diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts index fbe74a822240..9b62eafea174 100644 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts +++ b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp.dts @@ -32,7 +32,6 @@ qspi-quad-mode; #include "nrf70_common.dtsi" - #include "nrf70_common_coex.dtsi" #include "nrf70_common_5g.dtsi" }; }; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts index 1d78dddbe68a..8d955c67fc72 100644 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts +++ b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001.dts @@ -32,6 +32,5 @@ qspi-quad-mode; #include "nrf70_common.dtsi" - #include "nrf70_common_coex.dtsi" }; }; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts index cbbd46dff8be..5ff28accf3fc 100644 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts +++ b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_nrf7001_ns.dts @@ -35,6 +35,5 @@ qspi-quad-mode; #include "nrf70_common.dtsi" - #include "nrf70_common_coex.dtsi" }; }; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts index ed2193847959..0deb8ccc1bf5 100644 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts +++ b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpuapp_ns.dts @@ -35,7 +35,6 @@ qspi-quad-mode; #include "nrf70_common.dtsi" - #include "nrf70_common_coex.dtsi" #include "nrf70_common_5g.dtsi" }; }; diff --git a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts index 823c9fafacba..8e36e678581a 100644 --- a/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts +++ b/boards/nordic/nrf7002dk/nrf7002dk_nrf5340_cpunet.dts @@ -84,9 +84,12 @@ nrf70: coex { status = "okay"; - compatible = "nordic,nrf70-coex"; + compatible = "nordic,nrf7002-coex"; - #include "nrf70_common_coex.dtsi" + req-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; + status0-gpios = <&gpio0 30 GPIO_ACTIVE_HIGH>; + grant-gpios = <&gpio0 24 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; + swctrl1-gpios = <&gpio0 29 GPIO_ACTIVE_HIGH>; }; /* These aliases are provided for compatibility with samples */ diff --git a/boards/nordic/nrf7002dk/nrf70_common.dtsi b/boards/nordic/nrf7002dk/nrf70_common.dtsi index f40f8ad9bb74..cd9cd23bb892 100644 --- a/boards/nordic/nrf7002dk/nrf70_common.dtsi +++ b/boards/nordic/nrf7002dk/nrf70_common.dtsi @@ -7,6 +7,7 @@ iovdd-ctrl-gpios = <&gpio0 31 GPIO_ACTIVE_HIGH>; bucken-gpios = <&gpio0 12 GPIO_ACTIVE_HIGH>; host-irq-gpios = <&gpio0 23 GPIO_ACTIVE_HIGH>; +srrf-switch-gpios = <&gpio1 10 GPIO_ACTIVE_HIGH>; wifi-max-tx-pwr-2g-dsss = <21>; wifi-max-tx-pwr-2g-mcs0 = <16>; diff --git a/boards/nordic/nrf7002dk/nrf70_common_coex.dtsi b/boards/nordic/nrf7002dk/nrf70_common_coex.dtsi deleted file mode 100644 index 03f22c3edbaa..000000000000 --- a/boards/nordic/nrf7002dk/nrf70_common_coex.dtsi +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2024 Nordic Semiconductor ASA - * - * SPDX-License-Identifier: Apache-2.0 - */ - -req-gpios = <&gpio0 28 GPIO_ACTIVE_HIGH>; -status0-gpios = <&gpio0 30 GPIO_ACTIVE_HIGH>; -grant-gpios = <&gpio0 24 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; -swctrl1-gpios = <&gpio0 29 GPIO_ACTIVE_HIGH>; -srrf-switch-gpios = <&gpio1 10 GPIO_ACTIVE_HIGH>; diff --git a/boards/shields/nrf7002eb/nrf7002eb_coex.overlay b/boards/shields/nrf7002eb/nrf7002eb_coex.overlay index a8925c255675..59007ebe58eb 100644 --- a/boards/shields/nrf7002eb/nrf7002eb_coex.overlay +++ b/boards/shields/nrf7002eb/nrf7002eb_coex.overlay @@ -4,10 +4,13 @@ * SPDX-License-Identifier: Apache-2.0 */ -#include "nrf7002eb.overlay" +/ { + nrf70: coex { + compatible = "nordic,nrf7002-coex"; + status = "okay"; -&nrf70 { - status0-gpios = <&edge_connector 5 GPIO_ACTIVE_HIGH>; - req-gpios = <&edge_connector 6 GPIO_ACTIVE_HIGH>; - grant-gpios = <&edge_connector 15 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; + status0-gpios = <&edge_connector 5 GPIO_ACTIVE_HIGH>; + req-gpios = <&edge_connector 6 GPIO_ACTIVE_HIGH>; + grant-gpios = <&edge_connector 15 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; + }; }; diff --git a/boards/shields/nrf7002ek/Kconfig.shield b/boards/shields/nrf7002ek/Kconfig.shield index 7627ff96dbd4..5b52d5710f27 100644 --- a/boards/shields/nrf7002ek/Kconfig.shield +++ b/boards/shields/nrf7002ek/Kconfig.shield @@ -9,3 +9,6 @@ config SHIELD_NRF7002EK_NRF7001 config SHIELD_NRF7002EK_NRF7000 def_bool $(shields_list_contains,nrf7002ek_nrf7000) + +config SHIELD_NRF7002EK_COEX + def_bool $(shields_list_contains,nrf7002ek_coex) diff --git a/boards/shields/nrf7002ek/doc/index.rst b/boards/shields/nrf7002ek/doc/index.rst index 9f247be3501d..cfe08750f57b 100644 --- a/boards/shields/nrf7002ek/doc/index.rst +++ b/boards/shields/nrf7002ek/doc/index.rst @@ -47,24 +47,25 @@ SR Co-existence ############### The nRF7002 EK supports SR co-existence provided the host board supports it. The SR co-existence -pins are connected to the host board's GPIO pins. +pins are connected to the host board's GPIO pins. The interface is selected by setting +``--shield nrf7002ek_coex`` when invoking ``west build``. Two Kconfig options are available to enable SR co-existence: -- :kconfig:option:`CONFIG_NRF70_SR_COEX`: Enables SR co-existence. +- :kconfig:option:`CONFIG_NRF70_SR_COEX`: Enables SR co-existence driver. - :kconfig:option:`CONFIG_NRF70_SR_COEX_RF_SWITCH`: Control SR side RF switch. Shield Variants ############### -The nRF7002 EK is available in three variants: +The nRF7002 EK is available in four variants: - ``nrf7002ek``: The default variant. - ``nrf7002ek_nrf7001``: Variant for the nRF7001 SoC or nRF7002 SoC emulating nRF7001 - that supports only 2.4GHz Wi-Fi. + that supports only 2.4GHz Wi-Fi. - ``nrf7002ek_nrf7000``: Variant for the nRF7000 SoC or nRF7002 SoC emulating nRF7000 - that supports only 2.4GHz Wi-Fi. - + that supports only 2.4GHz Wi-Fi. +- ``nrf7002ek_coex``: Variant for the SR co-existence interface References ********** diff --git a/boards/shields/nrf7002ek/nrf7002ek_coex.overlay b/boards/shields/nrf7002ek/nrf7002ek_coex.overlay new file mode 100644 index 000000000000..4b592acbfb23 --- /dev/null +++ b/boards/shields/nrf7002ek/nrf7002ek_coex.overlay @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/ { + nrf70: coex { + compatible = "nordic,nrf7002-coex"; + status = "okay"; + + /* D2 */ + status0-gpios = <&arduino_header 8 GPIO_ACTIVE_HIGH>; + /* D3 */ + req-gpios = <&arduino_header 9 GPIO_ACTIVE_HIGH>; + /* D4 */ + grant-gpios = <&arduino_header 10 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; + /* D6 */ + swctrl1-gpios = <&arduino_header 12 GPIO_ACTIVE_HIGH>; + }; +}; diff --git a/boards/shields/nrf7002ek/nrf7002ek_common.dtsi b/boards/shields/nrf7002ek/nrf7002ek_common.dtsi index 102e0078d5f3..c9bbbde4b926 100644 --- a/boards/shields/nrf7002ek/nrf7002ek_common.dtsi +++ b/boards/shields/nrf7002ek/nrf7002ek_common.dtsi @@ -12,15 +12,8 @@ iovdd-ctrl-gpios = <&arduino_header 6 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; bucken-gpios = <&arduino_header 7 (GPIO_ACTIVE_HIGH | GPIO_PULL_DOWN)>; /* D7 */ host-irq-gpios = <&arduino_header 13 GPIO_ACTIVE_HIGH>; + /* Short-range (SR) co-existence */ -/* D2 */ -status0-gpios = <&arduino_header 8 GPIO_ACTIVE_HIGH>; -/* D3 */ -req-gpios = <&arduino_header 9 GPIO_ACTIVE_HIGH>; -/* D4 */ -grant-gpios = <&arduino_header 10 (GPIO_PULL_DOWN | GPIO_ACTIVE_LOW)>; -/* D6 */ -swctrl1-gpios = <&arduino_header 12 GPIO_ACTIVE_HIGH>; /* D8 */ srrf-switch-gpios = <&arduino_header 14 GPIO_ACTIVE_HIGH>; diff --git a/doc/connectivity/networking/api/wifi.rst b/doc/connectivity/networking/api/wifi.rst index 7803a4560559..1499f1c75ab3 100644 --- a/doc/connectivity/networking/api/wifi.rst +++ b/doc/connectivity/networking/api/wifi.rst @@ -38,21 +38,28 @@ module. $ cp client.pem samples/net/wifi/test_certs/ $ cp client-key.pem samples/net/wifi/test_certs/ $ cp ca.pem samples/net/wifi/test_certs/ - $ west build -p -b samples/net/wifi + $ cp client2.pem samples/net/wifi/test_certs/ + $ cp client-key2.pem samples/net/wifi/test_certs/ + $ cp ca2.pem samples/net/wifi/test_certs/ + $ west build -p -b samples/net/wifi -- -DEXTRA_CONF_FILE=overlay-enterprise.conf + +For using variable size network buffer, the following overlay file can be used: + +.. code-block:: bash + + $ west build -p -b samples/net/wifi -- -DEXTRA_CONF_FILE=overlay-enterprise-variable-bufs.conf + + To initiate Wi-Fi connection, the following command can be used: .. code-block:: console - uart:~$ wifi connect -s -k 5 -a anon -K whatever + uart:~$ wifi connect -s -c 149 -k 17 -w 2 -a client1 --key1-pwd whatever --key2-pwd whatever --eap-id1 id1 --eap-pwd1 pwd1 Server certificate is also provided in the same directory for testing purposes. Any AAA server can be used for testing purposes, for example, ``FreeRADIUS`` or ``hostapd``. -.. important:: - - The passphrase for the :file:`client-key.pem`` and the :file:`server-key.pem` is ``whatever``. - .. note:: The certificates are for testing purposes only and should not be used in production. diff --git a/drivers/wifi/nrfwifi/CMakeLists.txt b/drivers/wifi/nrfwifi/CMakeLists.txt index e8eba37ca01a..70223f739ef0 100644 --- a/drivers/wifi/nrfwifi/CMakeLists.txt +++ b/drivers/wifi/nrfwifi/CMakeLists.txt @@ -29,10 +29,15 @@ zephyr_include_directories_ifdef(CONFIG_NRF70_RADIO_TEST ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/radio_test ) -zephyr_include_directories_ifndef(CONFIG_NRF70_RADIO_TEST - ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/default +zephyr_include_directories_ifdef(CONFIG_NRF70_OFFLOADED_RAW_TX + ${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/offload_raw_tx + off_raw_tx/inc ) +if(NOT CONFIG_NRF70_RADIO_TEST AND NOT CONFIG_NRF70_OFFLOADED_RAW_TX) + zephyr_include_directories(${OS_AGNOSTIC_BASE}/fw_if/umac_if/inc/default) +endif() + zephyr_library_sources_ifdef(CONFIG_NRF70_SR_COEX src/coex.c ) @@ -57,23 +62,28 @@ zephyr_library_sources( src/shim.c src/work.c src/timer.c - src/fmac_main.c src/qspi/src/device.c src/qspi/src/rpu_hw_if.c src/qspi/src/ficr_prog.c ) +zephyr_library_sources_ifndef(CONFIG_NRF70_OFFLOADED_RAW_TX + src/fmac_main.c +) + zephyr_library_sources_ifdef(CONFIG_NRF_WIFI_PATCHES_BUILTIN src/fw_load.c ) -zephyr_library_sources_ifndef(CONFIG_NRF70_RADIO_TEST +if(NOT CONFIG_NRF70_RADIO_TEST AND NOT CONFIG_NRF70_OFFLOADED_RAW_TX) + zephyr_library_sources( ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/rx.c ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_vif.c ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c src/net_if.c ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/default/fmac_api.c ) +endif() zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_MGMT src/wifi_mgmt_scan.c @@ -88,6 +98,12 @@ zephyr_library_sources_ifdef(CONFIG_NRF70_RADIO_TEST ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c ) +zephyr_library_sources_ifdef(CONFIG_NRF70_OFFLOADED_RAW_TX + ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/offload_raw_tx/fmac_api.c + ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c + off_raw_tx/src/off_raw_tx_api.c +) + zephyr_library_sources_ifdef(CONFIG_NRF70_DATA_TX ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/tx.c ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_peer.c @@ -112,6 +128,10 @@ zephyr_library_sources_ifdef(CONFIG_NRF70_STA_MODE ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_util.c ) +zephyr_library_sources_ifdef(CONFIG_NRF70_PROMISC_DATA_RX + ${OS_AGNOSTIC_BASE}/fw_if/umac_if/src/fmac_promisc.c +) + zephyr_library_sources_ifdef(CONFIG_NRF70_ON_QSPI src/qspi/src/qspi_if.c ) @@ -152,6 +172,8 @@ elseif(CONFIG_NRF_WIFI_PATCHES_BUILTIN) set(NRF70_PATCH ${FW_BINS_BASE}/scan_only/nrf70.bin) elseif (CONFIG_NRF70_SYSTEM_WITH_RAW_MODES) set(NRF70_PATCH ${FW_BINS_BASE}/system_with_raw/nrf70.bin) + elseif(CONFIG_NRF70_OFFLOADED_RAW_TX) + set(NRF70_PATCH ${FW_BINS_BASE}/offloaded_raw_tx/nrf70.bin) else() # Error message(FATAL_ERROR "Unsupported nRF70 patch configuration") @@ -231,6 +253,10 @@ zephyr_compile_definitions_ifdef(CONFIG_NRF70_RADIO_TEST -DNRF70_RADIO_TEST ) +zephyr_compile_definitions_ifdef(CONFIG_NRF70_OFFLOADED_RAW_TX + -DNRF70_OFFLOADED_RAW_TX +) + zephyr_compile_definitions_ifdef(CONFIG_NRF70_TCP_IP_CHECKSUM_OFFLOAD -DNRF70_TCP_IP_CHECKSUM_OFFLOAD ) @@ -263,6 +289,18 @@ zephyr_compile_definitions_ifdef(CONFIG_NRF70_AP_MODE -DNRF70_AP_MODE ) +zephyr_compile_definitions_ifdef(CONFIG_NRF_WIFI_MGMT_BUFF_OFFLOAD + -DNRF_WIFI_MGMT_BUFF_OFFLOAD +) + +zephyr_compile_definitions_ifdef(CONFIG_NRF_WIFI_FEAT_KEEPALIVE + -DNRF_WIFI_FEAT_KEEPALIVE +) + +zephyr_compile_definitions_ifdef(CONFIG_NRF_WIFI_FEAT_KEEPALIVE + -DNRF_WIFI_KEEPALIVE_PERIOD_S=${CONFIG_NRF_WIFI_KEEPALIVE_PERIOD_S} +) + zephyr_compile_definitions( -DNRF70_RX_NUM_BUFS=${CONFIG_NRF70_RX_NUM_BUFS} -DNRF70_MAX_TX_TOKENS=${CONFIG_NRF70_MAX_TX_TOKENS} @@ -304,4 +342,6 @@ zephyr_compile_definitions( -DNRF70_ANT_GAIN_5G_BAND1=${CONFIG_NRF70_ANT_GAIN_5G_BAND1} -DNRF70_ANT_GAIN_5G_BAND2=${CONFIG_NRF70_ANT_GAIN_5G_BAND2} -DNRF70_ANT_GAIN_5G_BAND3=${CONFIG_NRF70_ANT_GAIN_5G_BAND3} + -DNRF_WIFI_PS_INT_PS=${CONFIG_NRF_WIFI_PS_INT_PS} + -DNRF_WIFI_RPU_RECOVERY_PS_ACTIVE_TIMEOUT_MS=${CONFIG_NRF_WIFI_RPU_RECOVERY_PS_ACTIVE_TIMEOUT_MS} ) diff --git a/drivers/wifi/nrfwifi/Kconfig.nrfwifi b/drivers/wifi/nrfwifi/Kconfig.nrfwifi index bccb48b8576e..36935ed8ba11 100644 --- a/drivers/wifi/nrfwifi/Kconfig.nrfwifi +++ b/drivers/wifi/nrfwifi/Kconfig.nrfwifi @@ -62,13 +62,15 @@ config NRF70_SYSTEM_MODE config NRF70_SCAN_ONLY bool "nRF70 scan only mode" - depends on WIFI_NRF7000 help Select this option to enable scan only mode of the nRF70 driver config NRF70_RADIO_TEST bool "Radio test mode of the nRF70 driver" +config NRF70_OFFLOADED_RAW_TX + bool "Offloaded raw Tx mode of the nRF70 driver" + config NRF70_SYSTEM_WITH_RAW_MODES bool "nRF70 system mode with raw modes" depends on WIFI_NRF7002 || WIFI_NRF7001 @@ -83,7 +85,7 @@ config NRF70_SYSTEM_MODE_COMMON default y if NRF70_SYSTEM_MODE || NRF70_SYSTEM_WITH_RAW_MODES config NET_L2_ETHERNET - default y if !NRF70_RADIO_TEST + default y if (!NRF70_RADIO_TEST && !NRF70_OFFLOADED_RAW_TX) config HEAP_MEM_POOL_ADD_SIZE_NRF70 # Use a maximum that works for typical usecases and boards, each sample/app can override @@ -511,8 +513,8 @@ config WIFI_FIXED_MAC_ADDRESS choice prompt "Wi-Fi MAC address type" - default WIFI_OTP_MAC_ADDRESS if WIFI_FIXED_MAC_ADDRESS = "" default WIFI_FIXED_MAC_ADDRESS_ENABLED if WIFI_FIXED_MAC_ADDRESS != "" + default WIFI_OTP_MAC_ADDRESS help Select the type of MAC address to be used by the Wi-Fi driver @@ -567,6 +569,12 @@ config NET_TC_TX_COUNT endif # NETWORKING +# nRF70 now uses variable buffers as default to optimize RAM usage. Default pool sizes are used, samples/apps can override +# for higher performance. +choice NET_PKT_DATA_ALLOC_TYPE + default NET_BUF_VARIABLE_DATA_SIZE +endchoice + config MAIN_STACK_SIZE default 4096 @@ -652,6 +660,7 @@ config NRF_WIFI_AP_DEAD_DETECT_TIMEOUT config NRF_WIFI_RPU_RECOVERY bool "RPU recovery mechanism" + depends on NRF_WIFI_LOW_POWER select EXPERIMENTAL help Enable RPU recovery mechanism to recover from RPU (nRF70) hang. @@ -664,7 +673,7 @@ if NRF_WIFI_RPU_RECOVERY config NRF_WIFI_RPU_RECOVERY_PROPAGATION_DELAY_MS int "RPU recovery propagation delay in milliseconds" - default 10 + default 2000 help Propagation delay in milliseconds to wait after RPU is powered down before powering it up. This delay is required to ensure that the recovery @@ -674,6 +683,66 @@ config NRF_WIFI_RPU_RECOVERY_PROPAGATION_DELAY_MS config NET_MGMT_EVENT_QUEUE_SIZE # Doing interface down and up even with delay puts a lot of events in the queue default 16 + +config NRF_WIFI_RPU_RECOVERY_PROPAGATION_DELAY_MS + int "RPU recovery propagation delay in milliseconds" + default 10 + help + Propagation delay in milliseconds to wait after RPU is powered down + before powering it up. This delay is required to ensure that the recovery + is propagated to all the applications and stack and have enough time to + clean up the resources. + +config NRF_WIFI_RPU_RECOVERY_PS_ACTIVE_TIMEOUT_MS + int "RPU recovery power save active timeout in milliseconds" + default 50000 + help + Power save active timeout in milliseconds after which RPU recovery + mechanism will be triggered. This timeout is used to ensure that the + RPU attempts to enter power save mode in case of inactivity. + +config NRF_WIFI_RPU_MIN_TIME_TO_ENTER_SLEEP_MS + int "Minimum idle time to enter sleep in milliseconds" + range 100 5000 + default 1000 + help + Minimum time the host should de-assert WAKEUP_NOW and let RPU enter + sleep mode, assuming there is no activity. + +config NRF_WIFI_RPU_RECOVERY_DEBUG + bool "RPU recovery debug logs" + help + Enable RPU recovery debug logs to help debug RPU recovery mechanism. + +config NRF_WIFI_RPU_RECOVERY_QUIET_PERIOD_MS + int "RPU recovery quiet period in milliseconds" + default 5000 + help + Quiet period in milliseconds after RPU recovery is triggered. During + this period, no new RPU recovery will be triggered. + +config NRF_WIFI_RPU_RECOVERY_MAX_RETRIES + int "Maximum number of consecutive RPU recovery retries, 0 to disable" + default 0 + help + Maximum number of consecutive RPU recovery retries before giving up + and resetting the system. Set to 0 to keep retrying indefinitely. + +config NRF_WIFI_RPU_RECOVERY_RETRY_WINDOW_S + int "RPU recovery retry window in seconds" + default 900 + help + Window in seconds during which the number of consecutive RPU recovery + retries are counted. If the number of consecutive RPU recovery retries + exceeds NRF_WIFI_RPU_RECOVERY_MAX_RETRIES within this window, the system + will be reset. + +config NRF_WIFI_RPU_RECOVERY_PS_STATE_DEBUG + bool "RPU recovery power save state debug logs" + help + Enable RPU recovery power save state debug logs to help debug RPU recovery mechanism. + + endif # NRF_WIFI_RPU_RECOVERY config NRF_WIFI_FEAT_WMM @@ -705,4 +774,57 @@ config NRF_WIFI_QOS_NULL_BASED_RETRIEVAL endchoice +config NRF_WIFI_MGMT_BUFF_OFFLOAD + bool "management buffer offload" + default y + help + This option offloads the refilling of management buffers to UMAC, saves host + having to exchange commands and events for every management packet even if it is + consumed by UMAC. + +config NRF_WIFI_FEAT_KEEPALIVE + bool "Wi-Fi keepalive feature for connection maintenance" + depends on NRF70_STA_MODE + help + Enable Wi-Fi keepalive feature to keep the connection alive by sending + keepalive packets to the AP. Primarily intended to interoperate with APs + that disconnect idle clients without any explicit checks. Slightly increases + power consumption. + +if NRF_WIFI_FEAT_KEEPALIVE +config NRF_WIFI_KEEPALIVE_PERIOD_S + int "Keepalive period in seconds" + range 30 3600 + default 60 + help + Keepalive period in seconds to send keepalive packets to the AP. +endif + +choice NRF_WIFI_PS_EXIT_STRATEGY + prompt "Power save exit strategy" + default NRF_WIFI_PS_INT_PS + help + Select the power save exit strategy to retrieve buffered data from AP. + +config NRF_WIFI_PS_EXIT_EVERY_TIM + bool "Exit power save