could be dynamically allocated + * If dynamically allocated, sec2_params pointer and its content + * must be valid till WIFI_PROV_END event is triggered. */ wifi_prov_security2_params_t sec2_params = {}; From c8e1b741dd36430cdb55ecfaa82ecdb53255016c Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Tue, 13 Sep 2022 16:00:57 +0530 Subject: [PATCH 5/6] wifi_prov_mgr_example: Set "wifiprov" as test username and "abcd1234" as test password. --- examples/provisioning/wifi_prov_mgr/README.md | 16 +++--- .../wifi_prov_mgr/main/app_main.c | 56 +++++++++---------- 2 files changed, 37 insertions(+), 35 deletions(-) diff --git a/examples/provisioning/wifi_prov_mgr/README.md b/examples/provisioning/wifi_prov_mgr/README.md index b0410bf7b1..3f7d33ef15 100644 --- a/examples/provisioning/wifi_prov_mgr/README.md +++ b/examples/provisioning/wifi_prov_mgr/README.md @@ -86,7 +86,7 @@ python esp_prov.py --transport ble --service_name PROV_261FCC --sec_ver 1 --pop For security version 2, the following command can be used: ``` -python esp_prov.py --transport ble --service_name PROV_261FCC --sec_ver 2 --sec2_username testuser --sec2_pwd testpassword --ssid myssid --passphrase mypassword +python esp_prov.py --transport ble --service_name PROV_261FCC --sec_ver 2 --sec2_username wifiprov --sec2_pwd abcd1234 --ssid myssid --passphrase mypassword ``` Above command will perform the provisioning steps, and the monitor log should display something like this : @@ -123,17 +123,19 @@ I (55355) app: Hello World! The config option `CONFIG_EXAMPLE_PROV_SEC2_DEV_MODE` should be enabled for the example and in `main/app_main.c`, the macro `EXAMPLE_PROV_SEC2_USERNAME` should be set to the same username used in the salt-verifier generation. ```log -$ python esp_prov.py --transport softap --sec_ver 2 --sec2_gen_cred --sec2_username testuser --sec2_pwd testpassword +$ python esp_prov.py --transport softap --sec_ver 2 --sec2_gen_cred --sec2_username wifiprov --sec2_pwd abcd1234 ==== Salt-verifier for security scheme 2 (SRP6a) ==== static const char sec2_salt[] = { - 0x14, 0xdf, 0x42, 0x50, 0x3d, 0xec, 0x54, 0xc3, 0xe5, 0x0e, 0x0c, 0x9d, 0xb4, 0x84, 0xd7, 0xe4 + 0x03, 0x6e, 0xe0, 0xc7, 0xbc, 0xb9, 0xed, 0xa8, 0x4c, 0x9e, 0xac, 0x97, 0xd9, 0x3d, 0xec, 0xf4 }; static const char sec2_verifier[] = { - 0xd7, 0xc2, 0xdb, 0x68, 0x3b, 0x98, 0xf0, 0xbf, 0x4f, 0x02, 0x21, 0xf6, 0x07, 0xe6, 