diff --git a/components/esp_wifi/lib b/components/esp_wifi/lib index 94bb77fced..06b494ab89 160000 --- a/components/esp_wifi/lib +++ b/components/esp_wifi/lib @@ -1 +1 @@ -Subproject commit 94bb77fced1b7b46314695d322ab5b99dd54b1a8 +Subproject commit 06b494ab897d045b87a8b312c8a74662cc31e0d1 diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c b/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c index ccf7d81337..97cd6d8621 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c +++ b/components/wpa_supplicant/esp_supplicant/src/esp_hostap.c @@ -22,6 +22,7 @@ #include "esp_wps.h" #include "esp_wps_i.h" +#include "rsn_supp/wpa.h" #include "ap/sta_info.h" #include "common/sae.h" #include "ap/ieee802_11.h" @@ -166,7 +167,7 @@ void *hostap_init(void) } #endif /* CONFIG_IEEE80211W */ - + esp_wifi_ap_set_group_mgmt_cipher_internal(cipher_type_map_supp_to_public(auth_conf->group_mgmt_cipher)); spp_attrubute = esp_wifi_get_spp_attrubute_internal(WIFI_IF_AP); auth_conf->spp_sup.capable = ((spp_attrubute & WPA_CAPABILITY_SPP_CAPABLE) ? SPP_AMSDU_CAP_ENABLE : SPP_AMSDU_CAP_DISABLE); auth_conf->spp_sup.require = ((spp_attrubute & WPA_CAPABILITY_SPP_REQUIRED) ? SPP_AMSDU_REQ_ENABLE : SPP_AMSDU_REQ_DISABLE); @@ -202,9 +203,6 @@ void *hostap_init(void) auth_conf->sae_require_mfp = 1; #endif /* CONFIG_SAE */ - //TODO change it when AP support GCMP-PSK - auth_conf->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC; - hapd->conf->ap_max_inactivity = 5 * 60; hostapd_setup_wpa_psk(hapd->conf); diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h b/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h index 66b02b9c7c..6ef7a5360e 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h +++ b/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h @@ -306,5 +306,6 @@ uint8_t* esp_wifi_sta_get_rsnxe(u8 *bssid); esp_err_t esp_wifi_sta_connect_internal(const uint8_t *bssid); void esp_wifi_enable_sae_pk_only_mode_internal(void); uint8_t esp_wifi_ap_get_transition_disable_internal(void); +void esp_wifi_ap_set_group_mgmt_cipher_internal(wifi_cipher_type_t cipher); #endif /* _ESP_WIFI_DRIVER_H_ */ diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c index e4f52c4321..948f271397 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c +++ b/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2019-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ diff --git a/components/wpa_supplicant/src/ap/wpa_auth.c b/components/wpa_supplicant/src/ap/wpa_auth.c index f1d4cd08a0..bf4ca6e26e 100644 --- a/components/wpa_supplicant/src/ap/wpa_auth.c +++ b/components/wpa_supplicant/src/ap/wpa_auth.c @@ -165,9 +165,8 @@ static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, if (key) { wpa_printf (MSG_DEBUG, "%s : igtk idx %d", __func__, idx); wifi_wpa_igtk_t *igtk = os_malloc(sizeof(wifi_wpa_igtk_t)); - if (igtk != NULL) { - memcpy(&igtk->igtk[0], key, WPA_IGTK_LEN); + memcpy(&igtk->igtk[0], key, key_len); memset((uint8_t*)&igtk->pn[0],0,6); igtk->keyid[0] = idx; igtk->keyid[1] = 0; @@ -2469,6 +2468,8 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, struct wpa_group *group) { int ret = 0; + size_t len; + len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher); if (wpa_auth_set_key(wpa_auth, group->vlan_id, wpa_cipher_to_alg(wpa_auth->conf.wpa_group), (uint8_t *)broadcast_ether_addr, group->GN, @@ -2480,7 +2481,7 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, wpa_auth_set_key(wpa_auth, group->vlan_id, WIFI_WPA_ALG_IGTK, broadcast_ether_addr, group->GN_igtk, group->IGTK[group->GN_igtk - 4], - WPA_IGTK_LEN) < 0) + len) < 0) ret = -1; #endif /* CONFIG_IEEE80211W */ diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index 0373e1279c..9a1ad92386 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -109,6 +109,12 @@ wifi_cipher_type_t cipher_type_map_supp_to_public(unsigned wpa_cipher) case WPA_CIPHER_AES_128_CMAC: return WIFI_CIPHER_TYPE_AES_CMAC128; + case WPA_CIPHER_BIP_GMAC_128: + return WIFI_CIPHER_TYPE_AES_GMAC128; + + case WPA_CIPHER_BIP_GMAC_256: + return WIFI_CIPHER_TYPE_AES_GMAC256; + case WPA_CIPHER_SMS4: return WIFI_CIPHER_TYPE_SMS4;