every time to retrieve buffered data from AP" + help + Exit power save every time to retrieve buffered data from AP. Entering back to + power save mode might take some time and power. + +config NRF_WIFI_PS_INT_PS + bool "Exit power save based on an intelligent algorithm" + help + Exit power save based on an intelligent algorithm to retrieve buffered data from AP. + The algorithm tracks the buffered data at the AP and then dynamically decides + whether to stay in PS (for lower amount of buffered data) or exit PS (for higher + amount of buffered data). +endchoice + +config NRF70_PASSIVE_SCAN_ONLY + bool "Forced Passive scan" + depends on NRF70_SCAN_ONLY + help + Enable this configuration to force passive scan on all channels. + This will override application specified scan type. endif # WIFI_NRF70 diff --git a/drivers/wifi/nrfwifi/inc/fmac_main.h b/drivers/wifi/nrfwifi/inc/fmac_main.h index 92bc2ac28f84..57d4b8b9df54 100644 --- a/drivers/wifi/nrfwifi/inc/fmac_main.h +++ b/drivers/wifi/nrfwifi/inc/fmac_main.h @@ -34,6 +34,7 @@ #define NRF70_DRIVER_VERSION "1."KERNEL_VERSION_STRING +#ifndef CONFIG_NRF70_OFFLOADED_RAW_TX #ifndef CONFIG_NRF70_RADIO_TEST struct nrf_wifi_vif_ctx_zep { const struct device *zep_dev_ctx; @@ -108,6 +109,11 @@ struct nrf_wifi_ctx_zep { unsigned char *extended_capa, *extended_capa_mask; unsigned int extended_capa_len; struct k_mutex rpu_lock; +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY + bool rpu_recovery_in_progress; + unsigned long last_rpu_recovery_time_ms; + unsigned int rpu_recovery_retries; +#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ }; struct nrf_wifi_drv_priv_zep { @@ -119,6 +125,7 @@ struct nrf_wifi_drv_priv_zep { extern struct nrf_wifi_drv_priv_zep rpu_drv_priv_zep; void nrf_wifi_scan_timeout_work(struct k_work *work); + void configure_tx_pwr_settings(struct nrf_wifi_tx_pwr_ctrl_params *tx_pwr_ctrl_params, struct nrf_wifi_tx_pwr_ceil_params *tx_pwr_ceil_params); void configure_board_dep_params(struct nrf_wifi_board_params *board_params); @@ -126,6 +133,13 @@ void set_tx_pwr_ceil_default(struct nrf_wifi_tx_pwr_ceil_params *pwr_ceil_params const char *nrf_wifi_get_drv_version(void); enum nrf_wifi_status nrf_wifi_fmac_dev_add_zep(struct nrf_wifi_drv_priv_zep *drv_priv_zep); enum nrf_wifi_status nrf_wifi_fmac_dev_rem_zep(struct nrf_wifi_drv_priv_zep *drv_priv_zep); +struct nrf_wifi_vif_ctx_zep *nrf_wifi_get_vif_ctx(struct net_if *iface); +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY +void nrf_wifi_rpu_recovery_cb(void *vif_ctx, + void *event_data, + unsigned int event_len); +#endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ +#endif /* !CONFIG_NRF70_OFFLOADED_RAW_TX */ #ifdef CONFIG_NRF_WIFI_BUILD_ONLY_MODE inline enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx) { @@ -136,9 +150,4 @@ inline enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx) #else enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx); #endif /* CONFIG_NRF_WIFI_BUILD_ONLY_MODE */ -struct nrf_wifi_vif_ctx_zep *nrf_wifi_get_vif_ctx(struct net_if *iface); -void nrf_wifi_rpu_recovery_cb(void *vif_ctx, - void *event_data, - unsigned int event_len); - #endif /* __ZEPHYR_FMAC_MAIN_H__ */ diff --git a/drivers/wifi/nrfwifi/off_raw_tx/inc/off_raw_tx.h b/drivers/wifi/nrfwifi/off_raw_tx/inc/off_raw_tx.h new file mode 100644 index 000000000000..1cb6e2584621 --- /dev/null +++ b/drivers/wifi/nrfwifi/off_raw_tx/inc/off_raw_tx.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/** + * @brief File containing internal structures for the offloaded raw TX feature in the driver. + */ + +#include "fmac_structs_common.h" +#include "osal_api.h" + +struct nrf_wifi_ctx_zep { + void *drv_priv_zep; + void *rpu_ctx; + uint8_t mac_addr[6]; +}; + + +struct nrf_wifi_off_raw_tx_drv_priv { + struct nrf_wifi_fmac_priv *fmac_priv; + /* TODO: Replace with a linked list to handle unlimited RPUs */ + struct nrf_wifi_ctx_zep rpu_ctx_zep; + struct k_spinlock lock; +}; + +enum nrf_wifi_status nrf_wifi_fw_load(void *rpu_ctx); diff --git a/drivers/wifi/nrfwifi/off_raw_tx/src/off_raw_tx_api.c b/drivers/wifi/nrfwifi/off_raw_tx/src/off_raw_tx_api.c new file mode 100644 index 000000000000..520814865d68 --- /dev/null +++ b/drivers/wifi/nrfwifi/off_raw_tx/src/off_raw_tx_api.c @@ -0,0 +1,483 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ + +/** + * @brief File containing API definitions for the Offloaded raw TX feature. + */ + +#include +#include +#include +#include +#include +#include +#include + +#define DT_DRV_COMPAT nordic_wlan +LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF70_LOG_LEVEL); + +struct nrf_wifi_off_raw_tx_drv_priv off_raw_tx_drv_priv; +extern const struct nrf_wifi_osal_ops nrf_wifi_os_zep_ops; + +static const int valid_data_rates[] = { 1, 2, 55, 11, 6, 9, 12, 18, 24, 36, 48, 54, + 0, 1, 2, 3, 4, 5, 6, 7, -1 }; + +/* DTS uses 1dBm as the unit for TX power, while the RPU uses 0.25dBm */ +#define MAX_TX_PWR(label) DT_PROP(DT_NODELABEL(nrf70), label) * 4 +static void configure_tx_pwr_settings(struct nrf_wifi_tx_pwr_ctrl_params *ctrl_params, + struct nrf_wifi_tx_pwr_ceil_params *ceil_params) +{ + ctrl_params->ant_gain_2g = CONFIG_NRF70_ANT_GAIN_2G; + ctrl_params->ant_gain_5g_band1 = CONFIG_NRF70_ANT_GAIN_5G_BAND1; + ctrl_params->ant_gain_5g_band2 = CONFIG_NRF70_ANT_GAIN_5G_BAND2; + ctrl_params->ant_gain_5g_band3 = CONFIG_NRF70_ANT_GAIN_5G_BAND3; + ctrl_params->band_edge_2g_lo_dss = CONFIG_NRF70_BAND_2G_LOWER_EDGE_BACKOFF_DSSS; + ctrl_params->band_edge_2g_lo_ht = CONFIG_NRF70_BAND_2G_LOWER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_2g_lo_he = CONFIG_NRF70_BAND_2G_LOWER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_2g_hi_dsss = CONFIG_NRF70_BAND_2G_UPPER_EDGE_BACKOFF_DSSS; + ctrl_params->band_edge_2g_hi_ht = CONFIG_NRF70_BAND_2G_UPPER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_2g_hi_he = CONFIG_NRF70_BAND_2G_UPPER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_1_lo_ht = + CONFIG_NRF70_BAND_UNII_1_LOWER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_1_lo_he = + CONFIG_NRF70_BAND_UNII_1_LOWER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_1_hi_ht = + CONFIG_NRF70_BAND_UNII_1_UPPER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_1_hi_he = + CONFIG_NRF70_BAND_UNII_1_UPPER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_2a_lo_ht = + CONFIG_NRF70_BAND_UNII_2A_LOWER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_2a_lo_he = + CONFIG_NRF70_BAND_UNII_2A_LOWER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_2a_hi_ht = + CONFIG_NRF70_BAND_UNII_2A_UPPER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_2a_hi_he = + CONFIG_NRF70_BAND_UNII_2A_UPPER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_2c_lo_ht = + CONFIG_NRF70_BAND_UNII_2C_LOWER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_2c_lo_he = + CONFIG_NRF70_BAND_UNII_2C_LOWER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_2c_hi_ht = + CONFIG_NRF70_BAND_UNII_2C_UPPER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_2c_hi_he = + CONFIG_NRF70_BAND_UNII_2C_UPPER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_3_lo_ht = + CONFIG_NRF70_BAND_UNII_3_LOWER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_3_lo_he = + CONFIG_NRF70_BAND_UNII_3_LOWER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_3_hi_ht = + CONFIG_NRF70_BAND_UNII_3_UPPER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_3_hi_he = + CONFIG_NRF70_BAND_UNII_3_UPPER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_4_lo_ht = + CONFIG_NRF70_BAND_UNII_4_LOWER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_4_lo_he = + CONFIG_NRF70_BAND_UNII_4_LOWER_EDGE_BACKOFF_HE; + ctrl_params->band_edge_5g_unii_4_hi_ht = + CONFIG_NRF70_BAND_UNII_4_UPPER_EDGE_BACKOFF_HT; + ctrl_params->band_edge_5g_unii_4_hi_he = + CONFIG_NRF70_BAND_UNII_4_UPPER_EDGE_BACKOFF_HE; + ceil_params->max_pwr_2g_dsss = MAX_TX_PWR(wifi_max_tx_pwr_2g_dsss); + ceil_params->max_pwr_2g_mcs7 = MAX_TX_PWR(wifi_max_tx_pwr_2g_mcs7); + ceil_params->max_pwr_2g_mcs0 = MAX_TX_PWR(wifi_max_tx_pwr_2g_mcs0); +#ifndef CONFIG_NRF70_2_4G_ONLY + ceil_params->max_pwr_5g_low_mcs7 = MAX_TX_PWR(wifi_max_tx_pwr_5g_low_mcs7); + ceil_params->max_pwr_5g_mid_mcs7 = MAX_TX_PWR(wifi_max_tx_pwr_5g_mid_mcs7); + ceil_params->max_pwr_5g_high_mcs7 = MAX_TX_PWR(wifi_max_tx_pwr_5g_high_mcs7); + ceil_params->max_pwr_5g_low_mcs0 = MAX_TX_PWR(wifi_max_tx_pwr_5g_low_mcs0); + ceil_params->max_pwr_5g_mid_mcs0 = MAX_TX_PWR(wifi_max_tx_pwr_5g_mid_mcs0); + ceil_params->max_pwr_5g_high_mcs0 = MAX_TX_PWR(wifi_max_tx_pwr_5g_high_mcs0); +#endif /* CONFIG_NRF70_2_4G_ONLY */ +} + +static void configure_board_dep_params(struct nrf_wifi_board_params *board_params) +{ + board_params->pcb_loss_2g = CONFIG_NRF70_PCB_LOSS_2G; +#ifndef CONFIG_NRF70_2_4G_ONLY + board_params->pcb_loss_5g_band1 = CONFIG_NRF70_PCB_LOSS_5G_BAND1; + board_params->pcb_loss_5g_band2 = CONFIG_NRF70_PCB_LOSS_5G_BAND2; + board_params->pcb_loss_5g_band3 = CONFIG_NRF70_PCB_LOSS_5G_BAND3; +#endif /* CONFIG_NRF70_2_4G_ONLY */ +} + +#ifdef CONFIG_WIFI_FIXED_MAC_ADDRESS_ENABLED +static int bytes_from_str(uint8_t *buf, int buf_len, const char *src) +{ + size_t i; + size_t src_len = strlen(src); + char *endptr; + + for (i = 0U; i < src_len; i++) { + if (!isxdigit((unsigned char)src[i]) && + src[i] != ':') { + return -EINVAL; + } + } + + (void)memset(buf, 0, buf_len); + + for (i = 0U; i < (size_t)buf_len; i++) { + buf[i] = (uint8_t)strtol(src, &endptr, 16); + src = ++endptr; + } + + return 0; +} +#endif /* CONFIG_WIFI_FIXED_MAC_ADDRESS_ENABLED */ + +int nrf70_off_raw_tx_init(uint8_t *mac_addr, unsigned char *country_code) +{ + enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; + struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; + void *rpu_ctx = NULL; + struct nrf_wifi_tx_pwr_ctrl_params ctrl_params; + struct nrf_wifi_tx_pwr_ceil_params ceil_params; + struct nrf_wifi_board_params board_params; + unsigned int fw_ver = 0; + k_spinlock_key_t key; + + /* The OSAL layer needs to be initialized before any other initialization + * so that other layers (like FW IF,HW IF etc) have access to OS ops + */ + nrf_wifi_osal_init(&nrf_wifi_os_zep_ops); + + key = k_spin_lock(&off_raw_tx_drv_priv.lock); + + off_raw_tx_drv_priv.fmac_priv = nrf_wifi_fmac_off_raw_tx_init(); + + if (off_raw_tx_drv_priv.fmac_priv == NULL) { + LOG_ERR("%s: Failed to initialize nRF70 driver", + __func__); + goto err; + } + + rpu_ctx_zep = &off_raw_tx_drv_priv.rpu_ctx_zep; + + rpu_ctx_zep->drv_priv_zep = &off_raw_tx_drv_priv; + + rpu_ctx = nrf_wifi_fmac_dev_add(off_raw_tx_drv_priv.fmac_priv, + rpu_ctx_zep); + if (!rpu_ctx) { + LOG_ERR("%s: Failed to add nRF70 device", __func__); + rpu_ctx_zep = NULL; + goto err; + } + + rpu_ctx_zep->rpu_ctx = rpu_ctx; + + status = nrf_wifi_fw_load(rpu_ctx); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: Failed to load the nRF70 firmware patch", __func__); + goto err; + } + + status = nrf_wifi_fmac_ver_get(rpu_ctx, + &fw_ver); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: Failed to read the nRF70 firmware version", __func__); + goto err; + } + + LOG_DBG("nRF70 firmware (v%d.%d.%d.%d) booted successfully", + NRF_WIFI_UMAC_VER(fw_ver), + NRF_WIFI_UMAC_VER_MAJ(fw_ver), + NRF_WIFI_UMAC_VER_MIN(fw_ver), + NRF_WIFI_UMAC_VER_EXTRA(fw_ver)); + + memset(&ctrl_params, 0, sizeof(ctrl_params)); + memset(&ceil_params, 0, sizeof(ceil_params)); + + configure_tx_pwr_settings(&ctrl_params, + &ceil_params); + + memset(&board_params, 0, sizeof(board_params)); + + configure_board_dep_params(&board_params); + + status = nrf_wifi_fmac_off_raw_tx_dev_init(rpu_ctx_zep->rpu_ctx, +#ifdef CONFIG_NRF_WIFI_LOW_POWER + HW_SLEEP_ENABLE, +#endif /* CONFIG_NRF_WIFI_LOW_POWER */ + NRF_WIFI_DEF_PHY_CALIB, + CONFIG_NRF_WIFI_OP_BAND, + IS_ENABLED(CONFIG_NRF_WIFI_BEAMFORMING), + &ctrl_params, + &ceil_params, + &board_params, + country_code); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: nRF70 firmware initialization failed", __func__); + goto err; + } + + if (mac_addr) { + memcpy(rpu_ctx_zep->mac_addr, mac_addr, 6); + } else { +#ifdef CONFIG_WIFI_FIXED_MAC_ADDRESS_ENABLED + int ret = -1; + + ret = bytes_from_str(rpu_ctx_zep->mac_addr, + 6, + CONFIG_WIFI_FIXED_MAC_ADDRESS); + if (ret < 0) { + LOG_ERR("%s: Failed to parse MAC address: %s", + __func__, + CONFIG_WIFI_FIXED_MAC_ADDRESS); + goto err; + } +#elif CONFIG_WIFI_OTP_MAC_ADDRESS + status = nrf_wifi_fmac_otp_mac_addr_get(off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx, + 0, + rpu_ctx_zep->mac_addr); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: Fetching of MAC address from OTP failed", + __func__); + goto err; + } +#endif /* CONFIG_WIFI_FIXED_MAC_ADDRESS_ENABLED */ + + if (!nrf_wifi_utils_is_mac_addr_valid(rpu_ctx_zep->mac_addr)) { + LOG_ERR("%s: Invalid MAC address: %02X:%02X:%02X:%02X:%02X:%02X", + __func__, + rpu_ctx_zep->mac_addr[0], + rpu_ctx_zep->mac_addr[1], + rpu_ctx_zep->mac_addr[2], + rpu_ctx_zep->mac_addr[3], + rpu_ctx_zep->mac_addr[4], + rpu_ctx_zep->mac_addr[5]); + goto err; + } + } + + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + + return 0; +err: + if (rpu_ctx) { + nrf_wifi_fmac_off_raw_tx_dev_rem(rpu_ctx); + rpu_ctx_zep->rpu_ctx = NULL; + } + + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + nrf70_off_raw_tx_deinit(); + return -1; +} + + +void nrf70_off_raw_tx_deinit(void) +{ + k_spinlock_key_t key; + + key = k_spin_lock(&off_raw_tx_drv_priv.lock); + + if (!off_raw_tx_drv_priv.fmac_priv) { + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + return; + } + + nrf_wifi_fmac_off_raw_tx_deinit(off_raw_tx_drv_priv.fmac_priv); + nrf_wifi_osal_deinit(); + + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); +} + +static bool validate_rate(enum nrf_wifi_off_raw_tx_tput_mode tput_mode, + enum nrf_wifi_off_raw_tx_rate rate) +{ + if (tput_mode == TPUT_MODE_LEGACY) { + if (rate > RATE_54M) { + return false; + } + } else { + if (rate <= RATE_54M) { + return false; + } + } + + return true; +} + +int nrf70_off_raw_tx_conf_update(struct nrf_wifi_off_raw_tx_conf *conf) +{ + int ret = -1; + enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; + struct nrf_wifi_offload_ctrl_params *off_ctrl_params = NULL; + struct nrf_wifi_offload_tx_ctrl *off_tx_params = NULL; + struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; + k_spinlock_key_t key; + + if (!conf) { + LOG_ERR("%s: Config params is NULL", __func__); + goto out; + } + + off_ctrl_params = nrf_wifi_osal_mem_zalloc(sizeof(*off_ctrl_params)); + if (!off_ctrl_params) { + LOG_ERR("%s: Failed to allocate memory for off_ctrl_params", __func__); + goto out; + } + + key = k_spin_lock(&off_raw_tx_drv_priv.lock); + + fmac_dev_ctx = off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx; + + if (!fmac_dev_ctx) { + LOG_ERR("%s: FMAC device context is NULL", __func__); + goto out; + } + + off_tx_params = nrf_wifi_osal_mem_zalloc(sizeof(*off_tx_params)); + if (!off_tx_params) { + LOG_ERR("%s Failed to allocate memory for off_tx_params: ", __func__); + goto out; + } + + if (!validate_rate(conf->tput_mode, conf->rate)) { + LOG_ERR("%s Invalid rate. Throughput mode: %d, rate: %d\n", __func__, + conf->tput_mode, conf->rate); + goto out; + } + + off_ctrl_params->channel_no = conf->chan; + off_ctrl_params->period_in_us = conf->period_us; + off_ctrl_params->tx_pwr = conf->tx_pwr; + off_tx_params->he_gi_type = conf->he_gi; + off_tx_params->he_ltf = conf->he_ltf; + off_tx_params->pkt_ram_ptr = RPU_MEM_PKT_BASE; + off_tx_params->pkt_length = conf->pkt_len; + off_tx_params->rate_flags = conf->tput_mode; + off_tx_params->rate = valid_data_rates[conf->rate]; + off_tx_params->rate_preamble_type = conf->short_preamble; + off_tx_params->rate_retries = conf->num_retries; + + status = hal_rpu_mem_write(fmac_dev_ctx->hal_dev_ctx, + RPU_MEM_PKT_BASE, + conf->pkt, + conf->pkt_len); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: hal_rpu_mem_write failed", __func__); + goto out; + } + + status = nrf_wifi_fmac_off_raw_tx_conf(fmac_dev_ctx, + off_ctrl_params, + off_tx_params); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: nRF70 offloaded raw TX configuration failed", + __func__); + goto out; + } + + ret = 0; +out: + nrf_wifi_osal_mem_free(off_ctrl_params); + nrf_wifi_osal_mem_free(off_tx_params); + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + return ret; +} + + +int nrf70_off_raw_tx_start(struct nrf_wifi_off_raw_tx_conf *conf) +{ + int ret = -1; + enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; + k_spinlock_key_t key; + + status = nrf70_off_raw_tx_conf_update(conf); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: nRF70 offloaded raw TX configuration failed", + __func__); + goto out; + } + + key = k_spin_lock(&off_raw_tx_drv_priv.lock); + if (!off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx) { + LOG_ERR("%s: FMAC device context is NULL", __func__); + goto out; + } + + status = nrf_wifi_fmac_off_raw_tx_start(off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: nRF70 offloaded raw TX start failed", + __func__); + goto out; + } + + ret = 0; +out: + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + return ret; +} + + +int nrf70_off_raw_tx_stop(void) +{ + int ret = -1; + enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; + k_spinlock_key_t key; + + key = k_spin_lock(&off_raw_tx_drv_priv.lock); + + if (!off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx) { + LOG_ERR("%s: FMAC device context is NULL", __func__); + goto out; + } + + status = nrf_wifi_fmac_off_raw_tx_stop(off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: nRF70 offloaded raw TX stop failed", + __func__); + goto out; + } + + ret = 0; +out: + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + return ret; +} + + +int nrf70_off_raw_tx_mac_addr_get(uint8_t *mac_addr) +{ + if (!mac_addr) { + LOG_ERR("%s: Invalid param", __func__); + return -EINVAL; + } + + memcpy(mac_addr, off_raw_tx_drv_priv.rpu_ctx_zep.mac_addr, 6); + return 0; +} + +int nrf70_off_raw_tx_stats(struct nrf_wifi_off_raw_tx_stats *off_raw_tx_stats) +{ + int ret = -1; + enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; + struct rpu_op_stats stats; + k_spinlock_key_t key; + + memset(&stats, 0, sizeof(struct rpu_op_stats)); + + key = k_spin_lock(&off_raw_tx_drv_priv.lock); + + if (!off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx) { + LOG_ERR("%s: FMAC device context is NULL", __func__); + goto out; + } + + status = nrf_wifi_fmac_stats_get(off_raw_tx_drv_priv.rpu_ctx_zep.rpu_ctx, 0, &stats); + if (status != NRF_WIFI_STATUS_SUCCESS) { + LOG_ERR("%s: nRF70 offloaded raw TX stats failed", + __func__); + goto out; + } + + off_raw_tx_stats->off_raw_tx_pkt_sent = stats.fw.offloaded_raw_tx.offload_raw_tx_cnt; + + ret = 0; +out: + k_spin_unlock(&off_raw_tx_drv_priv.lock, key); + return ret; +} diff --git a/drivers/wifi/nrfwifi/src/fmac_main.c b/drivers/wifi/nrfwifi/src/fmac_main.c index 5c0e4f336e62..f2f7ba413407 100644 --- a/drivers/wifi/nrfwifi/src/fmac_main.c +++ b/drivers/wifi/nrfwifi/src/fmac_main.c @@ -252,7 +252,7 @@ static void nrf_wifi_process_rssi_from_rx(void *vif_ctx, rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; - if (!rpu_ctx_zep) { + if (!