0xfc, 0x0d, - ... - ... - 0x86, 0xf2, 0x78, 0xba, 0x1e, 0x12, 0xa9, 0x62, 0x9a, 0x47, 0x1b, 0x69, 0x42, 0xba, 0x37, 0xe2 + 0x7c, 0x7c, 0x85, 0x47, 0x65, 0x08, 0x94, 0x6d, 0xd6, 0x36, 0xaf, 0x37, 0xd7, 0xe8, 0x91, 0x43, + 0x78, 0xcf, 0xfd, 0x61, 0x6c, 0x59, 0xd2, 0xf8, 0x39, 0x08, 0x12, 0x72, 0x38, 0xde, 0x9e, 0x24, + . + . + . + 0xe6, 0xf6, 0x53, 0xc8, 0x31, 0xa8, 0x78, 0xde, 0x50, 0x40, 0xf7, 0x62, 0xde, 0x36, 0xb2, 0xba }; ``` diff --git a/examples/provisioning/wifi_prov_mgr/main/app_main.c b/examples/provisioning/wifi_prov_mgr/main/app_main.c index 525850d0e7..792b44d2c8 100644 --- a/examples/provisioning/wifi_prov_mgr/main/app_main.c +++ b/examples/provisioning/wifi_prov_mgr/main/app_main.c @@ -34,41 +34,41 @@ static const char *TAG = "app"; #if CONFIG_EXAMPLE_PROV_SECURITY_VERSION_2 #if CONFIG_EXAMPLE_PROV_SEC2_DEV_MODE -#define EXAMPLE_PROV_SEC2_USERNAME "testuser" -#define EXAMPLE_PROV_SEC2_PWD "testpassword" +#define EXAMPLE_PROV_SEC2_USERNAME "wifiprov" +#define EXAMPLE_PROV_SEC2_PWD "abcd1234" -/* This salt,verifier has been generated for username = "testuser" and password = "testpassword" +/* This salt,verifier has been generated for username = "wifiprov" and password = "abcd1234" * IMPORTANT NOTE: For production cases, this must be unique to every device * and should come from device manufacturing partition.*/ static const char sec2_salt[] = { - 0x2f, 0x3d, 0x3c, 0xf8, 0x0d, 0xbd, 0x0c, 0xa9, 0x6f, 0x30, 0xb4, 0x4d, 0x89, 0xd5, 0x2f, 0x0e + 0x03, 0x6e, 0xe0, 0xc7, 0xbc, 0xb9, 0xed, 0xa8, 0x4c, 0x9e, 0xac, 0x97, 0xd9, 0x3d, 0xec, 0xf4 }; static const char sec2_verifier[] = { - 0xf2, 0x9f, 0xc1, 0xf5, 0x28, 0x4a, 0x11, 0x74, 0xb4, 0x24, 0x09, 0x23, 0xd8, 0x27, 0xb7, 0x5a, - 0x95, 0x3a, 0x99, 0xed, 0xf4, 0x6e, 0xe9, 0x8c, 0x4f, 0x07, 0xf2, 0xf5, 0x43, 0x3d, 0x7f, 0x9a, - 0x11, 0x60, 0x66, 0xaf, 0xcd, 0xa5, 0xf6, 0xfa, 0xcb, 0x06, 0xe9, 0xc5, 0x3f, 0x4d, 0x77, 0x16, - 0x4c, 0x68, 0x6d, 0x7f, 0x7c, 0xd7, 0xc7, 0x5a, 0x83, 0xc0, 0xfb, 0x94, 0x2d, 0xa9, 0x60, 0xf0, - 0x09, 0x11, 0xa0, 0xe1, 0x95, 0x33, 0xd1, 0x30, 0x7f, 0x82, 0x1b, 0x1b, 0x0f, 0x6d, 0xf1, 0xdc, - 0x93, 0x1c, 0x20, 0xa7, 0xc0, 0x8d, 0x48, 0x38, 0xff, 0x46, 0xb9, 0xaf, 0xf7, 0x93, 0x78, 0xae, - 0xff, 0xb8, 0x3b, 0xdf, 0x99, 0x7b, 0x64, 0x47, 0x02, 0xba, 0x01, 0x39, 0x0f, 0x5c, 0xd8, 0x4e, - 0x6f, 0xc8, 0xd0, 0x82, 0x7f, 0x2d, 0x33, 0x1a, 0x09, 0x65, 0x77, 0x85, 0xbc, 0x8a, 0x84, 0xe0, - 0x46, 0x7e, 0x3b, 0x0e, 0x6e, 0x3b, 0xdf, 0x70, 0x17, 0x70, 0x0a, 0xbc, 0x84, 0x67, 0xfa, 0xf9, - 0x84, 0x53, 0xda, 0xb4, 0xca, 0x38, 0x71, 0xe4, 0x06, 0xf6, 0x7d, 0xc8, 0x32, 0xbb, 0x91, 0x0c, - 0xe7, 0xd3, 0x59, 0xb6, 0x03, 0xed, 0x8e, 0x0d, 0x91, 0x9c, 0x09, 0xd7, 0x6f, 0xd5, 0xca, 0x55, - 0xc5, 0x58, 0x0f, 0x95, 0xb5, 0x83, 0x65, 0x6f, 0x2d, 0xbc, 0x94, 0x0f, 0xbb, 0x0f, 0xd3, 0x42, - 0xa5, 0xfe, 0x15, 0x7f, 0xf9, 0xa8, 0x16, 0xe6, 0x58, 0x9b, 0x4c, 0x0f, 0xd3, 0x83, 0x2c, 0xac, - 0xe4, 0xbf, 0xa3, 0x96, 0x1e, 0xb6, 0x6f, 0x59, 0xe6, 0xd1, 0x0e, 0xd4, 0x27, 0xb6, 0x05, 0x34, - 0xec, 0x8c, 0xf8, 0x72, 0xbb, 0x04, 0x7b, 0xa4, 0x49, 0x3d, 0x6d, 0xa9, 0x99, 0xfc, 0x0a, 0x2b, - 0xd8, 0x46, 0xa8, 0xd1, 0x46, 0x61, 0x5c, 0x96, 0xd2, 0x43, 0xcd, 0xea, 0x7f, 0x6a, 0x50, 0x59, - 0x0d, 0x0e, 0xa1, 0xb3, 0x94, 0x5a, 0x34, 0xe0, 0x1e, 0x95, 0x56, 0x68, 0xb4, 0xbc, 0xf1, 0x08, - 0x54, 0xcb, 0x42, 0x41, 0xc6, 0x78, 0xad, 0x71, 0x84, 0x1c, 0x29, 0xb8, 0x33, 0x79, 0x1c, 0x10, - 0xdd, 0x07, 0xc8, 0x91, 0x21, 0x85, 0x89, 0x76, 0xd7, 0x37, 0xdf, 0x5b, 0x19, 0x33, 0x4e, 0x17, - 0x67, 0x02, 0x0f, 0x1b, 0xb9, 0x2f, 0xa4, 0xdc, 0xdd, 0x75, 0x32, 0x96, 0x87, 0xdd, 0x66, 0xc3, - 0x33, 0xc1, 0xfc, 0x4c, 0x27, 0x63, 0xb9, 0x14, 0x72, 0x76, 0x65, 0xb8, 0x90, 0x2b, 0xeb, 0x7a, - 0xde, 0x71, 0x97, 0xf3, 0x6b, 0xc9, 0x8e, 0xdf, 0xfc, 0x6e, 0x13, 0xcc, 0x1b, 0x2b, 0x54, 0x1a, - 0x6e, 0x3d, 0xe6, 0x1c, 0xec, 0x5d, 0xa1, 0xf1, 0xd4, 0x86, 0x9d, 0xcd, 0xb9, 0xe8, 0x98, 0xf1, - 0xe5, 0x16, 0xa5, 0x48, 0xe5, 0xec, 0x12, 0xe8, 0x17, 0xe2, 0x55, 0xb5, 0xb3, 0x7c, 0xce, 0xfd + 0x7c, 0x7c, 0x85, 0x47, 0x65, 0x08, 0x94, 0x6d, 0xd6, 0x36, 0xaf, 0x37, 0xd7, 0xe8, 0x91, 0x43, + 0x78, 0xcf, 0xfd, 0x61, 0x6c, 0x59, 0xd2, 0xf8, 0x39, 0x08, 0x12, 0x72, 0x38, 0xde, 0x9e, 0x24, + 0xa4, 0x70, 0x26, 0x1c, 0xdf, 0xa9, 0x03, 0xc2, 0xb2, 0x70, 0xe7, 0xb1, 0x32, 0x24, 0xda, 0x11, + 0x1d, 0x97, 0x18, 0xdc, 0x60, 0x72, 0x08, 0xcc, 0x9a, 0xc9, 0x0c, 0x48, 0x27, 0xe2, 0xae, 0x89, + 0xaa, 0x16, 0x25, 0xb8, 0x04, 0xd2, 0x1a, 0x9b, 0x3a, 0x8f, 0x37, 0xf6, 0xe4, 0x3a, 0x71, 0x2e, + 0xe1, 0x27, 0x86, 0x6e, 0xad, 0xce, 0x28, 0xff, 0x54, 0x46, 0x60, 0x1f, 0xb9, 0x96, 0x87, 0xdc, + 0x57, 0x40, 0xa7, 0xd4, 0x6c, 0xc9, 0x77, 0x54, 0xdc, 0x16, 0x82, 0xf0, 0xed, 0x35, 0x6a, 0xc4, + 0x70, 0xad, 0x3d, 0x90, 0xb5, 0x81, 0x94, 0x70, 0xd7, 0xbc, 0x65, 0xb2, 0xd5, 0x18, 0xe0, 0x2e, + 0xc3, 0xa5, 0xf9, 