(rpu_ctx_zep && rpu_ctx_zep->rpu_ctx)) { LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); return; } @@ -453,6 +453,8 @@ void reg_change_callbk_fn(void *vif_ctx, struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; + LOG_DBG("%s: Regulatory change event received", __func__); + vif_ctx_zep = vif_ctx; if (!vif_ctx_zep) { @@ -472,6 +474,12 @@ void reg_change_callbk_fn(void *vif_ctx, return; } + if (!fmac_dev_ctx->waiting_for_reg_event) { + LOG_DBG("%s: Unsolicited regulatory change event", __func__); + /* TODO: Handle unsolicited regulatory change event */ + return; + } + fmac_dev_ctx->reg_change = k_malloc(sizeof(struct nrf_wifi_event_regulatory_change)); if (!fmac_dev_ctx->reg_change) { LOG_ERR("%s: Failed to allocate memory for reg_change", __func__); @@ -636,7 +644,8 @@ enum nrf_wifi_status nrf_wifi_fmac_dev_add_zep(struct nrf_wifi_drv_priv_zep *drv IS_ENABLED(CONFIG_NRF_WIFI_BEAMFORMING), &tx_pwr_ctrl_params, &tx_pwr_ceil_params, - &board_params); + &board_params, + STRINGIFY(CONFIG_NRF70_REG_DOMAIN)); #else status = nrf_wifi_fmac_dev_init(rpu_ctx_zep->rpu_ctx, #ifdef CONFIG_NRF_WIFI_LOW_POWER @@ -647,7 +656,8 @@ enum nrf_wifi_status nrf_wifi_fmac_dev_add_zep(struct nrf_wifi_drv_priv_zep *drv IS_ENABLED(CONFIG_NRF_WIFI_BEAMFORMING), &tx_pwr_ctrl_params, &tx_pwr_ceil_params, - &board_params); + &board_params, + STRINGIFY(CONFIG_NRF70_REG_DOMAIN)); #endif /* CONFIG_NRF70_RADIO_TEST */ @@ -656,8 +666,6 @@ enum nrf_wifi_status nrf_wifi_fmac_dev_add_zep(struct nrf_wifi_drv_priv_zep *drv goto err; } - k_mutex_init(&rpu_ctx_zep->rpu_lock); - return status; err: if (rpu_ctx) { @@ -717,7 +725,7 @@ static int nrf_wifi_drv_main_zep(const struct device *dev) callbk_fns.if_carr_state_chg_callbk_fn = nrf_wifi_if_carr_state_chg; callbk_fns.rx_frm_callbk_fn = nrf_wifi_if_rx_frm; #if defined(CONFIG_NRF70_RAW_DATA_RX) || defined(CONFIG_NRF70_PROMISC_DATA_RX) - callbk_fns.rx_sniffer_frm_callbk_fn = nrf_wifi_if_sniffer_rx_frm; + callbk_fns.sniffer_callbk_fn = nrf_wifi_if_sniffer_rx_frm; #endif /* CONFIG_NRF70_RAW_DATA_RX || CONFIG_NRF70_PROMISC_DATA_RX */ #endif rx_buf_pools[0].num_bufs = rx1_num_bufs; @@ -816,6 +824,7 @@ static int nrf_wifi_drv_main_zep(const struct device *dev) nrf_wifi_scan_timeout_work); #endif /* CONFIG_NRF70_RADIO_TEST */ + k_mutex_init(&rpu_drv_priv_zep.rpu_ctx_zep.rpu_lock); return 0; #ifdef CONFIG_NRF70_RADIO_TEST fmac_deinit: diff --git a/drivers/wifi/nrfwifi/src/net_if.c b/drivers/wifi/nrfwifi/src/net_if.c index 4d4125e8c8ae..b8ca8915ff4c 100644 --- a/drivers/wifi/nrfwifi/src/net_if.c +++ b/drivers/wifi/nrfwifi/src/net_if.c @@ -18,6 +18,8 @@ #include LOG_MODULE_DECLARE(wifi_nrf, CONFIG_WIFI_NRF70_LOG_LEVEL); +#include + #include "net_private.h" #include "util.h" @@ -71,6 +73,7 @@ static void nrf_wifi_rpu_recovery_work_handler(struct k_work *work) struct nrf_wifi_vif_ctx_zep, nrf_wifi_rpu_recovery_work); struct nrf_wifi_ctx_zep *rpu_ctx_zep = NULL; + int ret; if (!vif_ctx_zep) { LOG_ERR("%s: vif_ctx_zep is NULL", __func__); @@ -88,14 +91,79 @@ static void nrf_wifi_rpu_recovery_work_handler(struct k_work *work) return; } + if (rpu_ctx_zep->rpu_recovery_in_progress) { +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY_DEBUG + LOG_ERR("%s: RPU recovery already in progress", __func__); +#else + LOG_DBG("%s: RPU recovery already in progress", __func__); +#endif + return; + } + + if (rpu_ctx_zep->last_rpu_recovery_time_ms && + ((k_uptime_get() - rpu_ctx_zep->last_rpu_recovery_time_ms) < + CONFIG_NRF_WIFI_RPU_RECOVERY_QUIET_PERIOD_MS)) { +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY_DEBUG + LOG_ERR("%s: In quiet period (last_rpu_recovery_time_ms=%ld), ignoring", + __func__, rpu_ctx_zep->last_rpu_recovery_time_ms); +#else + LOG_DBG("%s: In quiet period (last_rpu_recovery_time_ms=%ld), ignoring", + __func__, rpu_ctx_zep->last_rpu_recovery_time_ms); +#endif + return; + } + +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY_DEBUG + LOG_ERR("%s: Starting RPU recovery", __func__); +#else + LOG_DBG("%s: Starting RPU recovery", __func__); +#endif k_mutex_lock(&rpu_ctx_zep->rpu_lock, K_FOREVER); +#if CONFIG_NRF_WIFI_RPU_RECOVERY_MAX_RETRIES > 0 + if (!rpu_ctx_zep->last_rpu_recovery_time_ms || + (k_uptime_get() - rpu_ctx_zep->last_rpu_recovery_time_ms) < + CONFIG_NRF_WIFI_RPU_RECOVERY_RETRY_WINDOW_S * MSEC_PER_SEC) { + if (rpu_ctx_zep->rpu_recovery_retries >= + CONFIG_NRF_WIFI_RPU_RECOVERY_MAX_RETRIES) { + LOG_ERR("%s: Maximum recovery retries reached, rebooting system", + __func__); + sys_reboot(SYS_REBOOT_COLD); + } + rpu_ctx_zep->rpu_recovery_retries++; + } else { + rpu_ctx_zep->rpu_recovery_retries = 0; + } +#endif + rpu_ctx_zep->rpu_recovery_in_progress = true; +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY_DEBUG + LOG_ERR("%s: Bringing the interface down", __func__); +#else LOG_DBG("%s: Bringing the interface down", __func__); +#endif /* This indirectly does a cold-boot of RPU */ - net_if_down(vif_ctx_zep->zep_net_if_ctx); + ret = net_if_down(vif_ctx_zep->zep_net_if_ctx); + if (ret) { + LOG_ERR("%s: net_if_down failed: %d", __func__, ret); + /* Continue with the recovery */ + } k_msleep(CONFIG_NRF_WIFI_RPU_RECOVERY_PROPAGATION_DELAY_MS); +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY_DEBUG + LOG_ERR("%s: Bringing the interface up", __func__); +#else LOG_DBG("%s: Bringing the interface up", __func__); - net_if_up(vif_ctx_zep->zep_net_if_ctx); +#endif + ret = net_if_up(vif_ctx_zep->zep_net_if_ctx); + if (ret) { + LOG_ERR("%s: net_if_up failed: %d", __func__, ret); + } + rpu_ctx_zep->rpu_recovery_in_progress = false; + rpu_ctx_zep->last_rpu_recovery_time_ms = k_uptime_get(); k_mutex_unlock(&rpu_ctx_zep->rpu_lock); +#ifdef CONFIG_NRF_WIFI_RPU_RECOVERY_DEBUG + LOG_ERR("%s: RPU recovery done", __func__); +#else + LOG_DBG("%s: RPU recovery done", __func__); +#endif } void nrf_wifi_rpu_recovery_cb(void *vif_ctx_handle, @@ -372,7 +440,7 @@ static void ip_maddr_event_handler(struct net_if *iface, ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); if (ret != 0) { LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; + return; } rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; @@ -387,7 +455,7 @@ static void ip_maddr_event_handler(struct net_if *iface, if (!mcast_info) { LOG_ERR("%s: Unable to allocate memory of size %d " "for mcast_info", __func__, sizeof(*mcast_info)); - return; + goto unlock; } switch (addr->family) { @@ -424,9 +492,8 @@ static void ip_maddr_event_handler(struct net_if *iface, sizeof(mac_string_buf))); } unlock: - k_mutex_unlock(&vif_ctx_zep->vif_lock); -out: k_free(mcast_info); + k_mutex_unlock(&vif_ctx_zep->vif_lock); } #endif /* CONFIG_NRF70_STA_MODE */ @@ -802,14 +869,14 @@ int nrf_wifi_if_stop_zep(const struct device *dev) ret = k_mutex_lock(&vif_ctx_zep->vif_lock, K_FOREVER); if (ret != 0) { LOG_ERR("%s: Failed to lock vif_lock", __func__); - goto out; + goto unlock; } rpu_ctx_zep = vif_ctx_zep->rpu_ctx_zep; if (!rpu_ctx_zep) { LOG_ERR("%s: rpu_ctx_zep is NULL", __func__); - goto out; + goto unlock; } #ifdef CONFIG_NRF70_STA_MODE @@ -821,7 +888,6 @@ int nrf_wifi_if_stop_zep(const struct device *dev) if (status != NRF_WIFI_STATUS_SUCCESS) { LOG_ERR("%s: nrf_wifi_fmac_set_power_save failed", __func__); - goto unlock; } #endif /* CONFIG_NRF_WIFI_LOW_POWER */ #endif /* CONFIG_NRF70_STA_MODE */ @@ -840,7 +906,6 @@ int nrf_wifi_if_stop_zep(const struct device *dev) if (status != NRF_WIFI_STATUS_SUCCESS) { LOG_ERR("%s: nrf_wifi_fmac_chg_vif_state failed", __func__); - goto unlock; } status = nrf_wifi_fmac_del_vif(rpu_ctx_zep->rpu_ctx, @@ -849,11 +914,8 @@ int nrf_wifi_if_stop_zep(const struct device *dev) if (status != NRF_WIFI_STATUS_SUCCESS) { LOG_ERR("%s: nrf_wifi_fmac_del_vif failed", __func__); - goto unlock; } - vif_ctx_zep->if_op_state = NRF_WIFI_FMAC_IF_OP_STATE_DOWN; - if (nrf_wifi_fmac_get_num_vifs(rpu_ctx_zep->rpu_ctx) == 0) { nrf_wifi_fmac_dev_rem_zep(&rpu_drv_priv_zep); } diff --git a/drivers/wifi/nrfwifi/src/qspi/src/rpu_hw_if.c b/drivers/wifi/nrfwifi/src/qspi/src/rpu_hw_if.c index c5f909b4c3a2..6fac74123621 100644 --- a/drivers/wifi/nrfwifi/src/qspi/src/rpu_hw_if.c +++ b/drivers/wifi/nrfwifi/src/qspi/src/rpu_hw_if.c @@ -405,6 +405,31 @@ int rpu_clks_on(void) return 0; } +#define RPU_EXP_SIG 0x42000020 +/* Read a known value from RPU memory to validate RPU communication */ +int rpu_validate_comms(void) +{ + uint32_t rpu_test; + int ret; + + /* UCCP_SOC_FAB_MST_READ_IDLE - HW reset value */ + ret = rpu_read(0x0005C, &rpu_test, 4); + if (ret) { + LOG_ERR("Error: RPU comms test: read failed\n"); + return ret; + } + + if (rpu_test != RPU_EXP_SIG) { + LOG_ERR("Error: RPU comms test: sig failed: expected 0x%x, got 0x%x\n", + RPU_EXP_SIG, rpu_test); + return -1; + } + + LOG_DBG("RPU comms test passed\n"); + + return 0; +} + int rpu_init(void) { int ret; @@ -458,6 +483,11 @@ int rpu_enable(void) goto rpu_pwroff; } + ret = rpu_validate_comms(); + if (ret) { + goto rpu_pwroff; + } + return 0; rpu_pwroff: rpu_pwroff(); diff --git a/drivers/wifi/nrfwifi/src/shim.c b/drivers/wifi/nrfwifi/src/shim.c index 19660f727e7b..93cafa905c2e 100644 --- a/drivers/wifi/nrfwifi/src/shim.c +++ b/drivers/wifi/nrfwifi/src/shim.c @@ -116,7 +116,7 @@ static void zep_shim_qspi_cpy_to(void *priv, unsigned long addr, const void *src static void *zep_shim_spinlock_alloc(void) { - struct k_sem *lock = NULL; + struct k_mutex *lock = NULL; lock = k_malloc(sizeof(*lock)); @@ -134,27 +134,29 @@ static void zep_shim_spinlock_free(void *lock) static void zep_shim_spinlock_init(void *lock) { - k_sem_init(lock, 1, 1); + k_mutex_init(lock); } static void zep_shim_spinlock_take(void *lock) { - k_sem_take(lock, K_FOREVER); + k_mutex_lock(lock, K_FOREVER); } static void zep_shim_spinlock_rel(void *lock) { - k_sem_give(lock); + k_mutex_unlock(lock); } static void zep_shim_spinlock_irq_take(void *lock, unsigned long *flags) { - k_sem_take(lock, K_FOREVER); + ARG_UNUSED(flags); + k_mutex_lock(lock, K_FOREVER); } static void zep_shim_spinlock_irq_rel(void *lock, unsigned long *flags) { - k_sem_give(lock); + ARG_UNUSED(flags); + k_mutex_unlock(lock); } static int zep_shim_pr_dbg(const char *fmt, va_list args) @@ -235,6 +237,10 @@ static void *zep_shim_nbuf_alloc(unsigned int size) static void zep_shim_nbuf_free(void *nbuf) { + if (!nbuf) { + return; + } + k_free(((struct nwb *)nbuf)->priv); k_free(nbuf); } @@ -618,6 +624,20 @@ static unsigned int zep_shim_time_elapsed_us(unsigned long start_time_us) return curr_time_us - start_time_us; } +static unsigned long zep_shim_time_get_curr_ms(void) +{ + return k_uptime_get(); +} + +static unsigned int zep_shim_time_elapsed_ms(unsigned long start_time_ms) +{ + unsigned long curr_time_ms = 0; + + curr_time_ms = zep_shim_time_get_curr_ms(); + + return curr_time_ms - start_time_ms; +} + static enum nrf_wifi_status zep_shim_bus_qspi_dev_init(void *os_qspi_dev_ctx) { ARG_UNUSED(os_qspi_dev_ctx); @@ -733,6 +753,11 @@ static void irq_work_handler(struct k_work *work) { int ret = 0; + if (!intr_priv || !intr_priv->callbk_fn || !intr_priv->callbk_data) { + LOG_ERR("%s: Invalid intr_priv handler", __func__); + return; + } + ret = intr_priv->callbk_fn(intr_priv->callbk_data); if (ret) { @@ -748,6 +773,11 @@ static void zep_shim_irq_handler(const struct device *dev, struct gpio_callback ARG_UNUSED(cb); ARG_UNUSED(pins); + if (!(intr_priv && intr_priv->callbk_fn && intr_priv->callbk_data)) { + LOG_ERR("%s: Invalid intr_priv", __func__); + return; + } + k_work_schedule_for_queue(&zep_wifi_intr_q, &intr_priv->work, K_NO_WAIT); } @@ -938,6 +968,8 @@ const struct nrf_wifi_osal_ops nrf_wifi_os_zep_ops = { .delay_us = k_usleep, .time_get_curr_us = zep_shim_time_get_curr_us, .time_elapsed_us = zep_shim_time_elapsed_us, + .time_get_curr_ms = zep_shim_time_get_curr_ms, + .time_elapsed_ms = zep_shim_time_elapsed_ms, .bus_qspi_init = zep_shim_bus_qspi_init, .bus_qspi_deinit = zep_shim_bus_qspi_deinit, diff --git a/drivers/wifi/nrfwifi/src/shim.h b/drivers/wifi/nrfwifi/src/shim.h index a4162bf89314..be26fd6355e6 100644 --- a/drivers/wifi/nrfwifi/src/shim.h +++ b/drivers/wifi/nrfwifi/src/shim.h @@ -19,7 +19,6 @@ /** * struct zep_shim_bus_qspi_priv - Structure to hold context information for the Linux OS * shim. - * @opriv: Pointer to OSAL context. * @pcie_callbk_data: Callback data to be passed to the PCIe callback functions. * @pcie_prb_callbk: The callback function to be called when a PCIe device * has been probed. diff --git a/drivers/wifi/nrfwifi/src/wifi_mgmt.c b/drivers/wifi/nrfwifi/src/wifi_mgmt.c index 6232ad245cdc..5effb759fa42 100644 --- a/drivers/wifi/nrfwifi/src/wifi_mgmt.c +++ b/drivers/wifi/nrfwifi/src/wifi_mgmt.c @@ -115,6 +115,24 @@ int nrf_wifi_set_power_save(const struct device *dev, vif_ctx_zep->vif_idx, params->wakeup_mode); break; + case WIFI_PS_PARAM_EXIT_STRATEGY: + unsigned int exit_strategy; + + if (params->exit_strategy == WIFI_PS_EXIT_EVERY_TIM) { + exit_strategy = EVERY_TIM; + } else if (params->exit_strategy == WIFI_PS_EXIT_CUSTOM_ALGO) { + exit_strategy = INT_PS; + } else { + params->fail_reason = + WIFI_PS_PARAM_FAIL_INVALID_EXIT_STRATEGY; + return -EINVAL; + } + + status = nrf_wifi_fmac_set_ps_exit_strategy( + rpu_ctx_zep->rpu_ctx, + vif_ctx_zep->vif_idx, + exit_strategy); + break; default: params->fail_reason = WIFI_PS_PARAM_FAIL_CMD_EXEC_FAIL; @@ -379,6 +397,11 @@ void nrf_wifi_event_proc_get_power_save_info(void *vif_ctx, vif_ctx_zep->ps_info->ps_params.timeout_ms = ps_info->ps_timeout; vif_ctx_zep->ps_info->ps_params.listen_interval = ps_info->listen_interval; vif_ctx_zep->ps_info->ps_params.wakeup_mode = ps_info->extended_ps; + if (ps_info->ps_exit_strategy == EVERY_TIM) { + vif_ctx_zep->ps_info->ps_params.exit_strategy = WIFI_PS_EXIT_EVERY_TIM; + } else if (ps_info->ps_exit_strategy == INT_PS) { + vif_ctx_zep->ps_info->ps_params.exit_strategy = WIFI_PS_EXIT_CUSTOM_ALGO; + } for (int i = 0; i < ps_info->num_twt_flows; i++) { struct twt_interval_float twt_interval_fp; @@ -912,6 +935,21 @@ int nrf_wifi_filter(const struct device *dev, def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); if (filter->oper == WIFI_MGMT_SET) { + /** + * If promiscuous mode is enabled, filter settings + * cannot be plumbed to the lower layers as that might + * affect connectivity. Save the filter settings in the + * driver and filter packet type on packet receive by + * checking the 802.11 header in the packet + */ + if (((def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->mode) & + (NRF_WIFI_PROMISCUOUS_MODE)) == NRF_WIFI_PROMISCUOUS_MODE) { + def_dev_ctx->vif_ctx[vif_ctx_zep->vif_idx]->packet_filter = + filter->filter; + ret = 0; + goto out; + } + /** * In case a user sets data + management + ctrl bits * or all the filter bits. Map it to bit 0 set to diff --git a/drivers/wifi/nrfwifi/src/wifi_mgmt_scan.c b/drivers/wifi/nrfwifi/src/wifi_mgmt_scan.c index c5c6f18804ec..e30f572aeb32 100644 --- a/drivers/wifi/nrfwifi/src/wifi_mgmt_scan.c +++ b/drivers/wifi/nrfwifi/src/wifi_mgmt_scan.c @@ -206,6 +206,10 @@ int nrf_wifi_disp_scan_zep(const struct device *dev, struct wifi_scan_params *pa vif_ctx_zep->scan_res_cnt = 0; +#ifdef CONFIG_NRF70_PASSIVE_SCAN_ONLY + scan_info->scan_params.passive_scan = 1; +#endif /* CONFIG_NRF70_PASSIVE_SCAN_ONLY */ + status = nrf_wifi_fmac_scan(rpu_ctx_zep->rpu_ctx, vif_ctx_zep->vif_idx, scan_info); if (status != NRF_WIFI_STATUS_SUCCESS) { diff --git a/drivers/wifi/nrfwifi/src/wifi_util.c b/drivers/wifi/nrfwifi/src/wifi_util.c index 43c527a4b7d7..528c41fa1843 100644 --- a/drivers/wifi/nrfwifi/src/wifi_util.c +++ b/drivers/wifi/nrfwifi/src/wifi_util.c @@ -273,6 +273,7 @@ static int nrf_wifi_util_tx_stats(const struct shell *sh, void *queue = NULL; unsigned int tx_pending_pkts = 0; struct nrf_wifi_fmac_dev_ctx_def *def_dev_ctx = NULL; + int ret; vif_index = atoi(argv[1]); if ((vif_index < 0) || (vif_index >= max_vif_index)) { @@ -284,6 +285,15 @@ static int nrf_wifi_util_tx_stats(const struct shell *sh, return -ENOEXEC; } + k_mutex_lock(&ctx->rpu_lock, K_FOREVER); + if (!ctx->rpu_ctx) { + shell_fprintf(sh, + SHELL_ERROR, + "RPU context not initialized\n"); + ret = -ENOEXEC; + goto unlock; + } + fmac_dev_ctx = ctx->rpu_ctx; def_dev_ctx = wifi_dev_priv(fmac_dev_ctx); @@ -306,7 +316,11 @@ static int nrf_wifi_util_tx_stats(const struct shell *sh, tx_pending_pkts); } - return 0; + ret = 0; + +unlock: + k_mutex_unlock(&ctx->rpu_lock); + return ret; } #endif /* CONFIG_NRF70_STA_MODE */ @@ -435,7 +449,7 @@ static int nrf_wifi_util_show_vers(const struct shell *sh, return status; } -#ifndef CONFIG_NRF70_RADIO_TEST +#if !defined(CONFIG_NRF70_RADIO_TEST) && !defined(CONFIG_NRF70_OFFLOADED_RAW_TX) static int nrf_wifi_util_dump_rpu_stats(const struct shell *sh, size_t argc, const char *argv[]) @@ -444,6 +458,7 @@ static int nrf_wifi_util_dump_rpu_stats(const struct shell *sh, struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; struct rpu_op_stats stats; enum rpu_stats_type stats_type = RPU_STATS_TYPE_ALL; + int ret; if (argc == 2) { const char *type = argv[1]; @@ -465,6 +480,14 @@ static int nrf_wifi_util_dump_rpu_stats(const struct shell *sh, } } + k_mutex_lock(&ctx->rpu_lock, K_FOREVER); + if (!ctx->rpu_ctx) { + shell_fprintf(sh, + SHELL_ERROR, + "RPU context not initialized\n"); + ret = -ENOEXEC; + goto unlock; + } fmac_dev_ctx = ctx->rpu_ctx; memset(&stats, 0, sizeof(struct rpu_op_stats)); @@ -474,7 +497,8 @@ static int nrf_wifi_util_dump_rpu_stats(const struct shell *sh, shell_fprintf(sh, SHELL_ERROR, "Failed to get stats\n"); - return -ENOEXEC; + ret = -ENOEXEC; + goto unlock; } if (stats_type == RPU_STATS_TYPE_UMAC || stats_type == RPU_STATS_TYPE_ALL) { @@ -847,9 +871,12 @@ static int nrf_wifi_util_dump_rpu_stats(const struct shell *sh, phy->dsss_crc32_fail_cnt); } - return 0; + ret = 0; +unlock: + k_mutex_unlock(&ctx->rpu_lock); + return ret; } -#endif /* CONFIG_NRF70_RADIO_TEST */ +#endif /* !CONFIG_NRF70_RADIO_TEST && !CONFIG_NRF70_OFFLOADED_RAW_TX */ #ifdef CONFIG_NRF_WIFI_RPU_RECOVERY static int nrf_wifi_util_trigger_rpu_recovery(const struct shell *sh, @@ -858,12 +885,15 @@ static int nrf_wifi_util_trigger_rpu_recovery(const struct shell *sh, { enum nrf_wifi_status status = NRF_WIFI_STATUS_FAIL; struct nrf_wifi_fmac_dev_ctx *fmac_dev_ctx = NULL; + int ret; + k_mutex_lock(&ctx->rpu_lock, K_FOREVER); if (!ctx || !ctx->rpu_ctx) { shell_fprintf(sh, SHELL_ERROR, "RPU context not initialized\n"); - return -ENOEXEC; + ret = -ENOEXEC; + goto unlock; } fmac_dev_ctx = ctx->rpu_ctx; @@ -880,7 +910,10 @@ static int nrf_wifi_util_trigger_rpu_recovery(const struct shell *sh, SHELL_INFO, "RPU recovery triggered\n"); - return 0; + ret = 0; +unlock: + k_mutex_unlock(&ctx->rpu_lock); + return ret; } #endif /* CONFIG_NRF_WIFI_RPU_RECOVERY */ @@ -964,7 +997,7 @@ SHELL_STATIC_SUBCMD_SET_CREATE( nrf_wifi_util_show_vers, 1, 0), -#ifndef CONFIG_NRF70_RADIO_TEST +#if !defined(CONFIG_NRF70_RADIO_TEST) && !defined(CONFIG_NRF70_OFFLOADED_RAW_TX) SHELL_CMD_ARG(rpu_stats, NULL, "Display RPU stats " @@ -972,7 +1005,7 @@ SHELL_STATIC_SUBCMD_SET_CREATE( nrf_wifi_util_dump_rpu_stats, 1, 1), -#endif /* CONFIG_NRF70_RADIO_TEST */ +#endif /* !CONFIG_NRF70_RADIO_TEST && !CONFIG_NRF70_OFFLOADED_RAW_TX*/ #ifdef CONFIG_NRF_WIFI_RPU_RECOVERY SHELL_CMD_ARG(rpu_recovery_test, NULL, diff --git a/dts/bindings/wifi/nordic,nrf70-coex.yaml b/dts/bindings/wifi/nordic,nrf70-coex.yaml index 208657f3fb53..0a9c12f587ec 100644 --- a/dts/bindings/wifi/nordic,nrf70-coex.yaml +++ b/dts/bindings/wifi/nordic,nrf70-coex.yaml @@ -27,9 +27,3 @@ properties: description: | GPIO of the SOC controlling the Priority (STATUS1) pin (in 4-wire coex case) of the nRF7002 - - srrf-switch-gpios: - type: phandle-array - description: | - GPIO of the RF Switch to control SR RF output to either SR Antenna - or shared Antenna with Wi-Fi diff --git a/dts/bindings/wifi/nordic,nrf70.yaml b/dts/bindings/wifi/nordic,nrf70.yaml index ff9021739ace..abdc7ec2cb06 100644 --- a/dts/bindings/wifi/nordic,nrf70.yaml +++ b/dts/bindings/wifi/nordic,nrf70.yaml @@ -1,9 +1,6 @@ # Copyright (c) 2024 Nordic Semiconductor ASA # SPDX-License-Identifier: Apache-2.0 -# GPIO lines for controlling the nRF70 Series Wi-Fi chip. -include: nordic,nrf70-coex.yaml - properties: iovdd-ctrl-gpios: type: phandle-array @@ -19,3 +16,9 @@ properties: type: phandle-array required: true description: GPIO of the SoC controlling the HOST_IRQ pin of the nRF70 + + srrf-switch-gpios: + type: phandle-array + description: | + GPIO of the RF Switch to control SR RF output to either SR Antenna + or shared Antenna with Wi-Fi diff --git a/dts/bindings/wifi/nordic,nrf7000-coex.yaml b/dts/bindings/wifi/nordic,nrf7000-coex.yaml new file mode 100644 index 000000000000..94dcc2181d33 --- /dev/null +++ b/dts/bindings/wifi/nordic,nrf7000-coex.yaml @@ -0,0 +1,9 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +description: This is a representation of the nRF7000 Wi-Fi chip with COEX interface. + +compatible: nordic,nrf7000-coex + +include: + - "nordic,nrf70-coex.yaml" diff --git a/dts/bindings/wifi/nordic,nrf7001-coex.yaml b/dts/bindings/wifi/nordic,nrf7001-coex.yaml new file mode 100644 index 000000000000..d58afe7d44cb --- /dev/null +++ b/dts/bindings/wifi/nordic,nrf7001-coex.yaml @@ -0,0 +1,9 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +description: This is a representation of the nRF7001 Wi-Fi chip with COEX interface. + +compatible: nordic,nrf7001-coex + +include: + - "nordic,nrf70-coex.yaml" diff --git a/dts/bindings/wifi/nordic,nrf7002-coex.yaml b/dts/bindings/wifi/nordic,nrf7002-coex.yaml new file mode 100644 index 000000000000..1df61d0bf987 --- /dev/null +++ b/dts/bindings/wifi/nordic,nrf7002-coex.yaml @@ -0,0 +1,9 @@ +# Copyright (c) 2024 Nordic Semiconductor ASA +# SPDX-License-Identifier: Apache-2.0 + +description: This is a representation of the nRF7002 Wi-Fi chip with COEX interface. + +compatible: nordic,nrf7002-coex + +include: + - "nordic,nrf70-coex.yaml" diff --git a/include/zephyr/drivers/wifi/nrfwifi/off_raw_tx/off_raw_tx_api.h b/include/zephyr/drivers/wifi/nrfwifi/off_raw_tx/off_raw_tx_api.h new file mode 100644 index 000000000000..b14ae39488d9 --- /dev/null +++ b/include/zephyr/drivers/wifi/nrfwifi/off_raw_tx/off_raw_tx_api.h @@ -0,0 +1,262 @@ +/* + * Copyright (c) 2024 Nordic Semiconductor ASA + * + * SPDX-License-Identifier: Apache-2.0 + */ +/** @file + * + * @addtogroup nrf70_off_raw_tx_api nRF70 Offloaded raw TX API + * @{ + * + * @brief File containing API's for the Offloaded raw TX feature. + */ + +#ifndef INCLUDE_ZEPHYR_DRIVERS_OFF_RAW_TX_API_H_ +#define INCLUDE_ZEPHYR_DRIVERS_OFF_RAW_TX_API_H_ + +#include +#include +#include "osal_api.h" + +/* Minimum frame size for raw packet transmission */ +#define NRF_WIFI_OFF_RAW_TX_FRAME_SIZE_MIN 26 +/* Maximum frame size for raw packet transmission */ +#define NRF_WIFI_OFF_RAW_TX_FRAME_SIZE_MAX 600 +/* Maximum length of country code*/ +#define NRF_WIFI_COUNTRY_CODE_LEN 2 +/** + * @brief- Transmission rates + * Rate to be used for transmitting a packet. + */ +enum nrf_wifi_off_raw_tx_rate { + /** 1 Mbps */ + RATE_1M, + /** 2 Mbps */ + RATE_2M, + /** 5.5 Mbps */ + RATE_5_5M, + /** 11 Mbps */ + RATE_11M, + /** 6 Mbps */ + RATE_6M, + /** 9 Mbps */ + RATE_9M, + /** 12 Mbps */ + RATE_12M, + /** 18 Mbps */ + RATE_18M, + /** 24 Mbps */ + RATE_24M, + /** 36 Mbps */ + RATE_36M, + /** 48 Mbps */ + RATE_48M, + /** 54 Mbps */ + RATE_54M, + /** MCS 0 */ + RATE_MCS0, + /** MCS 1 */ + RATE_MCS1, + /** MCS 2 */ + RATE_MCS2, + /** MCS 3 */ + RATE_MCS3, + /** MCS 4 */ + RATE_MCS4, + /** MCS 5 */ + RATE_MCS5, + /** MCS 6 */ + RATE_MCS6, + /** MCS 7 */ + RATE_MCS7, + /** Invalid rate */ + RATE_MAX +}; + + +/** + * @brief- HE guard interval value + * Value of the guard interval to be used between symbols when transmitting using HE. + */ +enum nrf_wifi_off_raw_tx_he_gi { + /** 800 ns */ + HE_GI_800NS, + /** 1600 ns */ + HE_GI_1600NS, + /** 3200 ns */ + HE_GI_3200NS, + /** Invalid value */ + HE_GI_MAX +}; + + +/** + * @brief- HE long training field duration + * Value of the long training field duration to be used when transmitting using HE. + */ +enum nrf_wifi_off_raw_tx_he_ltf { + /** 3.2us */ + HE_LTF_3200NS, + /** 6.4us */ + HE_LTF_6400NS, + /** 12.8us */ + HE_LTF_12800NS, + /** Invalid value */ + HE_LTF_MAX +}; + +/** + * @brief- Throughput mode + * Throughput mode to be used for transmitting the packet. + */ +enum nrf_wifi_off_raw_tx_tput_mode { + /** Legacy mode */ + TPUT_MODE_LEGACY, + /** High Throughput mode (11n) */ + TPUT_MODE_HT, + /** Very high throughput mode (11ac) */ + TPUT_MODE_VHT, + /** HE SU mode */ + TPUT_MODE_HE_SU, + /** HE ER SU mode */ + TPUT_MODE_HE_ER_SU, + /** HE TB mode */ + TPUT_MODE_HE_TB, + /** Highest throughput mode currently defined */ + TPUT_MODE_MAX +}; + +/** + * @brief This structure defines the Offloaded raw tx debug statistics. + * + */ +struct nrf_wifi_off_raw_tx_stats { + /** Number of packets sent */ + unsigned int off_raw_tx_pkt_sent; +}; + +/** + * @brief- Configuration parameters for offloaded raw TX + * Parameters which can be used to configure the offloaded raw TX operation. + */ +struct nrf_wifi_off_raw_tx_conf { + /** Time interval (in microseconds) between transmissions */ + unsigned int period_us; + /** Transmit power in dBm (0 to 20) */ + unsigned int tx_pwr; + /** Channel number on which to transmit */ + unsigned int chan; + /** Set to TRUE to use short preamble for FALSE to disable short preamble */ + bool short_preamble; + /* Number of times a packet should be retried at each possible rate */ + unsigned int num_retries; + /** Throughput mode for packet transmittion. Refer &enum nrf_wifi_off_raw_tx_tput_mode */ + enum nrf_wifi_off_raw_tx_tput_mode tput_mode; + /* Rate at which packet needs to be transmitted. Refer &enum nrf_wifi_off_raw_tx_rate */ + enum nrf_wifi_off_raw_tx_rate rate; + /** HE GI. Refer &enum nrf_wifi_off_raw_tx_he_gi */ + enum nrf_wifi_off_raw_tx_he_gi he_gi; + /** HE GI. Refer &enum nrf_wifi_off_raw_tx_he_ltf */ + enum nrf_wifi_off_raw_tx_he_ltf he_ltf; + /* Pointer to packet to be transmitted */ + void *pkt; + /** Packet length of the frame to be transmitted, (min 26 bytes and max 600 bytes) */ + unsigned int pkt_len; +}; + + +/** + * @brief Initialize the nRF70 for operating in the offloaded raw TX mode. + * @param mac_addr MAC address to be used for the nRF70 device. + * @param country_code Country code to be set for regularity domain. + * + * This function is initializes the nRF70 device for offloaded raw TX mode by: + * - Powering it up, + * - Downloading a firmware patch (if any). + * - Initializing the firmware to accept further commands + * + * The mac_addr parameter is used to set the MAC address of the nRF70 device. + * This address can be used to override the MAC addresses programmed in the OTP and + * the value configured (if any) in CONFIG_WIFI_FIXED_MAC_ADDRESS. + * The priority order in which the MAC address values for the nRF70 device are used is: + * - If mac_addr is provided, the MAC address is set to the value provided. + * - If CONFIG_WIFI_FIXED_MAC_ADDRESS is enabled, the MAC address uses the Kconfig value. + * - If none of the above are provided, the MAC address is set to the value programmed in the OTP. + * + * @retval 0 If the operation was successful. + * @retval -1 If the operation failed. + */ +int nrf70_off_raw_tx_init(uint8_t *mac_addr, unsigned char *country_code); + +/** + * @brief Initialize the nRF70 for operating in the offloaded raw TX mode. + * + * This function is deinitializes the nRF70 device. + * + */ +void nrf70_off_raw_tx_deinit(void); + +/** + * @brief Update the configured offloaded raw TX parameters. + * @param conf Configuration parameters to be updated for the offloaded raw TX operation. + * + * This function is used to update configured parameters for offloaded raw TX operation. + * This function should be used to when the parameters need to be updated during an ongoing + * raw TX operation without having to stop it. + * + * @retval 0 If the operation was successful. + * @retval -1 If the operation failed. + */ +int nrf70_off_raw_tx_conf_update(struct nrf_wifi_off_raw_tx_conf *conf); + +/** + * @brief Start the offloaded raw TX. + * @param conf Configuration parameters necessary for the offloaded raw TX operation. + * + * This function is used to start offloaded raw TX operation. When this function is invoked + * the nRF70 device will start transmitting frames as per the configuration specified by @p conf. + * + * @retval 0 If the operation was successful. + * @retval -1 If the operation failed. + */ +int nrf70_off_raw_tx_start(struct nrf_wifi_off_raw_tx_conf *conf); + +/** + * @brief Stop the offloaded raw TX. + * + * This function is used to stop offloaded raw TX operation. When this function is invoked + * the nRF70 device will stop transmitting frames. + * + * @retval 0 If the operation was successful. + * @retval -1 If the operation failed. + */ +int nrf70_off_raw_tx_stop(void); + +/** + * @brief Get the MAC address of the nRF70 device. + * @param mac_addr Buffer to store the MAC address. + * + * This function is used to get the MAC address of the nRF70 device. + * The MAC address is stored in the buffer pointed by mac_addr. + * The MAC address is expected to be a 6 byte value. + * + * @retval 0 If the operation was successful. + * @retval -1 If the operation failed. + */ +int nrf70_off_raw_tx_mac_addr_get(uint8_t *mac_addr); + +/** + * @brief Get statistics of the offloaded raw TX. + * @param off_raw_tx_stats Statistics of the offloaded raw TX operation. + * + * This function is used to get statistics of offloaded raw TX operation. When this function + * is invoked the nRF70 device will show statistics. + * + * @retval 0 If the operation was successful. + * @retval -1 If the operation failed. + */ +int nrf70_off_raw_tx_stats(struct nrf_wifi_off_raw_tx_stats *off_raw_tx_stats); +/** + * @} + */ +#endif /* INCLUDE_ZEPHYR_DRIVERS_OFF_RAW_TX_API_H_ */ diff --git a/include/zephyr/net/wifi.h b/include/zephyr/net/wifi.h index f8a2645f558b..36a62f02cade 100644 --- a/include/zephyr/net/wifi.h +++ b/include/zephyr/net/wifi.h @@ -68,6 +68,16 @@ enum wifi_security_type { WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL, /** DPP security */ WIFI_SECURITY_TYPE_DPP, + /** EAP PEAP MSCHAPV2 security - Enterprise. */ + WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2, + /** EAP PEAP GTC security - Enterprise. */ + WIFI_SECURITY_TYPE_EAP_PEAP_GTC, + /** EAP TTLS MSCHAPV2 security - Enterprise. */ + WIFI_SECURITY_TYPE_EAP_TTLS_MSCHAPV2, + /** EAP PEAP security - Enterprise. */ + WIFI_SECURITY_TYPE_EAP_PEAP_TLS, + /** EAP TLS SHA256 security - Enterprise. */ + WIFI_SECURITY_TYPE_EAP_TLS_SHA256, /** @cond INTERNAL_HIDDEN */ __WIFI_SECURITY_TYPE_AFTER_LAST, @@ -76,6 +86,91 @@ enum wifi_security_type { /** @endcond */ }; +/** @brief EPA method Types. */ +enum wifi_eap_type { + /** No EPA security. */ + WIFI_EAP_TYPE_NONE = 0, + /** EPA GTC security, refer to rfc3748 chapter 5. */ + WIFI_EAP_TYPE_GTC = 6, + /** EPA TLS security, refer to rfc5216. */ + WIFI_EAP_TYPE_TLS = 13, + /** EPA TTLS security, refer to rfc5281. */ + WIFI_EAP_TYPE_TTLS = 21, + /** EPA PEAP security, refer to draft-josefsson-pppext-eap-tls-eap-06.txt. */ + WIFI_EAP_TYPE_PEAP = 25, + /** EPA MSCHAPV2 security, refer to draft-kamath-pppext-eap-mschapv2-00.txt. */ + WIFI_EAP_TYPE_MSCHAPV2 = 26, +}; + +/** @brief Enterprise security WPA3 suiteb types. */ +enum wifi_suiteb_type { + /** suiteb. */ + WIFI_SUITEB = 1, + /** suiteb-192. */ + WIFI_SUITEB_192, +}; + +/** @brief Group cipher and pairwise cipher types. */ +enum wifi_cipher_type { + /** AES in counter mode with CBC-MAC (CCMP-128). */ + WPA_CAPA_ENC_CCMP, + /** 128-bit Galois/Counter Mode Protocol. */ + WPA_CAPA_ENC_GCMP, + /** 256-bit Galois/Counter Mode Protocol. */ + WPA_CAPA_ENC_GCMP_256, +}; + +/** @brief group mgmt cipher types. */ +enum wifi_group_mgmt_cipher_type { + /** 128-bit Broadcast/Multicast Integrity Protocol + * Cipher-based Message Authentication Code . + */ + WPA_CAPA_ENC_BIP, + /** 128-bit Broadcast/Multicast Integrity Protocol + * Galois Message Authentication Code . + */ + WPA_CAPA_ENC_BIP_GMAC_128, + /** 256-bit Broadcast/Multicast Integrity Protocol + * Galois Message Authentication Code . + */ + WPA_CAPA_ENC_BIP_GMAC_256, +}; + +struct wifi_cipher_desc { + /** Cipher capability. */ + unsigned int capa; + /** Cipher name string. */ + char *name; +}; + +struct wifi_eap_cipher_config { + /** Key management type string. */ + char *key_mgmt; + /** OpenSSL cipher string. */ + char *openssl_ciphers; + /** Group cipher cipher string. */ + char *group_cipher; + /** Pairwise_cipher cipher string. */ + char *pairwise_cipher; + /** Group management cipher string. */ + char *group_mgmt_cipher; + /** Used to confiure TLS features. */ + char *tls_flags; +}; + +struct wifi_eap_config { + /** Security type. */ + unsigned int type; + /** EPA method type of phase1. */ + enum wifi_eap_type eap_type_phase1; + /** EPA method type of phase2. */ + enum wifi_eap_type eap_type_phase2; + /** EPA method string. */ + char *method; + /** Phase2 setting string. */ + char *phase2; +}; + /** Helper function to get user-friendly security type name. */ const char *wifi_security_txt(enum wifi_security_type security); @@ -450,6 +545,8 @@ enum wifi_ps_param_type { WIFI_PS_PARAM_WAKEUP_MODE, /** Power save mode. */ WIFI_PS_PARAM_MODE, + /** Power save exit strategy. */ + WIFI_PS_PARAM_EXIT_STRATEGY, /** Power save timeout. */ WIFI_PS_PARAM_TIMEOUT, }; @@ -465,6 +562,24 @@ enum wifi_ps_wakeup_mode { /** Helper function to get user-friendly ps wakeup mode name. */ const char *wifi_ps_wakeup_mode_txt(enum wifi_ps_wakeup_mode ps_wakeup_mode); +/** + * @brief Wi-Fi power save exit strategy + */ +enum wifi_ps_exit_strategy { + /** PS-Poll frame based */ + WIFI_PS_EXIT_CUSTOM_ALGO = 0, + /** QoS NULL frame based */ + WIFI_PS_EXIT_EVERY_TIM, + +/** @cond INTERNAL_HIDDEN */ + WIFI_PS_EXIT_LAST, + WIFI_PS_EXIT_MAX = WIFI_PS_EXIT_LAST - 1, +/** @endcond */ +}; + +/** Helper function to get user-friendly ps exit strategy name. */ +const char * const wifi_ps_exit_strategy_txt(enum wifi_ps_exit_strategy ps_exit_strategy); + /** @brief Wi-Fi power save error codes. */ enum wifi_config_ps_param_fail_reason { /** Unspecified error */ @@ -481,6 +596,8 @@ enum wifi_config_ps_param_fail_reason { WIFI_PS_PARAM_FAIL_DEVICE_CONNECTED, /** Listen interval out of range */ WIFI_PS_PARAM_LISTEN_INTERVAL_RANGE_INVALID, + /** Invalid exit strategy */ + WIFI_PS_PARAM_FAIL_INVALID_EXIT_STRATEGY, }; /** @cond INTERNAL_HIDDEN */ diff --git a/include/zephyr/net/wifi_mgmt.h b/include/zephyr/net/wifi_mgmt.h index 899cb2f095bd..c67cab30a0e0 100644 --- a/include/zephyr/net/wifi_mgmt.h +++ b/include/zephyr/net/wifi_mgmt.h @@ -106,7 +106,9 @@ enum net_request_wifi_cmd { NET_REQUEST_WIFI_CMD_ENTERPRISE_CREDS, /** Get RTS threshold */ NET_REQUEST_WIFI_CMD_RTS_THRESHOLD_CONFIG, -/** @cond INTERNAL_HIDDEN */ + /** WPS config */ + NET_REQUEST_WIFI_CMD_WPS_CONFIG, + /** @cond INTERNAL_HIDDEN */ NET_REQUEST_WIFI_CMD_MAX /** @endcond */ }; @@ -252,6 +254,10 @@ NET_MGMT_DEFINE_REQUEST_HANDLER(NET_REQUEST_WIFI_ENTERPRISE_CREDS); NET_MGMT_DEFINE_REQUEST_HANDLER(NET_REQUEST_WIFI_RTS_THRESHOLD_CONFIG); +#define NET_REQUEST_WIFI_WPS_CONFIG (_NET_WIFI_BASE | NET_REQUEST_WIFI_CMD_WPS_CONFIG) + +NET_MGMT_DEFINE_REQUEST_HANDLER(NET_REQUEST_WIFI_WPS_CONFIG); + /** @brief Wi-Fi management events */ enum net_event_wifi_cmd { /** Scan results available */ @@ -282,6 +288,8 @@ enum net_event_wifi_cmd { NET_EVENT_WIFI_CMD_AP_STA_CONNECTED, /** STA disconnected from AP */ NET_EVENT_WIFI_CMD_AP_STA_DISCONNECTED, + /** Supplicant specific event */ + NET_EVENT_WIFI_CMD_SUPPLICANT, }; /** Event emitted for Wi-Fi scan result */ @@ -458,12 +466,28 @@ struct wifi_connect_req_params { int timeout; /** anonymous identity */ const uint8_t *anon_id; - /** anon_id length */ - uint8_t aid_length; /* Max 64 */ + /** anon_id length, max 64 */ + uint8_t aid_length; /** Private key passwd for enterprise mode */ const uint8_t *key_passwd; - /** Private key passwd length */ - uint8_t key_passwd_length; /* Max 128 */ + /** Private key passwd length, max 128 */ + uint8_t key_passwd_length; + /** private key2 passwd */ + const uint8_t *key2_passwd; + /** key2 passwd length, max 128 */ + uint8_t key2_passwd_length; + /** suiteb or suiteb-192 */ + uint8_t suiteb_type; + /** eap version */ + uint8_t eap_ver; + /** Identity for EAP */ + const uint8_t *eap_identity; + /** eap identity length, max 64 */ + uint8_t eap_id_length; + /** Password string for EAP. */ + const uint8_t *eap_password; + /** eap passwd length, max 128 */ + uint8_t eap_passwd_length; }; /** @brief Wi-Fi connect result codes. To be overlaid on top of \ref wifi_status @@ -602,6 +626,8 @@ struct wifi_ps_params { enum wifi_ps_param_type type; /** Wi-Fi power save fail reason */ enum wifi_config_ps_param_fail_reason fail_reason; + /** Wi-Fi power save exit strategy */ + enum wifi_ps_exit_strategy exit_strategy; }; /** @brief Wi-Fi TWT parameters */ @@ -701,6 +727,18 @@ struct wifi_enterprise_creds_params { uint8_t *client_key; /** Client key length */ uint32_t client_key_len; + /** CA certification of phase2*/ + uint8_t *ca_cert2; + /** Phase2 CA certification length */ + uint32_t ca_cert2_len; + /** Client certification of phase2*/ + uint8_t *client_cert2; + /** Phase2 Client certification length */ + uint32_t client_cert2_len; + /** Client key of phase2*/ + uint8_t *client_key2; + /** Phase2 Client key length */ + uint32_t client_key2_len; }; /** @brief Wi-Fi power save configuration */ @@ -939,6 +977,76 @@ enum wifi_dpp_bootstrap_type { WIFI_DPP_BOOTSTRAP_TYPE_NFC_URI }; +/** Params to add DPP configurator */ +struct wifi_dpp_configurator_add_params { + /** ECP curves for private key */ + int curve; + /** ECP curves for net access key */ + int net_access_key_curve; +}; + +/** Params to initiate a DPP auth procedure */ +struct wifi_dpp_auth_init_params { + /** Peer