0x68, 0xdd, 0x64, 0x7b, 0xb8, 0xb7, 0x3c, 0x9c, 0xfc, 0x00, 0xd8, 0x71, 0x7e, + 0xb7, 0x9a, 0x7c, 0xb1, 0xb7, 0xc2, 0xc3, 0x18, 0x34, 0x29, 0x32, 0x43, 0x3e, 0x00, 0x99, 0xe9, + 0x82, 0x94, 0xe3, 0xd8, 0x2a, 0xb0, 0x96, 0x29, 0xb7, 0xdf, 0x0e, 0x5f, 0x08, 0x33, 0x40, 0x76, + 0x52, 0x91, 0x32, 0x00, 0x9f, 0x97, 0x2c, 0x89, 0x6c, 0x39, 0x1e, 0xc8, 0x28, 0x05, 0x44, 0x17, + 0x3f, 0x68, 0x02, 0x8a, 0x9f, 0x44, 0x61, 0xd1, 0xf5, 0xa1, 0x7e, 0x5a, 0x70, 0xd2, 0xc7, 0x23, + 0x81, 0xcb, 0x38, 0x68, 0xe4, 0x2c, 0x20, 0xbc, 0x40, 0x57, 0x76, 0x17, 0xbd, 0x08, 0xb8, 0x96, + 0xbc, 0x26, 0xeb, 0x32, 0x46, 0x69, 0x35, 0x05, 0x8c, 0x15, 0x70, 0xd9, 0x1b, 0xe9, 0xbe, 0xcc, + 0xa9, 0x38, 0xa6, 0x67, 0xf0, 0xad, 0x50, 0x13, 0x19, 0x72, 0x64, 0xbf, 0x52, 0xc2, 0x34, 0xe2, + 0x1b, 0x11, 0x79, 0x74, 0x72, 0xbd, 0x34, 0x5b, 0xb1, 0xe2, 0xfd, 0x66, 0x73, 0xfe, 0x71, 0x64, + 0x74, 0xd0, 0x4e, 0xbc, 0x51, 0x24, 0x19, 0x40, 0x87, 0x0e, 0x92, 0x40, 0xe6, 0x21, 0xe7, 0x2d, + 0x4e, 0x37, 0x76, 0x2f, 0x2e, 0xe2, 0x68, 0xc7, 0x89, 0xe8, 0x32, 0x13, 0x42, 0x06, 0x84, 0x84, + 0x53, 0x4a, 0xb3, 0x0c, 0x1b, 0x4c, 0x8d, 0x1c, 0x51, 0x97, 0x19, 0xab, 0xae, 0x77, 0xff, 0xdb, + 0xec, 0xf0, 0x10, 0x95, 0x34, 0x33, 0x6b, 0xcb, 0x3e, 0x84, 0x0f, 0xb9, 0xd8, 0x5f, 0xb8, 0xa0, + 0xb8, 0x55, 0x53, 0x3e, 0x70, 0xf7, 0x18, 0xf5, 0xce, 0x7b, 0x4e, 0xbf, 0x27, 0xce, 0xce, 0xa8, + 0xb3, 0xbe, 0x40, 0xc5, 0xc5, 0x32, 0x29, 0x3e, 0x71, 0x64, 0x9e, 0xde, 0x8c, 0xf6, 0x75, 0xa1, + 0xe6, 0xf6, 0x53, 0xc8, 0x31, 0xa8, 0x78, 0xde, 0x50, 0x40, 0xf7, 0x62, 0xde, 0x36, 0xb2, 0xba }; #endif From ff424129168d536435d2c42598200d17cfc2ff02 Mon Sep 17 00:00:00 2001 From: Aditya Patwardhan Date: Thu, 22 Sep 2022 08:43:09 +0530 Subject: [PATCH 6/6] wifi_prov_mgr: Make security2 as default for the example --- examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild b/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild index 269ad1866c..ceaa4bbef1 100644 --- a/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild +++ b/examples/provisioning/wifi_prov_mgr/main/Kconfig.projbuild @@ -17,7 +17,7 @@ menu "Example Configuration" choice EXAMPLE_PROV_SECURITY_VERSION bool "Protocomm security version" - default EXAMPLE_PROV_SECURITY_VERSION_1 + default EXAMPLE_PROV_SECURITY_VERSION_2 help Wi-Fi provisioning component offers 3 security versions. The example offers a choice between security version 1 and 2.