bootstrap id */ + int peer; + /** Configuration parameter id */ + int configurator; + /** Role configurator or enrollee */ + int role; + /** Security type */ + int conf; + /** SSID in string */ + char ssid[WIFI_SSID_MAX_LEN + 1]; +}; + +/** Params to do DPP chirp */ +struct wifi_dpp_chirp_params { + /** Own bootstrap id */ + int id; + /** Chirp on frequency */ + int freq; +}; + +/** Params to do DPP listen */ +struct wifi_dpp_listen_params { + /** Listen on frequency */ + int freq; + /** Role configurator or enrollee */ + int role; +}; + +/** Params to generate a DPP bootstrap */ +struct wifi_dpp_bootstrap_gen_params { + /** Bootstrap type */ + int type; + /** Own operating class */ + int op_class; + /** Own working channel */ + int chan; + /** ECP curves */ + int curve; + /** Own mac address */ + uint8_t mac[WIFI_MAC_ADDR_LEN]; +}; + +/** Params to set specific DPP configurator */ +struct wifi_dpp_configurator_set_params { + /** Peer bootstrap id */ + int peer; + /** Configuration parameter id */ + int configurator; + /** Role configurator or enrollee */ + int role; + /** Security type */ + int conf; + /** ECP curves for private key */ + int curve; + /** ECP curves for net access key */ + int net_access_key_curve; + /** Own mac address */ + char ssid[WIFI_SSID_MAX_LEN + 1]; +}; + /** Wi-Fi DPP params for various operations */ struct wifi_dpp_params { @@ -946,69 +1054,17 @@ struct wifi_dpp_params { int action; union { /** Params to add DPP configurator */ - struct wifi_dpp_configurator_add_params { - /** ECP curves for private key */ - int curve; - /** ECP curves for net access key */ - int net_access_key_curve; - } configurator_add; + struct wifi_dpp_configurator_add_params configurator_add; /** Params to initiate a DPP auth procedure */ - struct wifi_dpp_auth_init_params { - /** Peer bootstrap id */ - int peer; - /** Configuration parameter id */ - int configurator; - /** Role configurator or enrollee */ - int role; - /** Security type */ - int conf; - /** SSID in string */ - char ssid[WIFI_SSID_MAX_LEN + 1]; - } auth_init; + struct wifi_dpp_auth_init_params auth_init; /** Params to do DPP chirp */ - struct wifi_dpp_chirp_params { - /** Own bootstrap id */ - int id; - /** Chirp on frequency */ - int freq; - } chirp; + struct wifi_dpp_chirp_params chirp; /** Params to do DPP listen */ - struct wifi_dpp_listen_params { - /** Listen on frequency */ - int freq; - /** Role configurator or enrollee */ - int role; - } listen; + struct wifi_dpp_listen_params listen; /** Params to generate a DPP bootstrap */ - struct wifi_dpp_bootstrap_gen_params { - /** Bootstrap type */ - int type; - /** Own operating class */ - int op_class; - /** Own working channel */ - int chan; - /** ECP curves */ - int curve; - /** Own mac address */ - uint8_t mac[WIFI_MAC_ADDR_LEN]; - } bootstrap_gen; + struct wifi_dpp_bootstrap_gen_params bootstrap_gen; /** Params to set specific DPP configurator */ - struct wifi_dpp_configurator_set_params { - /** Peer bootstrap id */ - int peer; - /** Configuration parameter id */ - int configurator; - /** Role configurator or enrollee */ - int role; - /** Security type */ - int conf; - /** ECP curves for private key */ - int curve; - /** ECP curves for net access key */ - int net_access_key_curve; - /** Own mac address */ - char ssid[WIFI_SSID_MAX_LEN + 1]; - } configurator_set; + struct wifi_dpp_configurator_set_params configurator_set; /** Bootstrap get uri id */ int id; /** Timeout for DPP frame response rx */ @@ -1024,9 +1080,40 @@ struct wifi_dpp_params { char resp[WIFI_DPP_QRCODE_MAX_LEN + 1]; }; }; - #endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP */ +#define WIFI_WPS_PIN_MAX_LEN 8 + +/** Operation for WPS */ +enum wifi_wps_op { + /** WPS pbc */ + WIFI_WPS_PBC = 0, + /** Get WPS pin number */ + WIFI_WPS_PIN_GET = 1, + /** Set WPS pin number */ + WIFI_WPS_PIN_SET = 2, +}; + +/** Wi-Fi wps setup */ +struct wifi_wps_config_params { + /** wps operation */ + enum wifi_wps_op oper; + /** pin value*/ + char pin[WIFI_WPS_PIN_MAX_LEN + 1]; +}; + +/** Wi-Fi AP status + */ +enum wifi_hostapd_iface_state { + WIFI_HAPD_IFACE_UNINITIALIZED, + WIFI_HAPD_IFACE_DISABLED, + WIFI_HAPD_IFACE_COUNTRY_UPDATE, + WIFI_HAPD_IFACE_ACS, + WIFI_HAPD_IFACE_HT_SCAN, + WIFI_HAPD_IFACE_DFS, + WIFI_HAPD_IFACE_ENABLED +}; + #include /** Scan result callback @@ -1270,6 +1357,14 @@ struct wifi_mgmt_ops { * @return 0 if ok, < 0 if error */ int (*get_rts_threshold)(const struct device *dev, unsigned int *rts_threshold); + /** Start a WPS PBC/PIN connection + * + * @param dev Pointer to the device structure for the driver instance + * @param params wps operarion parameters + * + * @return 0 if ok, < 0 if error + */ + int (*wps_config)(const struct device *dev, struct wifi_wps_config_params *params); }; /** Wi-Fi management offload API */ diff --git a/modules/hal_nordic/nrfs/CMakeLists.txt b/modules/hal_nordic/nrfs/CMakeLists.txt index c601b8a4233c..f470eea00e9f 100644 --- a/modules/hal_nordic/nrfs/CMakeLists.txt +++ b/modules/hal_nordic/nrfs/CMakeLists.txt @@ -25,6 +25,7 @@ if(CONFIG_NRFS) zephyr_library_sources_ifdef(CONFIG_NRFS_CLOCK_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_clock.c) zephyr_library_sources_ifdef(CONFIG_NRFS_DIAG_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_diag.c) zephyr_library_sources_ifdef(CONFIG_NRFS_DVFS_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_dvfs.c) + zephyr_library_sources_ifdef(CONFIG_NRFS_GDPWR_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_gdpwr.c) zephyr_library_sources_ifdef(CONFIG_NRFS_MRAM_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_mram.c) zephyr_library_sources_ifdef(CONFIG_NRFS_PMIC_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_pmic.c) zephyr_library_sources_ifdef(CONFIG_NRFS_RESET_SERVICE_ENABLED ${SRC_DIR}/services/nrfs_reset.c) diff --git a/modules/hal_nordic/nrfs/Kconfig b/modules/hal_nordic/nrfs/Kconfig index cf7c9be939be..3eee664e480a 100644 --- a/modules/hal_nordic/nrfs/Kconfig +++ b/modules/hal_nordic/nrfs/Kconfig @@ -19,6 +19,9 @@ config NRFS_HAS_DIAG_SERVICE config NRFS_HAS_DVFS_SERVICE bool +config NRFS_HAS_GDPWR_SERVICE + bool + config NRFS_HAS_MRAM_SERVICE bool @@ -113,6 +116,12 @@ config NRFS_CLOCK_SERVICE_ENABLED bool "Clock service" depends on NRFS_HAS_CLOCK_SERVICE default y + +config NRFS_GDPWR_SERVICE_ENABLED + bool "Global domain power request service" + depends on NRFS_HAS_GDPWR_SERVICE + default y + endmenu rsource "backends/Kconfig" diff --git a/modules/hal_nordic/nrfs/nrfs_config.h b/modules/hal_nordic/nrfs/nrfs_config.h index 20cf6cece0e3..a092adb7850f 100644 --- a/modules/hal_nordic/nrfs/nrfs_config.h +++ b/modules/hal_nordic/nrfs/nrfs_config.h @@ -40,6 +40,10 @@ #define NRFS_CLOCK_SERVICE_ENABLED #endif +#ifdef CONFIG_NRFS_GDPWR_SERVICE_ENABLED +#define NRFS_GDPWR_SERVICE_ENABLED +#endif + #ifdef CONFIG_SOC_POSIX #define NRFS_UNIT_TESTS_ENABLED #endif diff --git a/modules/hostap/CMakeLists.txt b/modules/hostap/CMakeLists.txt index 6d6d61cfef45..1a97360b48e6 100644 --- a/modules/hostap/CMakeLists.txt +++ b/modules/hostap/CMakeLists.txt @@ -46,6 +46,7 @@ zephyr_library_compile_definitions( CONFIG_SHA512 CONFIG_CTRL_IFACE_ZEPHYR CONFIG_SUITEB192 + CONFIG_SUITEB ) @@ -204,6 +205,7 @@ zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_AP ${HOSTAP_SRC_BASE}/ap/mbo_ap.c ${HOSTAP_SRC_BASE}/ap/ctrl_iface_ap.c ${HOSTAP_SRC_BASE}/utils/crc32.c + ${HOSTAP_SRC_BASE}/utils/ip_addr.c ) zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_AP @@ -224,7 +226,6 @@ zephyr_include_directories_ifdef(CONFIG_WIFI_NM_HOSTAPD_AP zephyr_library_sources_ifdef(CONFIG_WIFI_NM_HOSTAPD_AP ${HOSTAP_SRC_BASE}/ap/acs.c - ${HOSTAP_SRC_BASE}/utils/ip_addr.c ${WIFI_NM_HOSTAPD_BASE}/config_file.c ${WIFI_NM_HOSTAPD_BASE}/ctrl_iface.c ${WIFI_NM_HOSTAPD_BASE}/ctrl_iface_zephyr.c @@ -241,6 +242,27 @@ zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_HOSTAPD_AP zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE ${HOSTAP_SRC_BASE}/crypto/crypto_none.c ${HOSTAP_SRC_BASE}/crypto/tls_none.c + + # FIXME: why do we need these when crypto is not selected? + ${HOSTAP_SRC_BASE}/crypto/aes-wrap.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal-enc.c + ${HOSTAP_SRC_BASE}/crypto/aes-omac1.c + ${HOSTAP_SRC_BASE}/crypto/md5.c + ${HOSTAP_SRC_BASE}/crypto/md5-internal.c + ${HOSTAP_SRC_BASE}/crypto/sha1.c + ${HOSTAP_SRC_BASE}/crypto/sha1-internal.c + ${HOSTAP_SRC_BASE}/crypto/sha1-pbkdf2.c + ${HOSTAP_SRC_BASE}/crypto/sha1-prf.c + ${HOSTAP_SRC_BASE}/crypto/sha256.c + ${HOSTAP_SRC_BASE}/crypto/sha256-internal.c + ${HOSTAP_SRC_BASE}/crypto/sha256-prf.c + ${HOSTAP_SRC_BASE}/crypto/sha384.c + ${HOSTAP_SRC_BASE}/crypto/sha384-internal.c + ${HOSTAP_SRC_BASE}/crypto/sha384-prf.c + ${HOSTAP_SRC_BASE}/crypto/sha512.c + ${HOSTAP_SRC_BASE}/crypto/sha512-internal.c + ${HOSTAP_SRC_BASE}/crypto/rc4.c ) zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE @@ -323,68 +345,176 @@ zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_WPS ) zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE + ${HOSTAP_SRC_BASE}/eap_common/eap_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE + IEEE8021X_EAPOL + EAP_IKEv2 +) + +zephyr_library_sources_ifdef(CONFIG_EAP_TLS ${HOSTAP_SRC_BASE}/eap_peer/eap_tls.c ${HOSTAP_SRC_BASE}/eap_peer/eap_tls_common.c - ${HOSTAP_SRC_BASE}/eap_common/eap_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_TLS + EAP_TLS +) + +zephyr_library_sources_ifdef(CONFIG_EAP_TTLS + ${HOSTAP_SRC_BASE}/eap_peer/eap_ttls.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_TTLS + EAP_TTLS +) +zephyr_library_sources_ifdef(CONFIG_EAP_PEAP ${HOSTAP_SRC_BASE}/eap_peer/eap_peap.c ${HOSTAP_SRC_BASE}/eap_common/eap_peap_common.c - ${HOSTAP_SRC_BASE}/eap_peer/eap_ttls.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_PEAP + EAP_PEAP +) + +zephyr_library_sources_ifdef(CONFIG_EAP_MD5 ${HOSTAP_SRC_BASE}/eap_peer/eap_md5.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_MD5 + EAP_MD5 +) + +zephyr_library_sources_ifdef(CONFIG_EAP_GTC + ${HOSTAP_SRC_BASE}/eap_peer/eap_gtc.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_GTC + EAP_GTC +) + +zephyr_library_sources_ifdef(CONFIG_EAP_MSCHAPV2 ${HOSTAP_SRC_BASE}/eap_peer/eap_mschapv2.c - ${HOSTAP_SRC_BASE}/eap_common/chap.c ${HOSTAP_SRC_BASE}/eap_peer/mschapv2.c + ${HOSTAP_SRC_BASE}/eap_common/chap.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_MSCHAPV2 + EAP_MSCHAPv2 +) + +zephyr_library_sources_ifdef(CONFIG_EAP_LEAP ${HOSTAP_SRC_BASE}/eap_peer/eap_leap.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_LEAP + EAP_LEAP +) +zephyr_library_sources_ifdef(CONFIG_EAP_PSK ${HOSTAP_SRC_BASE}/eap_peer/eap_psk.c ${HOSTAP_SRC_BASE}/eap_common/eap_psk_common.c +) - ${HOSTAP_SRC_BASE}/eap_peer/eap_fast.c - ${HOSTAP_SRC_BASE}/eap_peer/eap_fast_pac.c - ${HOSTAP_SRC_BASE}/eap_common/eap_fast_common.c +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_PSK + EAP_PSK +) +zephyr_library_sources_ifdef(CONFIG_EAP_PAX ${HOSTAP_SRC_BASE}/eap_peer/eap_pax.c ${HOSTAP_SRC_BASE}/eap_common/eap_pax_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_PAX + EAP_PAX +) +zephyr_library_sources_ifdef(CONFIG_EAP_SAKE ${HOSTAP_SRC_BASE}/eap_peer/eap_sake.c ${HOSTAP_SRC_BASE}/eap_common/eap_sake_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_SAKE + EAP_SAKE +) +zephyr_library_sources_ifdef(CONFIG_EAP_GPSK ${HOSTAP_SRC_BASE}/eap_peer/eap_gpsk.c ${HOSTAP_SRC_BASE}/eap_common/eap_gpsk_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_GPSK + EAP_GPSK +) +zephyr_library_sources_ifdef(CONFIG_EAP_PWD ${HOSTAP_SRC_BASE}/eap_peer/eap_pwd.c ${HOSTAP_SRC_BASE}/eap_common/eap_pwd_common.c +) +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_PWD + EAP_PWD +) + +zephyr_library_sources_ifdef(CONFIG_EAP_EKE ${HOSTAP_SRC_BASE}/eap_peer/eap_eke.c ${HOSTAP_SRC_BASE}/eap_common/eap_eke_common.c +) +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_EKE + EAP_EKE +) + +zephyr_library_sources_ifdef(CONFIG_EAP_IKEV2 ${HOSTAP_SRC_BASE}/eap_peer/eap_ikev2.c ${HOSTAP_SRC_BASE}/eap_peer/ikev2.c ${HOSTAP_SRC_BASE}/eap_common/eap_ikev2_common.c ${HOSTAP_SRC_BASE}/eap_common/ikev2_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_IKEV2 + EAP_IKEV2 +) +zephyr_library_sources_ifdef(CONFIG_EAP_SIM ${HOSTAP_SRC_BASE}/eap_peer/eap_sim.c ${HOSTAP_SRC_BASE}/eap_common/eap_sim_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_SIM + EAP_SIM +) +zephyr_library_sources_ifdef(CONFIG_EAP_AKA ${HOSTAP_SRC_BASE}/eap_peer/eap_aka.c ) -zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE - EAP_TLS - IEEE8021X_EAPOL - EAP_PEAP - EAP_TTLS - EAP_MD5 - EAP_MSCHAPv2 - EAP_LEAP - EAP_PSK - EAP_FAST - EAP_PAX - EAP_SAKE - EAP_GPSK - EAP_PWD - EAP_EKE - EAP_IKEv2 +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_AKA + EAP_AKA +) + +# Needs TLS1.3 and SESSION_TICKETS +zephyr_library_sources_ifdef(CONFIG_EAP_FAST + ${HOSTAP_SRC_BASE}/eap_peer/eap_fast.c + ${HOSTAP_SRC_BASE}/eap_peer/eap_fast_pac.c + ${HOSTAP_SRC_BASE}/eap_common/eap_fast_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_FAST + EAP_FAST +) + +# Needs TLS1.3 and SESSION_TICKETS +zephyr_library_sources_ifdef(CONFIG_EAP_FAST + ${HOSTAP_SRC_BASE}/eap_peer/eap_fast.c + ${HOSTAP_SRC_BASE}/eap_peer/eap_fast_pac.c + ${HOSTAP_SRC_BASE}/eap_common/eap_fast_common.c +) + +zephyr_library_compile_definitions_ifdef(CONFIG_EAP_FAST + EAP_FAST ) zephyr_library_compile_definitions_ifndef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE @@ -482,15 +612,20 @@ zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE ) endif() -if(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT) +if(DEFINED ONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT OR + DEFINED CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS) zephyr_include_directories( ${HOSTAP_BASE}/port/mbedtls ) zephyr_library_sources( ${HOSTAP_SRC_BASE}/crypto/crypto_mbedtls_alt.c - ${HOSTAP_SRC_BASE}/crypto/tls_mbedtls_alt.c ${HOSTAP_SRC_BASE}/crypto/rc4.c + ${HOSTAP_SRC_BASE}/crypto/aes-wrap.c + ${HOSTAP_SRC_BASE}/crypto/aes-unwrap.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal-dec.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal-enc.c ) zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA @@ -501,8 +636,41 @@ zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE ${HOSTAP_SRC_BASE}/crypto/ms_funcs.c ${HOSTAP_SRC_BASE}/crypto/aes-eax.c ${HOSTAP_SRC_BASE}/crypto/md4-internal.c + ${HOSTAP_SRC_BASE}/crypto/sha1-internal.c ${HOSTAP_SRC_BASE}/crypto/fips_prf_internal.c ${HOSTAP_SRC_BASE}/crypto/milenage.c + ${HOSTAP_SRC_BASE}/crypto/tls_mbedtls_alt.c +) + +zephyr_library_sources_ifndef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE + ${HOSTAP_SRC_BASE}/crypto/tls_none.c +) + + +zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_TEST + ${HOSTAP_SRC_BASE}/crypto/crypto_module_tests.c + ${HOSTAP_SRC_BASE}/crypto/fips_prf_internal.c + ${HOSTAP_SRC_BASE}/crypto/sha1-internal.c + ${HOSTAP_SRC_BASE}/crypto/sha1-tlsprf.c +) +endif() + +if(DEFINED CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_NCS_PSA) +zephyr_include_directories( + ${HOSTAP_BASE}/port/mbedtls +) + +zephyr_library_sources( + ${HOSTAP_SRC_BASE}/crypto/aes-wrap.c + ${HOSTAP_SRC_BASE}/crypto/aes-unwrap.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal-dec.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal.c + ${HOSTAP_SRC_BASE}/crypto/aes-internal-enc.c + ${HOSTAP_SRC_BASE}/crypto/rc4.c + ${HOSTAP_SRC_BASE}/crypto/crypto_mbedtls_alt.c + ${HOSTAP_SRC_BASE}/crypto/tls_mbedtls_alt.c + ${HOSTAP_SRC_BASE}/crypto/sha256-kdf.c + ${HOSTAP_BASE}/port/mbedtls/supp_psa_api.c ) endif() @@ -515,8 +683,4 @@ if(CONFIG_SAE_PWE_EARLY_EXIT) "please use it carefully and do not use it production.") endif() -zephyr_library_compile_definitions_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT - MBEDTLS_NIST_KW_C -) - endif() diff --git a/modules/hostap/Kconfig b/modules/hostap/Kconfig index b329cd2e4f07..f6c75f1a46cf 100644 --- a/modules/hostap/Kconfig +++ b/modules/hostap/Kconfig @@ -23,13 +23,13 @@ config WIFI_NM_WPA_SUPPLICANT if WIFI_NM_WPA_SUPPLICANT -config COMMON_LIBC_MALLOC_ARENA_SIZE - default 85000 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE && !MBEDTLS_ENABLE_HEAP - default 40000 if WIFI_NM_WPA_SUPPLICANT_AP +config HEAP_MEM_POOL_ADD_SIZE_HOSTAP + def_int 85000 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE && !MBEDTLS_ENABLE_HEAP + def_int 40000 if WIFI_NM_WPA_SUPPLICANT_AP # 8192 for MbedTLS heap - default 21808 if MBEDTLS_ENABLE_HEAP + def_int 21808 if MBEDTLS_ENABLE_HEAP # 30K is mandatory, but might need more for long duration use cases - default 30000 + def_int 30000 config WIFI_NM_WPA_SUPPLICANT_THREAD_STACK_SIZE int "Stack size for wpa_supplicant thread" @@ -109,8 +109,9 @@ config WIFI_NM_WPA_SUPPLICANT_WEP choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND prompt "WPA supplicant crypto implementation" - default WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS - default WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA if SOC_SERIES_NRF54LX + default WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_NCS_PSA if SOC_SERIES_NRF54HX + default WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA if SOC_SERIES_NRF54LX || BUILD_WITH_TFM + default WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS help Select the crypto implementation to use for WPA supplicant. WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT supports enterprise mode @@ -211,6 +212,82 @@ config WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA select MBEDTLS_PKCS5_C select MBEDTLS_ECP_DP_SECP256R1_ENABLED +config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS + bool "Legacy Crypto support for WiFi using nRF security" + select MBEDTLS + select NRF_SECURITY + select MBEDTLS_CIPHER_MODE_CBC + select MBEDTLS_CIPHER_MODE_CTR + select MBEDTLS_LEGACY_CRYPTO_C + select MBEDTLS_ENTROPY_C + select MBEDTLS_CIPHER + select MBEDTLS_ECP_C + select MBEDTLS_CTR_DRBG_C + select MBEDTLS_PK_WRITE_C + select MBEDTLS_HKDF_C + select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED + select MBEDTLS_MD_C + select MBEDTLS_MD5_C + select MBEDTLS_ENTROPY_C + select MBEDTLS_CIPHER_PADDING_PKCS7 + select MBEDTLS_PKCS5_C + +config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS_PSA + bool "Legacy Crypto support for WiFi using nRF security" + select MBEDTLS + select NRF_SECURITY + select PSA_WANT_GENERATE_RANDOM + select MBEDTLS_CIPHER_MODE_CBC + select MBEDTLS_CIPHER_MODE_CTR + select MBEDTLS_LEGACY_CRYPTO_C + select MBEDTLS_SHA1_C + select MBEDTLS_ECP_C + select MBEDTLS_CTR_DRBG_C + select MBEDTLS_PK_C + select MBEDTLS_PKCS5_C + select MBEDTLS_PK_PARSE_C + select MBEDTLS_CMAC_C + select MBEDTLS_CIPHER_PADDING_PKCS7 + select MBEDTLS_PK_WRITE_C + select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED + select MBEDTLS_ENTROPY_C + +config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_NCS_PSA + bool "PSA Crypto support for WiFi WPA2 using nRF security" + select MBEDTLS + select NRF_SECURITY + select PSA_WANT_GENERATE_RANDOM + select MBEDTLS_TLS_LIBRARY + select MBEDTLS_PK_C + select MBEDTLS_PK_WRITE_C + select MBEDTLS_X509_LIBRARY + select MBEDTLS_X509_CRT_PARSE_C + select MBEDTLS_SSL_TLS_C + select MBEDTLS_ENABLE_HEAP + select MBEDTLS_PSA_CRYPTO_C + select MBEDTLS_USE_PSA_CRYPTO + select PSA_WANT_ALG_HMAC + select PSA_WANT_ALG_CMAC + select PSA_WANT_ALG_ECB_NO_PADDING + select PSA_WANT_ALG_CBC_PKCS7 + select PSA_ACCEL_CBC_MAC_AES_128 + select PSA_ACCEL_CBC_MAC_AES_192 + select PSA_ACCEL_CBC_MAC_AES_256 + select PSA_WANT_ALG_CCM + select PSA_WANT_ALG_GCM + select PSA_WANT_ALG_CTR + select PSA_WANT_ALG_MD5 + select PSA_ACCEL_MD5 + select PSA_WANT_ALG_SHA_1 + select PSA_WANT_ALG_SHA_256 + select PSA_WANT_ALG_SHA_224 + select PSA_WANT_ALG_SHA_384 + select PSA_WANT_ALG_SHA_512 + select PSA_WANT_ALG_PBKDF2_HMAC + select PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 + select PSA_WANT_KEY_TYPE_AES + select PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY + config WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE bool "No Crypto support for WiFi" @@ -218,17 +295,81 @@ endchoice config WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA bool "Crypto Platform Secure Architecture support for WiFi" + default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_NCS_PSA help Support Mbedtls 3.x to use PSA apis instead of legacy apis. config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE bool "Enterprise Crypto support for WiFi" - select MBEDTLS_PEM_CERTIFICATE_FORMAT - depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE + select MBEDTLS_ECDH_C + select MBEDTLS_ECDSA_C + select MBEDTLS_DHM_C + select MBEDTLS_SSL_TLS_C + select MBEDTLS_SSL_SRV_C + select MBEDTLS_SSL_CLI_C + select MBEDTLS_X509_LIBRARY + select MBEDTLS_TLS_LIBRARY + select MBEDTLS_X509_CRL_PARSE_C + select MBEDTLS_TLS_VERSION_1_2 + select MBEDTLS_RSA_C + depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE && !WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_NCS_PSA + +config EAP_TLS + bool "EAP-TLS support" + +config EAP_TTLS + bool "EAP-TTLS support" + +config EAP_PEAP + bool "EAP-PEAP support" + +config EAP_MD5 + bool "EAP-MD5 support" + +config EAP_GTC + bool "EAP-GTC support" + +config EAP_MSCHAPV2 + bool "EAP-MSCHAPv2 support" + +config EAP_LEAP + bool "EAP-LEAP support" + +config EAP_PSK + bool "EAP-PSK support" + +config EAP_PAX + bool "EAP-PAX support" + +config EAP_SAKE + bool "EAP-SAKE support" + +config EAP_GPSK + bool "EAP-GPSK support" + +config EAP_PWD + bool "EAP-PWD support" + +config EAP_EKE + bool "EAP-EKE support" + +config EAP_IKEV2 + bool "EAP-IKEv2 support" + +config EAP_SIM + bool "EAP-SIM support" + +config EAP_AKA + bool "EAP-AKA support" + +config EAP_ALL + bool "All EAP methods support" + select EAP_TLS + default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE config WIFI_NM_WPA_SUPPLICANT_WPA3 bool "WPA3 support" - depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE + depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE && !WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_NCS_PSA default y config WIFI_NM_WPA_SUPPLICANT_AP @@ -242,6 +383,7 @@ config WIFI_NM_WPA_SUPPLICANT_P2P bool "P2P mode support" select WIFI_NM_WPA_SUPPLICANT_AP select WIFI_NM_WPA_SUPPLICANT_WPS + select WIFI_NM_WPA_SUPPLICANT_EAPOL config WIFI_NM_WPA_SUPPLICANT_EAPOL bool "EAPoL supplicant" @@ -434,9 +576,6 @@ config EAP_EKE config EAP_IKEv2 bool -config IEEE8021X_EAPOL - bool - config CRYPTO_INTERNAL bool @@ -464,6 +603,9 @@ config SHA512 config SUITEB192 bool +config SUITEB + bool + config WEP bool default y if WIFI_NM_WPA_SUPPLICANT_WEP @@ -533,4 +675,15 @@ config SAE_PWE_EARLY_EXIT this can be intensive, so, add an option to exit early. Note that this is highly insecure and shouldn't be used in production +config WIFI_NM_WPA_SUPPLICANT_CRYPTO_TEST + bool + depends on WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA + +config WIFI_NM_WPA_CTRL_RESP_TIMEOUT_S + int "WPA supplicant control interface response timeout in seconds" + default 15 + help + Timeout for the control interface commands to get a response from the + supplicant. + endif # WIFI_NM_WPA_SUPPLICANT diff --git a/modules/hostap/src/supp_api.c b/modules/hostap/src/supp_api.c index 049223b69565..52772b4becfc 100644 --- a/modules/hostap/src/supp_api.c +++ b/modules/hostap/src/supp_api.c @@ -35,7 +35,9 @@ static struct wifi_connect_req_params last_wifi_conn_params; enum requested_ops { CONNECT = 0, - DISCONNECT + DISCONNECT, + WPS_PBC, + WPS_PIN, }; enum status_thread_state { @@ -269,7 +271,7 @@ static int wpa_supp_supported_channels(struct wpa_supplicant *wpa_s, uint8_t ban } size = ((mode->num_channels) * CHAN_NUM_LEN) + 1; - _chan_list = k_malloc(size); + _chan_list = os_malloc(size); if (!_chan_list) { wpa_printf(MSG_ERROR, "Mem alloc failed for channel list"); return -ENOMEM; @@ -360,6 +362,10 @@ static inline enum wifi_frequency_bands wpas_band_to_zephyr(enum wpa_radio_work_ static inline enum wifi_security_type wpas_key_mgmt_to_zephyr(int key_mgmt, int proto) { switch (key_mgmt) { + case WPA_KEY_MGMT_IEEE8021X: + case WPA_KEY_MGMT_IEEE8021X_SUITE_B: + case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: + return WIFI_SECURITY_TYPE_EAP_TLS; case WPA_KEY_MGMT_NONE: return WIFI_SECURITY_TYPE_NONE; case WPA_KEY_MGMT_PSK: @@ -372,6 +378,8 @@ static inline enum wifi_security_type wpas_key_mgmt_to_zephyr(int key_mgmt, int return WIFI_SECURITY_TYPE_PSK_SHA256; case WPA_KEY_MGMT_SAE: return WIFI_SECURITY_TYPE_SAE; + case WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_PSK: + return WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL; default: return WIFI_SECURITY_TYPE_UNKNOWN; } @@ -430,6 +438,100 @@ static int wpas_config_process_blob(struct wpa_config *config, char *name, uint8 return 0; } + +static const struct wifi_cipher_desc ciphers[] = { + {WPA_CAPA_ENC_GCMP_256, "GCMP-256"}, + {WPA_CAPA_ENC_CCMP, "CCMP"}, + {WPA_CAPA_ENC_GCMP, "GCMP"}, +}; + +static const struct wifi_cipher_desc ciphers_group_mgmt[] = { + {WPA_CAPA_ENC_BIP, "AES-128-CMAC"}, + {WPA_CAPA_ENC_BIP_GMAC_128, "BIP-GMAC-128"}, + {WPA_CAPA_ENC_BIP_GMAC_256, "BIP-GMAC-256"}, +}; + +static struct wifi_eap_config eap_config[] = { + {WIFI_SECURITY_TYPE_EAP_TLS, WIFI_EAP_TYPE_TLS, WIFI_EAP_TYPE_NONE, "TLS", NULL}, + {WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2, WIFI_EAP_TYPE_PEAP, WIFI_EAP_TYPE_MSCHAPV2, "PEAP", + "auth=MSCHAPV2"}, + {WIFI_SECURITY_TYPE_EAP_PEAP_GTC, WIFI_EAP_TYPE_PEAP, WIFI_EAP_TYPE_GTC, "PEAP", + "auth=GTC"}, + {WIFI_SECURITY_TYPE_EAP_TTLS_MSCHAPV2, WIFI_EAP_TYPE_TTLS, WIFI_EAP_TYPE_NONE, "TTLS", + "auth=MSCHAPV2"}, + {WIFI_SECURITY_TYPE_EAP_PEAP_TLS, WIFI_EAP_TYPE_PEAP, WIFI_EAP_TYPE_TLS, "PEAP", + "auth=TLS"}, + {WIFI_SECURITY_TYPE_EAP_TLS_SHA256, WIFI_EAP_TYPE_TLS, WIFI_EAP_TYPE_NONE, "TLS", NULL}, +}; + +int process_cipher_config(struct wifi_connect_req_params *params, + struct wifi_eap_cipher_config *cipher_config) +{ + unsigned int cipher_capa; + unsigned int gropu_mgmt_cipher_capa; + unsigned int index; + + if (params->suiteb_type == WIFI_SUITEB) { + cipher_capa = WPA_CAPA_ENC_GCMP; + gropu_mgmt_cipher_capa = WPA_CAPA_ENC_BIP_GMAC_128; + cipher_config->key_mgmt = "WPA-EAP-SUITE-B"; + cipher_config->openssl_ciphers = "SUITEB128"; + cipher_config->tls_flags = "[SUITEB]"; + } else if (params->suiteb_type == WIFI_SUITEB_192) { + cipher_capa = WPA_CAPA_ENC_GCMP_256; + gropu_mgmt_cipher_capa = WPA_CAPA_ENC_BIP_GMAC_256; + cipher_config->key_mgmt = "WPA-EAP-SUITE-B-192"; + cipher_config->openssl_ciphers = "SUITEB192"; + cipher_config->tls_flags = "[SUITEB]"; + } else { + cipher_capa = WPA_CAPA_ENC_CCMP; + gropu_mgmt_cipher_capa = WPA_CAPA_ENC_BIP; + cipher_config->key_mgmt = "WPA-EAP"; + } + + if (params->security == WIFI_SECURITY_TYPE_EAP_TLS_SHA256) { + cipher_config->key_mgmt = "WPA-EAP-SHA256"; + } + + for (index = 0; index < ARRAY_SIZE(ciphers); index++) { + if (cipher_capa == ciphers[index].capa) { + cipher_config->group_cipher = ciphers[index].name; + cipher_config->pairwise_cipher = ciphers[index].name; + break; + } + } + + if (index == ARRAY_SIZE(ciphers)) { + wpa_printf(MSG_ERROR, "Get ciphers error"); + goto out; + } + + for (index = 0; index < ARRAY_SIZE(ciphers_group_mgmt); index++) { + if (gropu_mgmt_cipher_capa == ciphers_group_mgmt[index].capa) { + cipher_config->group_mgmt_cipher = ciphers_group_mgmt[index].name; + break; + } + } + + if (index == ARRAY_SIZE(ciphers_group_mgmt)) { + wpa_printf(MSG_ERROR, "Get group mgmt ciphers error"); + goto out; + } + + return 0; +out: + return -EINVAL; +} + +static int is_eap_valid_security(int security) +{ + return (security == WIFI_SECURITY_TYPE_EAP_TLS || + security == WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2 || + security == WIFI_SECURITY_TYPE_EAP_PEAP_GTC || + security == WIFI_SECURITY_TYPE_EAP_TTLS_MSCHAPV2 || + security == WIFI_SECURITY_TYPE_EAP_PEAP_TLS || + security == WIFI_SECURITY_TYPE_EAP_TLS_SHA256); +} #endif static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, @@ -443,6 +545,14 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, uint8_t ssid_null_terminated[WIFI_SSID_MAX_LEN + 1]; uint8_t psk_null_terminated[WIFI_PSK_MAX_LEN + 1]; uint8_t sae_null_terminated[WIFI_SAE_PSWD_MAX_LEN + 1]; +#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE + struct wifi_eap_cipher_config cipher_config = {NULL, "DEFAULT:!EXP:!LOW", "CCMP", + "CCMP", "AES-128-CMAC", NULL}; + char *method; + char phase1[128] = {0}; + char *phase2 = NULL; + unsigned int index; +#endif if (!wpa_cli_cmd_v("remove_network all")) { goto out; @@ -496,26 +606,16 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, if (chan_list) { if (!wpa_cli_cmd_v("set_network %d scan_freq%s", resp.network_id, chan_list)) { - k_free(chan_list); + os_free(chan_list); goto out; } - k_free(chan_list); + os_free(chan_list); } } if (params->security != WIFI_SECURITY_TYPE_NONE) { - if (params->sae_password) { - if ((params->sae_password_length < WIFI_PSK_MIN_LEN) || - (params->sae_password_length > WIFI_SAE_PSWD_MAX_LEN)) { - wpa_printf(MSG_ERROR, - "Passphrase should be in range (%d-%d) characters", - WIFI_PSK_MIN_LEN, WIFI_SAE_PSWD_MAX_LEN); - goto out; - } - strncpy(sae_null_terminated, params->sae_password, WIFI_SAE_PSWD_MAX_LEN); - sae_null_terminated[params->sae_password_length] = '\0'; - } else { + if (params->psk) { if ((params->psk_length < WIFI_PSK_MIN_LEN) || (params->psk_length > WIFI_PSK_MAX_LEN)) { wpa_printf(MSG_ERROR, @@ -547,6 +647,16 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, params->security == WIFI_SECURITY_TYPE_SAE_H2E || params->security == WIFI_SECURITY_TYPE_SAE_AUTO) { if (params->sae_password) { + if ((params->sae_password_length < WIFI_PSK_MIN_LEN) || + (params->sae_password_length > WIFI_SAE_PSWD_MAX_LEN)) { + wpa_printf(MSG_ERROR, + "Passphrase should be in range (%d-%d) characters", + WIFI_PSK_MIN_LEN, WIFI_SAE_PSWD_MAX_LEN); + goto out; + } + strncpy(sae_null_terminated, params->sae_password, + WIFI_SAE_PSWD_MAX_LEN); + sae_null_terminated[params->sae_password_length] = '\0'; if (!wpa_cli_cmd_v("set_network %d sae_password \"%s\"", resp.network_id, sae_null_terminated)) { goto out; @@ -599,23 +709,120 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, goto out; } } -#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE - } else if (params->security == WIFI_SECURITY_TYPE_EAP_TLS) { - if (!wpa_cli_cmd_v("set_network %d key_mgmt WPA-EAP", + } else if (params->security == WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL) { + if (!wpa_cli_cmd_v("set_network %d psk \"%s\"", resp.network_id, + psk_null_terminated)) { + goto out; + } + + if (params->sae_password) { + if (!wpa_cli_cmd_v("set_network %d sae_password \"%s\"", + resp.network_id, sae_null_terminated)) { + goto out; + } + } else { + if (!wpa_cli_cmd_v("set_network %d sae_password \"%s\"", + resp.network_id, psk_null_terminated)) { + goto out; + } + } + + if (!wpa_cli_cmd_v("set sae_pwe 2")) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d key_mgmt WPA-PSK SAE", resp.network_id)) { goto out; } +#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE + } else if (is_eap_valid_security(params->security)) { + if (process_cipher_config(params, &cipher_config)) { + goto out; + } + + for (index = 0; index < ARRAY_SIZE(eap_config); index++) { + if (params->security == eap_config[index].type) { + method = eap_config[index].method; + phase2 = eap_config[index].phase2; + break; + } + } + + if (index == ARRAY_SIZE(eap_config)) { + wpa_printf(MSG_ERROR, "Get eap method error with security type: %d", + params->security); + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d key_mgmt %s", resp.network_id, + cipher_config.key_mgmt)) { + goto out; + } + + if (!wpa_cli_cmd_v("set openssl_ciphers \"%s\"", + cipher_config.openssl_ciphers)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d group %s", resp.network_id, + cipher_config.group_cipher)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d pairwise %s", resp.network_id, + cipher_config.pairwise_cipher)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d group_mgmt %s", resp.network_id, + cipher_config.group_mgmt_cipher)) { + goto out; + } if (!wpa_cli_cmd_v("set_network %d proto RSN", resp.network_id)) { goto out; } - if (!wpa_cli_cmd_v("set_network %d eap TLS", - resp.network_id)) { + if (!wpa_cli_cmd_v("set_network %d eap %s", resp.network_id, method)) { goto out; } + if (params->security == WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2 || + params->security == WIFI_SECURITY_TYPE_EAP_PEAP_GTC || + params->security == WIFI_SECURITY_TYPE_EAP_PEAP_TLS) { + snprintk(phase1, sizeof(phase1), + "peapver=%d peaplabel=0 crypto_binding=0", + params->eap_ver); + + if (!wpa_cli_cmd_v("set_network %d phase1 \"%s\"", resp.network_id, + &phase1[0])) { + goto out; + } + } + + if (phase2 != NULL) { + if (!wpa_cli_cmd_v("set_network %d phase2 \"%s\"", resp.network_id, + phase2)) { + goto out; + } + } + + if (params->eap_id_length > 0) { + if (!wpa_cli_cmd_v("set_network %d identity \"%s\"", + resp.network_id, params->eap_identity)) { + goto out; + } + } + + if (params->eap_passwd_length > 0) { + if (!wpa_cli_cmd_v("set_network %d password \"%s\"", + resp.network_id, params->eap_password)) { + goto out; + } + } + if (!wpa_cli_cmd_v("set_network %d anonymous_identity \"%s\"", resp.network_id, params->anon_id)) { goto out; @@ -658,6 +865,44 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s, resp.network_id, params->key_passwd)) { goto out; } + + if (wpas_config_process_blob(wpa_s->conf, "ca_cert2", + enterprise_creds.ca_cert2, + enterprise_creds.ca_cert2_len)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d ca_cert2 \"blob://ca_cert2\"", + resp.network_id)) { + goto out; + } + + if (wpas_config_process_blob(wpa_s->conf, "client_cert2", + enterprise_creds.client_cert2, + enterprise_creds.client_cert2_len)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d client_cert2 \"blob://client_cert2\"", + resp.network_id)) { + goto out; + } + + if (wpas_config_process_blob(wpa_s->conf, "private_key2", + enterprise_creds.client_key2, + enterprise_creds.client_key2_len)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d private_key2 \"blob://private_key2\"", + resp.network_id)) { + goto out; + } + + if (!wpa_cli_cmd_v("set_network %d private_key2_passwd \"%s\"", + resp.network_id, params->key2_passwd)) { + goto out; + } #endif } else { ret = -1; @@ -810,6 +1055,10 @@ static int wpas_disconnect_network(const struct device *dev, int cur_mode) wifi_mgmt_raise_disconnect_complete_event(iface, ret); } + if (!wpa_cli_cmd_v("remove_network all")) { + wpa_printf(MSG_ERROR, "Failed to remove all networks"); + } + return ret; } @@ -867,6 +1116,45 @@ int supplicant_disconnect(const struct device *dev) return wpas_disconnect_network(dev, WPAS_MODE_INFRA); } +static enum wifi_mfp_options get_mfp(enum mfp_options supp_mfp_option) +{ + switch (supp_mfp_option) { + case NO_MGMT_FRAME_PROTECTION: + return WIFI_MFP_DISABLE; + case MGMT_FRAME_PROTECTION_OPTIONAL: + return WIFI_MFP_OPTIONAL; + case MGMT_FRAME_PROTECTION_REQUIRED: + return WIFI_MFP_REQUIRED; + default: + wpa_printf(MSG_ERROR, "Invalid mfp mapping %d", supp_mfp_option); + break; + } + + return WIFI_MFP_DISABLE; +} + +static enum wifi_iface_mode get_iface_mode(enum wpas_mode supp_mode) +{ + switch (supp_mode) { + case WPAS_MODE_INFRA: + return WIFI_MODE_INFRA; + case WPAS_MODE_IBSS: + return WIFI_MODE_IBSS; + case WPAS_MODE_AP: + return WIFI_MODE_AP; + case WPAS_MODE_P2P_GO: + return WIFI_MODE_P2P_GO; + case WPAS_MODE_P2P_GROUP_FORMATION: + return WIFI_MODE_P2P_GROUP_FORMATION; + case WPAS_MODE_MESH: + return WIFI_MODE_MESH; + default: + break; + } + + return WIFI_MODE_UNKNOWN; +} + int supplicant_status(const struct device *dev, struct wifi_iface_status *status) { struct net_if *iface = net_if_lookup_by_dev(dev); @@ -920,7 +1208,7 @@ int supplicant_status(const struct device *dev, struct wifi_iface_status *status os_memcpy(status->bssid, wpa_s->bssid, WIFI_MAC_ADDR_LEN); status->band = wpas_band_to_zephyr(wpas_freq_to_band(wpa_s->assoc_freq)); status->security = wpas_key_mgmt_to_zephyr(key_mgmt, proto); - status->mfp = ssid->ieee80211w; /* Same mapping */ + status->mfp = get_mfp(ssid->ieee80211w); ieee80211_freq_to_chan(wpa_s->assoc_freq, &channel); status->channel = channel; @@ -938,7 +1226,7 @@ int supplicant_status(const struct device *dev, struct wifi_iface_status *status os_memcpy(status->ssid, _ssid, ssid_len); status->ssid_len = ssid_len; - status->iface_mode = ssid->mode; + status->iface_mode = get_iface_mode(ssid->mode); if (wpa_s->connection_set == 1) { status->link_mode = wpa_s->connection_he ? WIFI_6 : @@ -1137,13 +1425,44 @@ int supplicant_reg_domain(const struct device *dev, struct wifi_reg_domain *reg_domain) { const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); + struct wpa_supplicant *wpa_s; + int ret = -1; if (!wifi_mgmt_api || !wifi_mgmt_api->reg_domain) { wpa_printf(MSG_ERROR, "Regulatory domain not supported"); return -ENOTSUP; } - return wifi_mgmt_api->reg_domain(dev, reg_domain); + if (reg_domain->oper == WIFI_MGMT_GET) { + return wifi_mgmt_api->reg_domain(dev, reg_domain); + } + + if (reg_domain->oper == WIFI_MGMT_SET) { + k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); + + wpa_s = get_wpa_s_handle(dev); + if (!wpa_s) { + wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); + goto out; + } + + if (!wpa_cli_cmd_v("set country %s", reg_domain->country_code)) { + goto out; + } + +#ifdef CONFIG_WIFI_NM_HOSTAPD_AP + if (!hostapd_cli_cmd_v("set country_code %s", reg_domain->country_code)) { + goto out; + } +#endif + + ret = 0; + +out: + k_mutex_unlock(&wpa_supplicant_mutex); + } + + return ret; } int supplicant_mode(const struct device *dev, struct wifi_mode_info *mode) @@ -1255,6 +1574,91 @@ int supplicant_get_wifi_conn_params(const struct device *dev, return ret; } +static int supplicant_wps_pbc(const struct device *dev) +{ + struct wpa_supplicant *wpa_s; + int ret = -1; + + k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); + + wpa_s = get_wpa_s_handle(dev); + if (!wpa_s) { + ret = -1; + wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); + goto out; + } + + if (!wpa_cli_cmd_v("wps_pbc")) { + goto out; + } + + wpas_api_ctrl.dev = dev; + wpas_api_ctrl.requested_op = WPS_PBC; + + ret = 0; + +out: + k_mutex_unlock(&wpa_supplicant_mutex); + + return ret; +} + +static int supplicant_wps_pin(const struct device *dev, struct wifi_wps_config_params *params) +{ + struct wpa_supplicant *wpa_s; + char *get_pin_cmd = "WPS_PIN get"; + int ret = -1; + + k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); + + wpa_s = get_wpa_s_handle(dev); + if (!wpa_s) { + ret = -1; + wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); + goto out; + } + + if (params->oper == WIFI_WPS_PIN_GET) { + if (zephyr_wpa_cli_cmd_resp(get_pin_cmd, params->pin)) { + goto out; + } + } else if (params->oper == WIFI_WPS_PIN_SET) { + if (!wpa_cli_cmd_v("wps_check_pin %s", params->pin)) { + goto out; + } + + if (!wpa_cli_cmd_v("wps_pin any %s", params->pin)) { + goto out; + } + + wpas_api_ctrl.dev = dev; + wpas_api_ctrl.requested_op = WPS_PIN; + } else { + wpa_printf(MSG_ERROR, "Error wps pin operation : %d", params->oper); + goto out; + } + + ret = 0; + +out: + k_mutex_unlock(&wpa_supplicant_mutex); + + return ret; +} + +int supplicant_wps_config(const struct device *dev, struct wifi_wps_config_params *params) +{ + int ret = 0; + + if (params->oper == WIFI_WPS_PBC) { + ret = supplicant_wps_pbc(dev); + } else if (params->oper == WIFI_WPS_PIN_GET || params->oper == WIFI_WPS_PIN_SET) { + ret = supplicant_wps_pin(dev, params); + } + + return ret; +} + #ifdef CONFIG_AP #ifdef CONFIG_WIFI_NM_HOSTAPD_AP int hapd_state(const struct device *dev, int *state) @@ -1322,7 +1726,7 @@ int hapd_config_network(struct hostapd_iface *iface, if (!hostapd_cli_cmd_v("set wpa_key_mgmt WPA-PSK")) { goto out; } - if (!hostapd_cli_cmd_v("set wpa_passphrase \"%s\"", params->psk)) { + if (!hostapd_cli_cmd_v("set wpa_passphrase %s", params->psk)) { goto out; } if (!hostapd_cli_cmd_v("set wpa_pairwise CCMP")) { @@ -1335,7 +1739,7 @@ int hapd_config_network(struct hostapd_iface *iface, if (!hostapd_cli_cmd_v("set wpa_key_mgmt WPA-PSK")) { goto out; } - if (!hostapd_cli_cmd_v("set wpa_passphrase \"%s\"", params->psk)) { + if (!hostapd_cli_cmd_v("set wpa_passphrase %s", params->psk)) { goto out; } if (!hostapd_cli_cmd_v("set rsn_pairwise CCMP")) { @@ -1348,7 +1752,7 @@ int hapd_config_network(struct hostapd_iface *iface, if (!hostapd_cli_cmd_v("set wpa_key_mgmt WPA-PSK-SHA256")) { goto out; } - if (!hostapd_cli_cmd_v("set wpa_passphrase \"%s\"", params->psk)) { + if (!hostapd_cli_cmd_v("set wpa_passphrase %s", params->psk)) { goto out; } if (!hostapd_cli_cmd_v("set rsn_pairwise CCMP")) { @@ -1361,7 +1765,7 @@ int hapd_config_network(struct hostapd_iface *iface, if (!hostapd_cli_cmd_v("set wpa_key_mgmt SAE")) { goto out; } - if (!hostapd_cli_cmd_v("set sae_password \"%s\"", + if (!hostapd_cli_cmd_v("set sae_password %s", params->sae_password ? params->sae_password : params->psk)) { goto out; @@ -1372,7 +1776,32 @@ int hapd_config_network(struct hostapd_iface *iface, if (!hostapd_cli_cmd_v("set sae_pwe 2")) { goto out; } - iface->bss[0]->conf->sae_pwe = 2; + } else if (params->security == WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL) { + if (!hostapd_cli_cmd_v("set wpa 2")) { + goto out; + } + + if (!hostapd_cli_cmd_v("set wpa_key_mgmt WPA-PSK SAE")) { + goto out; + } + + if (!hostapd_cli_cmd_v("set wpa_passphrase \"%s\"", params->psk)) { + goto out; + } + + if (!hostapd_cli_cmd_v("set sae_password \"%s\"", + params->sae_password ? params->sae_password + : params->psk)) { + goto out; + } + + if (!hostapd_cli_cmd_v("set rsn_pairwise CCMP")) { + goto out; + } + + if (!hostapd_cli_cmd_v("set sae_pwe 2")) { + goto out; + } } else if (params->security == WIFI_SECURITY_TYPE_DPP) { if (!hostapd_cli_cmd_v("set wpa 2")) { goto out; @@ -1397,7 +1826,7 @@ int hapd_config_network(struct hostapd_iface *iface, if (!hostapd_cli_cmd_v("set wpa 0")) { goto out; } - iface->bss[0]->conf->wpa_key_mgmt = 0; + iface->bss[0]->conf->wpa_key_mgmt = WPA_KEY_MGMT_NONE; } if (!hostapd_cli_cmd_v("set ieee80211w %d", params->mfp)) { @@ -1406,7 +1835,132 @@ int hapd_config_network(struct hostapd_iface *iface, out: return ret; } -#endif + +int supplicant_ap_config_params(const struct device *dev, struct wifi_ap_config_params *params) +{ + struct hostapd_iface *iface; + const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_mgmt_api(dev); + int ret = 0; + + if (params->type & WIFI_AP_CONFIG_PARAM_MAX_INACTIVITY) { + if (!wifi_mgmt_api || !wifi_mgmt_api->ap_config_params) { + wpa_printf(MSG_ERROR, "ap_config_params not supported"); + return -ENOTSUP; + } + + ret = wifi_mgmt_api->ap_config_params(dev, params); + if (ret) { + wpa_printf(MSG_ERROR, + "Failed to set maximum inactivity duration for stations"); + } else { + wpa_printf(MSG_INFO, "Set maximum inactivity duration for stations: %d (s)", + params->max_inactivity); + } + } + if (params->type & WIFI_AP_CONFIG_PARAM_MAX_NUM_STA) { + k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); + + iface = get_hostapd_handle(dev); + if (!iface) { + ret = -ENOENT; + wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); + goto out; + } + + if (iface->state > HAPD_IFACE_DISABLED) { + ret = -EBUSY; + wpa_printf(MSG_ERROR, "Interface %s is not in disable state", dev->name); + goto out; + } + + if (!hostapd_cli_cmd_v("set max_num_sta %d", params->max_num_sta)) { + ret = -EINVAL; + wpa_printf(MSG_ERROR, "Failed to set maximum number of stations"); + goto out; + } + wpa_printf(MSG_INFO, "Set maximum number of stations: %d", params->max_num_sta); + +out: + k_mutex_unlock(&wpa_supplicant_mutex); + } + + return ret; +} + +int supplicant_ap_status(const struct device *dev, struct wifi_iface_status *status) +{ + int ret = 0; + struct hostapd_iface *iface; + struct hostapd_config *conf; + struct hostapd_data *hapd; + struct hostapd_bss_config *bss; + struct hostapd_ssid *ssid; + struct hostapd_hw_modes *hw_mode; + int proto; /* Wi-Fi secure protocol */ + int key_mgmt; /* Wi-Fi key management */ + + k_mutex_lock(&wpa_supplicant_mutex, K_FOREVER); + + iface = get_hostapd_handle(dev); + if (!iface) { + ret = -1; + wpa_printf(MSG_ERROR, "Interface %s not found", dev->name); + goto out; + } + + conf = iface->conf; + if (!conf) { + ret = -1; + wpa_printf(MSG_ERROR, "Conf %s not found", dev->name); + goto out; + } + + bss = conf->bss[0]; + if (!bss) { + ret = -1; + wpa_printf(MSG_ERROR, "Bss_conf %s not found", dev->name); + goto out; + } + + hapd = iface->bss[0]; + if (!hapd) { + ret = -1; + wpa_printf(MSG_ERROR, "Bss %s not found", dev->name); + goto out; + } + + status->state = iface->state; + ssid = &bss->ssid; + + os_memcpy(status->bssid, hapd->own_addr, WIFI_MAC_ADDR_LEN); + status->iface_mode = WIFI_MODE_AP; + status->band = wpas_band_to_zephyr(wpas_freq_to_band(iface->freq)); + key_mgmt = bss->wpa_key_mgmt; + proto = bss->wpa; + status->security = wpas_key_mgmt_to_zephyr(key_mgmt, proto); + status->mfp = get_mfp(bss->ieee80211w); + status->channel = conf->channel; + os_memcpy(status->ssid, ssid->ssid, ssid->ssid_len); + + status->dtim_period = bss->dtim_period; + status->beacon_interval = conf->beacon_int; + + hw_mode = iface->current_mode; + + status->link_mode = conf->ieee80211ax ? WIFI_6 + : conf->ieee80211ac ? WIFI_5 + : conf->ieee80211n ? WIFI_4 + : hw_mode->mode == HOSTAPD_MODE_IEEE80211G ? WIFI_3 + : hw_mode->mode == HOSTAPD_MODE_IEEE80211A ? WIFI_2 + : hw_mode->mode == HOSTAPD_MODE_IEEE80211B ? WIFI_1 + : WIFI_0; + status->twt_capable = (hw_mode->he_capab[IEEE80211_MODE_AP].mac_cap[0] & 0x04); + +out: + k_mutex_unlock(&wpa_supplicant_mutex); + return ret; +} +#endif /* CONFIG_WIFI_NM_HOSTAPD_AP */ int supplicant_ap_enable(const struct device *dev, struct wifi_connect_req_params *params) @@ -1437,6 +1991,8 @@ int supplicant_ap_enable(const struct device *dev, goto out; } + iface->owner = iface; + if (iface->state == HAPD_IFACE_ENABLED) { ret = -EBUSY; wpa_printf(MSG_ERROR, "Interface %s is not in disable state", dev->name); @@ -1487,8 +2043,10 @@ int supplicant_ap_enable(const struct device *dev, goto out; } - /* No need to check for existing network to join for SoftAP*/ + /* No need to check for existing network to join for SoftAP */ wpa_s->conf->ap_scan = 2; + /* Set BSS parameter max_num_sta to default configured value */ + wpa_s->conf->max_num_sta = CONFIG_WIFI_MGMT_AP_MAX_NUM_STA; ret = wpas_add_and_config_network(wpa_s, params, true); if (ret) { @@ -1916,7 +2474,6 @@ int supplicant_dpp_dispatch(const struct device *dev, struct wifi_dpp_params *pa os_free(cmd); return 0; } -#endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP */ #ifdef CONFIG_WIFI_NM_HOSTAPD_AP int hapd_dpp_dispatch(const struct device *dev, struct wifi_dpp_params *params) @@ -1950,3 +2507,4 @@ int hapd_dpp_dispatch(const struct device *dev, struct wifi_dpp_params *params) return 0; } #endif /* CONFIG_WIFI_NM_HOSTAPD_AP */ +#endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP */ diff --git a/modules/hostap/src/supp_api.h b/modules/hostap/src/supp_api.h index dbef7b77796d..f6584d861261 100644 --- a/modules/hostap/src/supp_api.h +++ b/modules/hostap/src/supp_api.h @@ -215,6 +215,15 @@ int supplicant_btm_query(const struct device *dev, uint8_t reason); int supplicant_get_wifi_conn_params(const struct device *dev, struct wifi_connect_req_params *params); +/** Start a WPS PBC/PIN connection + * + * @param dev Pointer to the device structure for the driver instance + * @param params wps operarion parameters + * + * @return 0 if ok, < 0 if error + */ +int supplicant_wps_config(const struct device *dev, struct wifi_wps_config_params *params); + #ifdef CONFIG_AP #ifdef CONFIG_WIFI_NM_HOSTAPD_AP /** @@ -225,6 +234,15 @@ int supplicant_get_wifi_conn_params(const struct device *dev, * @return 0 for OK; -1 for ERROR */ int hapd_state(const struct device *dev, int *state); + +/** + * @brief Wi-Fi AP configuration parameter. + * + * @param dev Wi-Fi device + * @param params AP parameters + * @return 0 for OK; -1 for ERROR + */ +int supplicant_ap_config_params(const struct device *dev, struct wifi_ap_config_params *params); #else static inline int hapd_state(const struct device *dev, int *state) { @@ -232,6 +250,15 @@ static inline int hapd_state(const struct device *dev, int *state) } #endif +/** + * @brief Get Wi-Fi SAP status + * + * @param dev Wi-Fi device + * @param status SAP status + * @return 0 for OK; -1 for ERROR + */ +int supplicant_ap_status(const struct device *dev, struct wifi_iface_status *status); + /** * @brief Set Wi-Fi AP configuration * @@ -269,7 +296,6 @@ int supplicant_ap_sta_disconnect(const struct device *dev, * @return 0 for OK; -1 for ERROR */ int supplicant_dpp_dispatch(const struct device *dev, struct wifi_dpp_params *params); -#endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP */ #ifdef CONFIG_WIFI_NM_HOSTAPD_AP /** @@ -281,4 +307,5 @@ int supplicant_dpp_dispatch(const struct device *dev, struct wifi_dpp_params *pa */ int hapd_dpp_dispatch(const struct device *dev, struct wifi_dpp_params *params); #endif /* CONFIG_WIFI_NM_HOSTAPD_AP */ +#endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP */ #endif /* ZEPHYR_SUPP_MGMT_H */ diff --git a/modules/hostap/src/supp_events.c b/modules/hostap/src/supp_events.c index 617779b4d441..9ac472b6bdb4 100644 --- a/modules/hostap/src/supp_events.c +++ b/modules/hostap/src/supp_events.c @@ -386,7 +386,7 @@ int supplicant_send_wifi_mgmt_event(const char *ifname, enum net_event_wifi_cmd (struct wifi_ap_sta_info *)supplicant_status); break; #endif /* CONFIG_AP */ - case NET_EVENT_SUPPLICANT_CMD_INT_EVENT: + case NET_EVENT_WIFI_CMD_SUPPLICANT: event_data.data = &data; if (supplicant_process_status(&event_data, (char *)supplicant_status) > 0) { net_mgmt_event_notify_with_info(NET_EVENT_SUPPLICANT_INT_EVENT, diff --git a/modules/hostap/src/supp_main.c b/modules/hostap/src/supp_main.c index 8a7382c7b39c..826e15e9d8d3 100644 --- a/modules/hostap/src/supp_main.c +++ b/modules/hostap/src/supp_main.c @@ -75,6 +75,7 @@ static const struct wifi_mgmt_ops mgmt_ops = { .btm_query = supplicant_btm_query, #endif .get_conn_params = supplicant_get_wifi_conn_params, + .wps_config = supplicant_wps_config, #ifdef CONFIG_AP .ap_enable = supplicant_ap_enable, .ap_disable = supplicant_ap_disable, @@ -93,14 +94,14 @@ DEFINE_WIFI_NM_INSTANCE(wifi_supplicant, &mgmt_ops); #ifdef CONFIG_WIFI_NM_HOSTAPD_AP static const struct wifi_mgmt_ops mgmt_ap_ops = { - .set_btwt = supplicant_set_btwt, .ap_enable = supplicant_ap_enable, .ap_disable = supplicant_ap_disable, .ap_sta_disconnect = supplicant_ap_sta_disconnect, - .ap_bandwidth = supplicant_ap_bandwidth, + .iface_status = supplicant_ap_status, #ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP .dpp_dispatch = hapd_dpp_dispatch, #endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP */ + .ap_config_params = supplicant_ap_config_params, }; DEFINE_WIFI_NM_INSTANCE(hostapd, &mgmt_ap_ops); @@ -508,6 +509,12 @@ static void iface_cb(struct net_if *iface, void *user_data) return; } +#ifdef CONFIG_WIFI_NM_HOSTAPD_AP + if (wifi_nm_iface_is_sap(iface)) { + return; + } +#endif + if (!net_if_is_admin_up(iface)) { return; } @@ -866,7 +873,7 @@ struct hostapd_config *hostapd_config_read2(const char *fname) bss = conf->last_bss; bss->start_disabled = 1; - bss->max_num_sta = 8; + bss->max_num_sta = CONFIG_WIFI_MGMT_AP_MAX_NUM_STA; bss->dtim_period = 1; os_strlcpy(conf->bss[0]->iface, ifname, sizeof(conf->bss[0]->iface)); bss->logger_stdout_level = HOSTAPD_LEVEL_INFO; diff --git a/modules/hostap/src/supp_main.h b/modules/hostap/src/supp_main.h index 03f7461555e4..981bdf669585 100644 --- a/modules/hostap/src/supp_main.h +++ b/modules/hostap/src/supp_main.h @@ -6,6 +6,37 @@ #ifndef __SUPP_MAIN_H_ #define __SUPP_MAIN_H_ +#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE +/* At least one of the EAP methods need to be enabled in enterprise mode */ +#if !defined(CONFIG_EAP_TLS) && !defined(CONFIG_EAP_TTLS) && \ + !defined(CONFIG_EAP_PEAP) && !defined(CONFIG_EAP_FAST) && \ + !defined(CONFIG_EAP_SIM) && !defined(CONFIG_EAP_AKA) && \ + !defined(CONFIG_EAP_MD5) && !defined(CONFIG_EAP_MSCHAPV2) && \ + !defined(CONFIG_EAP_PSK) && !defined(CONFIG_EAP_PAX) && \ + !defined(CONFIG_EAP_SAKE) && !defined(CONFIG_EAP_GPSK) && \ + !defined(CONFIG_EAP_PWD) && !defined(CONFIG_EAP_EKE) && \ + !defined(CONFIG_EAP_IKEV2) && !defined(CONFIG_EAP_GTC) +#error "At least one of the following EAP methods need to be defined \ + CONFIG_EAP_TLS \ + CONFIG_EAP_TTLS \ + CONFIG_EAP_PEAP \ + CONFIG_EAP_MD5 \ + CONFIG_EAP_MSCHAPV2 \ + CONFIG_EAP_LEAP \ + CONFIG_EAP_PSK \ + CONFIG_EAP_PAX \ + CONFIG_EAP_SAKE \ + CONFIG_EAP_GPSK \ + CONFIG_EAP_PWD \ + CONFIG_EAP_EKE \ + CONFIG_EAP_IKEV2 \ + CONFIG_EAP_SIM \ + CONFIG_EAP_AKA \ + CONFIG_EAP_GTC \ + CONFIG_EAP_ALL " +#endif /* EAP METHODS */ +#endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE */ + #if !defined(CONFIG_NET_DHCPV4) static inline void net_dhcpv4_start(struct net_if *iface) { @@ -21,12 +52,17 @@ static inline void net_dhcpv4_stop(struct net_if *iface) struct wpa_global *zephyr_get_default_supplicant_context(void); struct wpa_supplicant *zephyr_get_handle_by_ifname(const char *ifname); + #ifdef CONFIG_WIFI_NM_HOSTAPD_AP +#include "common.h" +#include "wpa_debug_zephyr.h" + struct hostapd_iface *zephyr_get_hapd_handle_by_ifname(const char *ifname); void wpa_supplicant_msg_send(void *ctx, int level, enum wpa_msg_type type, const char *txt, size_t len); void hostapd_msg_send(void *ctx, int level, enum wpa_msg_type type, const char *buf, size_t len); #endif + struct wpa_supplicant_event_msg { #ifdef CONFIG_WIFI_NM_HOSTAPD_AP int hostapd; diff --git a/samples/net/wifi/boards/rd_rw612_bga.conf b/samples/net/wifi/boards/rd_rw612_bga.conf index 1df1baa0be7a..d6435e874b77 100644 --- a/samples/net/wifi/boards/rd_rw612_bga.conf +++ b/samples/net/wifi/boards/rd_rw612_bga.conf @@ -28,6 +28,7 @@ CONFIG_ZVFS_OPEN_MAX=30 CONFIG_SHELL_ARGC_MAX=48 CONFIG_WIFI_SHELL_MAX_AP_STA=8 CONFIG_WIFI_MGMT_AP_MAX_NUM_STA=8 +CONFIG_SHELL_CMD_BUFF_SIZE=512 # net CONFIG_NET_L2_ETHERNET=y @@ -85,12 +86,14 @@ CONFIG_WIFI_NM_WPA_SUPPLICANT_INF_MON=n CONFIG_WIFI_NM_MAX_MANAGED_INTERFACES=2 CONFIG_SAE_PWE_EARLY_EXIT=y CONFIG_WIFI_NM_HOSTAPD_AP=y +CONFIG_WIFI_NM_WPA_SUPPLICANT_WPS=y # Enable mbedtls CONFIG_MBEDTLS=y CONFIG_MBEDTLS_BUILTIN=y CONFIG_MBEDTLS_USER_CONFIG_ENABLE=y CONFIG_MBEDTLS_USER_CONFIG_FILE="wpa_supp_els_pkc_mbedtls_config.h" +CONFIG_MBEDTLS_HAVE_TIME_DATE=y # Include els_pkc in build CONFIG_ENTROPY_GENERATOR=y diff --git a/samples/net/wifi/overlay-enterprise-variable-bufs.conf b/samples/net/wifi/overlay-enterprise-variable-bufs.conf new file mode 100644 index 000000000000..627d77a92478 --- /dev/null +++ b/samples/net/wifi/overlay-enterprise-variable-bufs.conf @@ -0,0 +1,9 @@ +CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y +# EAP frames are ~1100 bytes, so, for efficiency, we set the data size to 1100 +CONFIG_NET_BUF_DATA_SIZE=1100 +# Use variable data size to reduce memory usage for small data packets +CONFIG_NET_BUF_VARIABLE_DATA_SIZE=y +# For TLS and X.509 processing MbedTLS needs large heap size and using separate heap +# for MbedTLS gives us more control over the heap size. +CONFIG_MBEDTLS_ENABLE_HEAP=y +CONFIG_MBEDTLS_HEAP_SIZE=55000 diff --git a/samples/net/wifi/overlay-enterprise.conf b/samples/net/wifi/overlay-enterprise.conf new file mode 100644 index 000000000000..ba6d958f9a53 --- /dev/null +++ b/samples/net/wifi/overlay-enterprise.conf @@ -0,0 +1,10 @@ +CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y +# EAP frames are ~1100 bytes, so, need higher packet counts as default packet size is 128 +CONFIG_NET_PKT_TX_COUNT=36 +CONFIG_NET_PKT_RX_COUNT=36 +CONFIG_NET_BUF_TX_COUNT=72 +CONFIG_NET_BUF_RX_COUNT=36 +# For TLS and X.509 processing MbedTLS needs large heap size and using separate heap +# for MbedTLS gives us more control over the heap size. +CONFIG_MBEDTLS_ENABLE_HEAP=y +CONFIG_MBEDTLS_HEAP_SIZE=70000 diff --git a/samples/net/wifi/prj.conf b/samples/net/wifi/prj.conf index e1a1b40a4098..ab3d718f06b1 100644 --- a/samples/net/wifi/prj.conf +++ b/samples/net/wifi/prj.conf @@ -31,6 +31,10 @@ CONFIG_NET_STATISTICS_PERIODIC_OUTPUT=n CONFIG_WIFI=y CONFIG_WIFI_LOG_LEVEL_ERR=y CONFIG_NET_L2_WIFI_SHELL=y + +CONFIG_MBEDTLS_ENABLE_HEAP=y +CONFIG_MBEDTLS_HEAP_SIZE=70000 + # printing of scan results puts pressure on queues in new locking # design in net_mgmt. So, use a higher timeout for a crowded # environment. diff --git a/samples/net/wifi/sample.yaml b/samples/net/wifi/sample.yaml index 51c52edbd6f9..c5234753a782 100644 --- a/samples/net/wifi/sample.yaml +++ b/samples/net/wifi/sample.yaml @@ -65,6 +65,7 @@ tests: - nucleo_h723zg sample.net.wifi.nrf7002eb: extra_args: + - CONFIG_NRF70_UTIL=y - SB_CONFIG_WIFI_NRF70=y - CONFIG_NRF_WIFI_BUILD_ONLY_MODE=y - SHIELD=nrf7002eb diff --git a/samples/net/wifi/test_certs/ca.pem b/samples/net/wifi/test_certs/ca.pem index 70a234dfdc35..2b872d2e30da 100644 --- a/samples/net/wifi/test_certs/ca.pem +++ b/samples/net/wifi/test_certs/ca.pem @@ -1,29 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIE9zCCA9+gAwIBAgIUNX/wAWvB0xblUUghlsoear4f6kkwDQYJKoZIhvcNAQEL +MIIEBzCCAu+gAwIBAgIUK8+d+8IOzeX+DP3VSvdF3lHiCdcwDQYJKoZIhvcNAQEL BQAwgZIxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNv -bWV3aGVyZTEUMBIGA1UECgwLRXhhbXBsZSBJbmMxIDAeBgkqhkiG9w0BCQEWEWFk -bWluQGV4YW1wbGUub3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1 -dGhvcml0eTAeFw0yNDA4MDcxODQzMDZaFw0yNDEwMDYxODQzMDZaMIGSMQswCQYD +bWV3aGVyZTEUMBIGA1UECgwLRXhhbXBsZSBJbmMxJjAkBgNVBAMMHUV4YW1wbGUg +Q2VydGlmaWNhdGUgQXV0aG9yaXR5MSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFt +cGxlLm9yZzAeFw0yNDEwMDgxMDI0MDZaFw0zNDEwMDYxMDI0MDZaMIGSMQswCQYD VQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hlcmUxFDAS -BgNVBAoMC0V4YW1wbGUgSW5jMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxl -Lm9yZzEmMCQGA1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzR3RL3+70yN+1Nx0bAXT60qqf -AxCk/NXphq5cxUT5skXc97KUUnIQ1SaLAin8WHRS8Idajywlo0ULpCeoOj35aPI/ -kTUu4P2Rx5p1DYgquTGjW6fS4p5c65y75BWoukng5DQp/kVpo4OcRMUncexGxBET -1IkpuXGlvQyEKB5I+TgYe4eEXpdn+0A2Nytw9kpSzrd26JofWOO2ZtVCgISnj7ID -B7ErVzStuHg+rMKVI2SU966CH78lNuIIQFKrg8NoWRQI1zMMouU7hj6EL7cZcvA/ -MW9SIFpzkfC4xq0EnOMzg/D3p4k8ah6MikHf8FqDdBBfPUcYU0rG9+zpQdb3AgMB -AAGjggFBMIIBPTAdBgNVHQ4EFgQUQl34Jn7xx5zTXckus4k09ScmfUYwgdIGA1Ud -IwSByjCBx4AUQl34Jn7xx5zTXckus4k09ScmfUahgZikgZUwgZIxCzAJBgNVBAYT -AkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEUMBIGA1UE -CgwLRXhhbXBsZSBJbmMxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUub3Jn -MSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eYIUNX/wAWvB -0xblUUghlsoear4f6kkwDwYDVR0TAQH/BAUwAwEB/zA2BgNVHR8ELzAtMCugKaAn -hiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqGSIb3 -DQEBCwUAA4IBAQCP4qUyKkYD6hXaozV29opSo1sOdQ+voCe9lCTMnFEaCvCO22IX -ViyvNyR6cDt/wa2eeXCRzhOr8vXLyxUOZg0gMDuOxhMBWhdJUNowNrk5jLw2RdFG -OOB53m2JW2E7JNVsheRzKa+98xW7BFjkZKjrowFptZFDrtPFbGg1ETy+mPY74RVj -T+ebESqd/Q/hQUQYfvLUgbcVUF28nXzQ3EWxSL64wpheFDbYEdE97h3Z4tJX7MYi -nOdw+Hn8jss8xCjijk99MgI08GYqgYqCZP7Xka9tyOmD7FYFVnderU+aTCxEYbK3 -9/R7Y+PEaqamKZKXhYh8isjZz/EOiHYz2YjU +BgNVBAoMC0V4YW1wbGUgSW5jMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRl +IEF1dGhvcml0eTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWKIwjdRIp9IrpZELN/ZsN13Xj +qQI6n086PNJ7BZfLi0+tD164rmxFk2eukNNksFCPhvMkqUxouGhc4mJjeivvrZxR +oT3cblOQIkkdEci6iTKC2E1a20W/Ur7cTXoIsnKwjiUjXk+cujkrZu4fcHX+O4vy +wTd5tEbhmifT/4u5nN8U2vBcEZqkGHOCp30VZSxtlGwqp4lc+tVziF3uFViW9MXk +3bVt+s1E7ztwG7+WBgVlLYe3CNSWkMxfyYBafH/l7iep6AFjoTn1z3AAjYi7IUNN +0JkW8MTgafRQIu4QsV5luq/Tiar2vwAm/GNgUJdSzUKARsfQzb/XTIgnLQqtAgMB +AAGjUzBRMB0GA1UdDgQWBBSijSC03/Thi6EOdM91V33zsbQpgzAfBgNVHSMEGDAW +gBSijSC03/Thi6EOdM91V33zsbQpgzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4IBAQAvKEfmCDoMTKC6bfP6DSs+MSAGc5tCr6w6cz2AKNJ2fOMhkq55 +JF47oBBGm9SdTB6Jqo6c109Ps69/+LMtEEGwvzL0RL0WAuTYGo6sudm9hj/jDHZh +pAqi/2BQQeVgTa6oW0jtNPFe+/cobXo9TJ7wECGrhvVbmfl5ZPc0YVOIjjR0/LhL +q7lqPAlJ5vx0WvsX+QReN97we8vD0x1D3mCySJTi3Irh+grE0yJOSN2fa7cyqi9+ +vSiNUB1eUgQwrO+S8ZazYNvAZXC2Xf4WB4SOifJD73pYPAdwOejc0FA+zfEKa/6/ +vTUs8cIhlmDWO+BEoc9wygMKMmhT5s7/T5Bv -----END CERTIFICATE----- diff --git a/samples/net/wifi/test_certs/ca2.pem b/samples/net/wifi/test_certs/ca2.pem new file mode 100644 index 000000000000..2b872d2e30da --- /dev/null +++ b/samples/net/wifi/test_certs/ca2.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgIUK8+d+8IOzeX+DP3VSvdF3lHiCdcwDQYJKoZIhvcNAQEL +BQAwgZIxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNv +bWV3aGVyZTEUMBIGA1UECgwLRXhhbXBsZSBJbmMxJjAkBgNVBAMMHUV4YW1wbGUg +Q2VydGlmaWNhdGUgQXV0aG9yaXR5MSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFt +cGxlLm9yZzAeFw0yNDEwMDgxMDI0MDZaFw0zNDEwMDYxMDI0MDZaMIGSMQswCQYD +VQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hlcmUxFDAS +BgNVBAoMC0V4YW1wbGUgSW5jMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRl +IEF1dGhvcml0eTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWKIwjdRIp9IrpZELN/ZsN13Xj +qQI6n086PNJ7BZfLi0+tD164rmxFk2eukNNksFCPhvMkqUxouGhc4mJjeivvrZxR +oT3cblOQIkkdEci6iTKC2E1a20W/Ur7cTXoIsnKwjiUjXk+cujkrZu4fcHX+O4vy +wTd5tEbhmifT/4u5nN8U2vBcEZqkGHOCp30VZSxtlGwqp4lc+tVziF3uFViW9MXk +3bVt+s1E7ztwG7+WBgVlLYe3CNSWkMxfyYBafH/l7iep6AFjoTn1z3AAjYi7IUNN +0JkW8MTgafRQIu4QsV5luq/Tiar2vwAm/GNgUJdSzUKARsfQzb/XTIgnLQqtAgMB +AAGjUzBRMB0GA1UdDgQWBBSijSC03/Thi6EOdM91V33zsbQpgzAfBgNVHSMEGDAW +gBSijSC03/Thi6EOdM91V33zsbQpgzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 +DQEBCwUAA4IBAQAvKEfmCDoMTKC6bfP6DSs+MSAGc5tCr6w6cz2AKNJ2fOMhkq55 +JF47oBBGm9SdTB6Jqo6c109Ps69/+LMtEEGwvzL0RL0WAuTYGo6sudm9hj/jDHZh +pAqi/2BQQeVgTa6oW0jtNPFe+/cobXo9TJ7wECGrhvVbmfl5ZPc0YVOIjjR0/LhL +q7lqPAlJ5vx0WvsX+QReN97we8vD0x1D3mCySJTi3Irh+grE0yJOSN2fa7cyqi9+ +vSiNUB1eUgQwrO+S8ZazYNvAZXC2Xf4WB4SOifJD73pYPAdwOejc0FA+zfEKa/6/ +vTUs8cIhlmDWO+BEoc9wygMKMmhT5s7/T5Bv +-----END CERTIFICATE----- diff --git a/samples/net/wifi/test_certs/client-key.pem b/samples/net/wifi/test_certs/client-key.pem index 20ca0796572f..6ab70da24524 100644 --- a/samples/net/wifi/test_certs/client-key.pem +++ b/samples/net/wifi/test_certs/client-key.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIKh6bYnzze8sCAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNtt6KHyCgBPBIIEyPOdtbZFuRkf -NoEhloVT9ZbxSfYUOoD86w6OUgLW9I9zgH7v1lZ+Q6YnZ6lPxi+NthUvZZNd0M4f -rEAkJMeVqCImk9C5DYUdsEyVxxbWCiBKuO+j14S8RaetKvTVlYZjdkdbwW4chwLs -joPtKUtRMhWdQ5XF9qtVhmKjqHHTEFhOXP/VMCd6bNOkjzneuUDlLj+EOl8K1NVZ -tpZUi6D2p0tksrMokgl3n0Esee4W6XKemJ8KyLkA34QGG/c2MQyQnBzqo+9FnLvr -uX5DmApiichLMYDMssQjfyVUsDTz1bolTCWZcY2gz7zoHSJ3Twa4uf0D/Syi/pU5 -c4m1DvfY+BDt7GPG9S6eQHEIp/7m6jCKX90jYi297nEcJjYkXVUDe4Nx7a+oZkc4 -OIKP7VTVnhuUSjbN5h0UB1yNMA9t65IsXLPVVtn4b+eC/4RZyJAYuzJD8xpb9u4r -bXl0qMW1bPyU2qdC5oheM2oLIvuSBKuRf2vvqKt7c5mahTWIUxNckkNeSQghJxw5 -uEgG/ji+ggL9YfPQiMt8Ps4754/mtOfzXGX3UTniuSpo7ddonqDQpHBvNiRdy6Dl -pQTJczykNOe5HaMsfa/hyu22AVVKWQDLacFLvRqqps5JiH2A1dzBfU/GVeGYcl84 -BZUVO56tGMY64t/StqADVrW7AxTLB0tV90uNSg16oRQkRDIx5R5/Q9xlILCSPdvN -i8qR6jY0wLgEot5hweCnbYjQ79n7H8NKAHe52TNbYts/S6jjqdWNu19JpNHV8Z7v -aGlf5Puk4U+A8MhyjTVgWoOW+GNmyEiMXOTz66nrhtDFy3nzPjwQcMQtj3yTzHnS -0P80cdY/k2tfBPT4BTbIoKbuuuXLXKQ0jZ0AETu1Z12Q7G6C5f0fOJ5m97qLOvbE -dMgYPeeulbLr6Gw7CYfTE1wSj795z2d4SpbRSVNyN+iFccFD4tXhWk+lf8ym4/A2 -hsI2SS9TxBR93Fje6oTdeAlC0DIpY8117W4GhU+IZm9HqpD+DVcnLOAzRIl7urlW -jqpEkZXce+CV9L614hdAjUHQZOj43P3Q/zXEr/ZcVP6+yuLFCf+JbRXUglUgpdQh -McGVV09tL+Qbb/28yEygiw2m8HFAoUgMc2st4IkkO7XKX3Q8WVDSgqE4olAVE74g -1OB8w2R96+conCWYJfLCGM5lwsGeB1z8Q/NncKToulnqTKft7Rg8SFyMxVlzygPr -P9AMhS+wqXHbzhYb+dwD+DsbAtKl0Urp1ZjHSQrOrVtctDCnEX1Bx5ek+AgNExNp -tv2yBnsBcCLXy5UZYw9rAH+m7t8dAjGOYV3he4GotjCjyq+VcZgpzG2iWCHOhfob -1xtm030/Xuc4TfX76rWithXggSeKEhuqL2ERa/+OOC/JjE4omdmL9GVrr4vxt37U -MeJpxymYEP05QfRxcbvJB1L+cGv4Tgy3XgikK8ClUQqKvPntXIoX4cga8O5FE5KB -5H714hGK/JplhbCDDomi/hRHZHxae2MLnHgq4Rj7JWZ+iTUvLncfMdBBFdHF4qkr -ZbhwJ3KIAbCcSvXFoYJy1oOOitYhgoAKksyVNrzOMiYMfQ3YKc+6sF6lHOFllawD -RYTUnfN5ztaxB8OpKaPtig== +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQILVdWyEWhWU0CAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDMFReIusCg7gSkoUQZV2flBIIE +0BIFQH7+0dc7wHIQQ1y0ao90rrK3ExtCABH6xp4OAHUNPR1549zSEak/9Ba6WLBp +YE0m/lpLz4oUJE4Kd3rg4ekSZk4mapZoW7g5ax4qAEblmM6rqmyjiU0Q6tsAb8n1 +x+RyjUILlgTH1HDmeNA53QNMCw++xIMIJPN29SvFN6vkU2Fd2f74/TuZRSaCEPLO +LKtNMwWCMTrlv0UewEryOvZegPQuEF/Ewmmw/9l5VfkPp6zAtZKzWsfk4jUo5tv2 +5dPoHR+RKjNNVwetnCq59QYMS2My6KLqX4Vzqnbu8K1nlbm85ZHnvLGi8cDn8EB7 +QtRL+Ev5IwcwYJgV5AMojouJLQdR655jeITWI1Gsohz28YG8c1qYX4ZN6albSd1G +fd1tMOWkeu4uEzJ7ijLDfnCzrklnLuAZx8yLzyrOa7i9AwwJmdgUEdbWWsru3L6C +zDJ45rpA0FobdlTem4kpoE9yiyHkIhf3wmI3X+0aodC11pdbHP260KIC8E1K9FUh +s/IoEQCYrBp8UltNTlezwq/E5uOuIu4EpfjEgH1Z3+hSDbnmMAXNX4DbL234x7iy +3Y256DtOeHSElnRz3kDnZVNtM1Kd5fgEYJ1ptYRPYaWyJka7/hC/0UObuM9w+QeO +OlG0QgumQFloyhDa9anPBK4sYJp4g1fK8golUDW4AdpFPNOJvvgOvQUzhPpHjr+N +lpZ75Y6I3JSSKJ/UMlSCOqjak8oZtMtJNMfbx1lgwwDtgjDSJvSdl735gI9VmXXH +qnlGEtyiQ7k1Z1a4HxiY2/CiDHvkymClir/Ik8gt+wmyT9c/9BcehLRf6PxMsDVy +PCkty1LlzN+5tSZJtJnOiTlgsRn/w49Ohp74ITheSdb30/6PnFI+o8rcJHmrjN4d +t3z/bCyWAeC8mS7m0wtXlyBeG9xvdyT8dDHAFOnqxX30dEwEbjNj58kWGAgRf9i3 +HlOAP8yRy7LAV7A4HEPnEzXBxYpsROUw/8d3Jtmr2nAp2hfKP339DYZPHZpRLjJr +WQlJasHHLxHKKjSsuM06WsCO+Tt2FTSgGJuU6nFVK75fssmmJYzj9qMHVM6YSjfY +sT0ZIWRgO9NLFx5O3QxY1wgMLhhv1FREy9NVnMU0W3A1u0F7dwHywZGha2IqEXgu ++UyWIJnePMvluV/s66AN/OpIxKU48c0B4l7XzXkHHd43tDUG3ztfRuPbWCHipuRO +eo+vHGD01iBLSE1ZhrYLHKQhJvIKx/PIEaqJHP/Vy35AD/2/GH09TiIBHzX9aXie +TiKFs30FQv7SpLNHNE7jUxsYGNUbYa70S/Vgn3wkKATcXpCc749XQV4OUbFoqkDm +vuZOjkIOlm/OtZkUuDWmk96mgoVG/gWSEJPynJHUpmWdu/BCdYOgxBk/bmPa1leS +Z5NbO0fGMnNhDMXYA5rqmVzABcNSYhgYw5aciWpBlgYHEYrPxZvCxWftIyb24oEk +wdHEaFbIYbOoVZqo7Ym2hrvVrJb8Qdukf1BmUgfSSSc7BFoSrBUO4SNFtZI55NOB +OM4rnkqfoYR0IpnxzPIpxpsWljG9QsgnTaffStDgIGXiAtBWJFy+44f1IS4EoC6B ++we1Q6atPwYSyPtG8mn4Ce0BNxLDUoFDLMQ7Bt8QBMeX -----END ENCRYPTED PRIVATE KEY----- diff --git a/samples/net/wifi/test_certs/client-key2.pem b/samples/net/wifi/test_certs/client-key2.pem new file mode 100644 index 000000000000..6ab70da24524 --- /dev/null +++ b/samples/net/wifi/test_certs/client-key2.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQILVdWyEWhWU0CAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDMFReIusCg7gSkoUQZV2flBIIE +0BIFQH7+0dc7wHIQQ1y0ao90rrK3ExtCABH6xp4OAHUNPR1549zSEak/9Ba6WLBp +YE0m/lpLz4oUJE4Kd3rg4ekSZk4mapZoW7g5ax4qAEblmM6rqmyjiU0Q6tsAb8n1 +x+RyjUILlgTH1HDmeNA53QNMCw++xIMIJPN29SvFN6vkU2Fd2f74/TuZRSaCEPLO +LKtNMwWCMTrlv0UewEryOvZegPQuEF/Ewmmw/9l5VfkPp6zAtZKzWsfk4jUo5tv2 +5dPoHR+RKjNNVwetnCq59QYMS2My6KLqX4Vzqnbu8K1nlbm85ZHnvLGi8cDn8EB7 +QtRL+Ev5IwcwYJgV5AMojouJLQdR655jeITWI1Gsohz28YG8c1qYX4ZN6albSd1G +fd1tMOWkeu4uEzJ7ijLDfnCzrklnLuAZx8yLzyrOa7i9AwwJmdgUEdbWWsru3L6C +zDJ45rpA0FobdlTem4kpoE9yiyHkIhf3wmI3X+0aodC11pdbHP260KIC8E1K9FUh +s/IoEQCYrBp8UltNTlezwq/E5uOuIu4EpfjEgH1Z3+hSDbnmMAXNX4DbL234x7iy +3Y256DtOeHSElnRz3kDnZVNtM1Kd5fgEYJ1ptYRPYaWyJka7/hC/0UObuM9w+QeO +OlG0QgumQFloyhDa9anPBK4sYJp4g1fK8golUDW4AdpFPNOJvvgOvQUzhPpHjr+N +lpZ75Y6I3JSSKJ/UMlSCOqjak8oZtMtJNMfbx1lgwwDtgjDSJvSdl735gI9VmXXH +qnlGEtyiQ7k1Z1a4HxiY2/CiDHvkymClir/Ik8gt+wmyT9c/9BcehLRf6PxMsDVy +PCkty1LlzN+5tSZJtJnOiTlgsRn/w49Ohp74ITheSdb30/6PnFI+o8rcJHmrjN4d +t3z/bCyWAeC8mS7m0wtXlyBeG9xvdyT8dDHAFOnqxX30dEwEbjNj58kWGAgRf9i3 +HlOAP8yRy7LAV7A4HEPnEzXBxYpsROUw/8d3Jtmr2nAp2hfKP339DYZPHZpRLjJr +WQlJasHHLxHKKjSsuM06WsCO+Tt2FTSgGJuU6nFVK75fssmmJYzj9qMHVM6YSjfY +sT0ZIWRgO9NLFx5O3QxY1wgMLhhv1FREy9NVnMU0W3A1u0F7dwHywZGha2IqEXgu ++UyWIJnePMvluV/s66AN/OpIxKU48c0B4l7XzXkHHd43tDUG3ztfRuPbWCHipuRO +eo+vHGD01iBLSE1ZhrYLHKQhJvIKx/PIEaqJHP/Vy35AD/2/GH09TiIBHzX9aXie +TiKFs30FQv7SpLNHNE7jUxsYGNUbYa70S/Vgn3wkKATcXpCc749XQV4OUbFoqkDm +vuZOjkIOlm/OtZkUuDWmk96mgoVG/gWSEJPynJHUpmWdu/BCdYOgxBk/bmPa1leS +Z5NbO0fGMnNhDMXYA5rqmVzABcNSYhgYw5aciWpBlgYHEYrPxZvCxWftIyb24oEk +wdHEaFbIYbOoVZqo7Ym2hrvVrJb8Qdukf1BmUgfSSSc7BFoSrBUO4SNFtZI55NOB +OM4rnkqfoYR0IpnxzPIpxpsWljG9QsgnTaffStDgIGXiAtBWJFy+44f1IS4EoC6B ++we1Q6atPwYSyPtG8mn4Ce0BNxLDUoFDLMQ7Bt8QBMeX +-----END ENCRYPTED PRIVATE KEY----- diff --git a/samples/net/wifi/test_certs/client.pem b/samples/net/wifi/test_certs/client.pem index 0de5748bf036..9e815474cd8d 100644 --- a/samples/net/wifi/test_certs/client.pem +++ b/samples/net/wifi/test_certs/client.pem @@ -1,64 +1,22 @@ -Bag Attributes - localKeyID: DF 33 79 D4 52 3A 61 87 BF DD 0C BC BB 90 F5 1D 8C D0 02 1E -subject=C = FR, ST = Radius, O = Example Inc, CN = Example user, emailAddress = user.example@example.org -issuer=C = FR, ST = Radius, L = Somewhere, O = Example Inc, emailAddress = admin@example.org, CN = Example Certificate Authority -----BEGIN CERTIFICATE----- -MIIEgTCCA2mgAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx -DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF -eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk -BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTI0MDgwNzE4 -NDMwN1oXDTI0MTAwNjE4NDMwN1owdDELMAkGA1UEBhMCRlIxDzANBgNVBAgMBlJh -ZGl1czEUMBIGA1UECgwLRXhhbXBsZSBJbmMxFTATBgNVBAMMDEV4YW1wbGUgdXNl -cjEnMCUGCSqGSIb3DQEJARYYdXNlci5leGFtcGxlQGV4YW1wbGUub3JnMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6mI+213GsAcquAlq0/MMUDbbpjz -PxurB+9NoQ6xNpoUzK8x8hhC8tORkXi2stCbZbIFISMdtuDzshZ7BBLA32lX5/q0 -YNCS6czcuxnkbFgunfaA6VupK/dx+9GULTMKa7TVNyIhid9NQBowz2BB8n4lHQjS -g3fkZgR771e3xqZ8xaEKlA8+/lCRHUtjiUtzSFMbQDBA+Liu9cRpb+4xk93CNOk6 -WmHI7reGzJrC8YPc3ngFRvp1ujw0BHlp+AYfwnPPTn7mWYBgJQwfrkECzt/vTIhS -CJgsvM2bMI/HK30EvCLJb3NheSfZFo5fzkmWk8NK8B1p/d6/SPoul8L2QQIDAQAB -o4H+MIH7MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBMGA1UdJQQMMAoGCCsGAQUF -BwMCMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly93d3cuZXhhbXBsZS5jb20vZXhh -bXBsZV9jYS5jcmwwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8v -d3d3LmV4YW1wbGUub3JnL29jc3AwGwYDVR0RBBQwEoEQdXNlckBleGFtcGxlLm9y -ZzAdBgNVHQ4EFgQUpBSja2rvRXhlulUyZ8ZEDLS0j4AwHwYDVR0jBBgwFoAUQl34 -Jn7xx5zTXckus4k09ScmfUYwDQYJKoZIhvcNAQELBQADggEBAENOA88x6RMfT73L -hBQBT45qqvLK4GRGhqXDcj/E4hiZ0fX39r5PSUA+rbVbWjlJzW+gnsHWIdDASg4H -ZlMSYCgU6PN7hhJ1gmc0736V1t1vS63x6502fzNG7TMEvyWP3iadVjkn+sH8Q83d -AHwJjaKEq0SQYQof4QZZcxaBVLwh0buck4QLpeBYKeGpEiRK+AWireJMNFmBRHpG -R2E0I/B/duICWoL/8E/PCK7Ys7fUcGtIekEOCToDPW39uoU79mTjXrv+F3NO6Z6p -CwY9WqlHV0jLrfpdEMQuN2Pl0Qi8N2R0vJLrXRxbSrIkQbZtKyUG11XQBPgl5ZPz -KbHL9JU= +MIIDojCCAooCFGZ4UJXBKG70aewILFtsy4mbvaYZMA0GCSqGSIb3DQEBCwUAMIGS +MQswCQYDVQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hl +cmUxFDASBgNVBAoMC0V4YW1wbGUgSW5jMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRp +ZmljYXRlIEF1dGhvcml0eTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5v +cmcwHhcNMjQxMDA4MTAyNjI1WhcNMzQxMDA2MTAyNjI1WjCBhzELMAkGA1UEBhMC +RlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQK +DAtFeGFtcGxlIEluYzEbMBkGA1UEAwwSY2xpZW50LmV4YW1wbGUub3JnMSAwHgYJ +KoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAMu3HXJvi2Q4hQnLL4v/sCyEr5x+ZtBcSi2yETMViaf2EStW +UOs1A1pmCQbO7nadLQcWaX4tzefQCRrs1X4hIQuDIqRPNi6h6G1g5HEtqBWZhvwu +hDbmFiX8/Vtw/P0/9sox2DzyLG0mjJUAYAbKtyC1kQalybVBtrSaazyyAyh6oOuU +chAb7SmmNDsRB959TWM/mp+6yCcFGzCDKNBwlwthB6Uw92d3SfOyXEnZm8rPf0hV +4ICL5iB+xEYBv1LKmznFK/4UAyKpxAygc5fxKVWwlSsq8MrES5ak0n6H71wViaXK +BrH5yh9jEkK9XSeaUwg8C9eOOexyx/5JDY3TTE8CAwEAATANBgkqhkiG9w0BAQsF +AAOCAQEAUNddNiRUlJH0acJJv8ztXNWjNewd17tAk1BBHp6yyGAD8b52p6QbDAdS +xO3WsSc2bqSy599jp4GshO27TMQsBRMfoggCG21Aj6sIs0Hd4shTE4T0GUBEBxC2 +/HReuD+cGIzzKMYlvK8RPSaGLPvPw5SryvmOnjD368V0KCHwT04Z14i4sMxlkd5q +wB7fxTkVla9MR4uWObX62mJykmqT86chScJpldtBpRh8wrEa3Gt9FZoi/eqP0De8 +oCxmCZDrozGTZ4IIaNzchx3Ensh1RQwvvxd6ATerYdUjq4V2TlTksDRdCXtj+uNJ +FnB32sUHiIouxudAsqDf8UL9/99RCw== -----END CERTIFICATE----- -Bag Attributes - localKeyID: DF 33 79 D4 52 3A 61 87 BF DD 0C BC BB 90 F5 1D 8C D0 02 1E -Key Attributes: ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIj62qIYenEeYCAggA -MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBD+aD/Nfhvs8bsr44gG36xRBIIE -0OA3BuJdNL3yo5SOVFXMbWeMj13B5yvQwqLRCPJmDesNSy6I2OLVQKr571IiuwBf -xNytF8MNfZ/OAI7FcMDqf/so9s9zQZlgR5jZKzoR8c0d6NiXboW7HHlO1tk7PhwW -T2dSFBcmfI0N4zug5vTYGVnOBtwk9F0BlFs8HZwa/5wXfdLnJVXT4l8enIU45Ssb -MJXrLNZ8SRMSjnsatrPqPhRMtLharGhOAItj4uQ770WbjdMgPejeZOMQ6NAEl1CL -NPeikRKZQzeBCBYnbAfOSTPNy0i2q28vKzc5e0gHPzqWg6r41/XsCGiKi/4pkwxE -ZDhbBCLeGdlB7KX4cv6KTp5PtBKMrh4BxGsWrAALqOdt/nsNl8oPBe8j6/iSWDDw -xJbemI8nFXAI6jAiz4RZS516eHJQT9uEpYdPUfluT17PPOotmjwkL2XuaMDjYOjD -LOFSIX1Y8L7DPhayViY7hGyBWFDgozIl+us7H7q27SIJQAtoG4gS6w2qTE6UmDbG -xqxluuQadfnrhtenpVJMwRQzf24txRsuHDTB/6EY3lqZhOvGZzwUV4RqJgg7G5Ix -YUCiRrNrWGgbViTGpR87GkhBc84pXlTdIVb/bxl1myJ4QFya2oG4PjMK+wxlGJ3q -8Ght0sz3xvDXLzoh3NYBBhqOj1zKHcUoVMLmxd+GinAy4FENc3cbZjAaTDprPbze -1368MvGQkcwgxHmqhPIRaz+GPtLhxjPO/SDIkZdzwAGvy8AKS5HTAGcSvbcjcjXE -3cY4DObY19MwUfsedXYcDzyEKS6OTgNSbfXPStBhijKA+joOzUKf36xEipV3J9fa -9YtXf5MALkUcLqGKCa4OybAktvN/VBnZfieOyCM3vcTHimmyDhuyjxzJptMTjiH3 -BaBxgZpm0FJVKjTJ3+xkmIeMA8p475Aocs8F7aHqIO/MEMHDB5MuCui3h+Mzccha -eR2e4Ldv5v8yFR+3Q+MIq8rELtIeNgG/ANldJEWt7paLsRXMXzNah1rdHb6oaDLa -iou8ZcOKI6kBxj6GxcGN2HicWbqAXgoHAVN59siVOSUGI2rmCxxj1v38oY61IahZ -k9nde23oAhTnO02ovRXkVNArBE3cEQPbBqwv09rrO/HQqHXRVNu/qFuA/oEopzjI -lZFUel4IjUQJgk7+1pY/OQzJQR9wfEXMOW4fXG+tL90sIypv115CbYXiUy3tOFcs -XX5QhDnrSo69Be4ZJQBBY9JEtOPlZCA9C+6Q0zxpNctfj091N7e8nWg2a+DHzpFz -Vdoa+xGCUMkJZopsnjEStfSTYqgCuPRSRIf8a1i9U2QnLXOFjmu2YUfa06JuQIXK -lpJxyMmUmd07KiTH3Da0/3V9W++zSlVpT4hHD6zvZ/OzpPKL74cGgtNFMOVkFCjr -KUcrg7JCxrVb1zZ/Y6CIdpRMFv5/94M67D8hX7aSiPgzGXwwuUzZlygbOZa97s3U -nKc7ZgVqiNCR6HH2Vhc2A2fuu9aErdnqr6tcbxiWTVORSQxIHCchX/+5+4XtKrHm -EOPmhwehDEsyFqHwBd/T8xdz/wb8ct+ce1HbzRe8UXjeGsTSPQVuMF4wjHP1MvEl -0BTRDQlqETtBvtxzZJ7cABWpZqdrZEUtrdD90jd6ZQrF ------END ENCRYPTED PRIVATE KEY----- diff --git a/samples/net/wifi/test_certs/client2.pem b/samples/net/wifi/test_certs/client2.pem new file mode 100644 index 000000000000..9e815474cd8d --- /dev/null +++ b/samples/net/wifi/test_certs/client2.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDojCCAooCFGZ4UJXBKG70aewILFtsy4mbvaYZMA0GCSqGSIb3DQEBCwUAMIGS +MQswCQYDVQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hl +cmUxFDASBgNVBAoMC0V4YW1wbGUgSW5jMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRp +ZmljYXRlIEF1dGhvcml0eTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5v +cmcwHhcNMjQxMDA4MTAyNjI1WhcNMzQxMDA2MTAyNjI1WjCBhzELMAkGA1UEBhMC +RlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQK +DAtFeGFtcGxlIEluYzEbMBkGA1UEAwwSY2xpZW50LmV4YW1wbGUub3JnMSAwHgYJ +KoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAMu3HXJvi2Q4hQnLL4v/sCyEr5x+ZtBcSi2yETMViaf2EStW +UOs1A1pmCQbO7nadLQcWaX4tzefQCRrs1X4hIQuDIqRPNi6h6G1g5HEtqBWZhvwu +hDbmFiX8/Vtw/P0/9sox2DzyLG0mjJUAYAbKtyC1kQalybVBtrSaazyyAyh6oOuU +chAb7SmmNDsRB959TWM/mp+6yCcFGzCDKNBwlwthB6Uw92d3SfOyXEnZm8rPf0hV +4ICL5iB+xEYBv1LKmznFK/4UAyKpxAygc5fxKVWwlSsq8MrES5ak0n6H71wViaXK +BrH5yh9jEkK9XSeaUwg8C9eOOexyx/5JDY3TTE8CAwEAATANBgkqhkiG9w0BAQsF +AAOCAQEAUNddNiRUlJH0acJJv8ztXNWjNewd17tAk1BBHp6yyGAD8b52p6QbDAdS +xO3WsSc2bqSy599jp4GshO27TMQsBRMfoggCG21Aj6sIs0Hd4shTE4T0GUBEBxC2 +/HReuD+cGIzzKMYlvK8RPSaGLPvPw5SryvmOnjD368V0KCHwT04Z14i4sMxlkd5q +wB7fxTkVla9MR4uWObX62mJykmqT86chScJpldtBpRh8wrEa3Gt9FZoi/eqP0De8 +oCxmCZDrozGTZ4IIaNzchx3Ensh1RQwvvxd6ATerYdUjq4V2TlTksDRdCXtj+uNJ +FnB32sUHiIouxudAsqDf8UL9/99RCw== +-----END CERTIFICATE----- diff --git a/samples/net/wifi/test_certs/server-key.pem b/samples/net/wifi/test_certs/server-key.pem index c9defa1229b4..5f032cad701d 100644 --- a/samples/net/wifi/test_certs/server-key.pem +++ b/samples/net/wifi/test_certs/server-key.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIU44Xbg9l+1kCAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECBx6SOeZLPFiBIIEyBbU4bj1/Sq0 -W5O13hWtq34nTHG+HtgOG61u8659V+0Txbd6E6gBlMTUDtczKCb2BS7D2uugSwTR -Xj1CeLha1qfsWT3IEe38KB/r+TXA1CESblkHBeYjHYOhOoRSNjg8e+QddFim4uuN -6eCqgia4jJjC4jT7gLhoUgMtLKxGiw/iVsLme//p1czB2sNNy441Cp2smwvP6GqC -rymGKgmmEa3pqFm72jO77kev71gUYxPJLXg6bGJ3HBBD0iN79rlCgMTru4s/C/G6 -VoTLCxJrYNiRGsCNu1PM4DtZgQtL32il+u/thZzE6cmh6Yqzkv9G8JXRIakoZctN -JOwOgbyQLwbAV/0OpZcX0rWKGbO2AO1RmayEJrTBp98qbOW1SrJf2HVAqzevaxOy -ZqyLbq80x+6wH1sg200tnfwGO/2nz1U7yDTJ4tMuMeJYvAHB5luXYOBrL7AmUJjZ -CLY/BaN90amz3h1/ZeooMslB1ldjNznLYfrmYc7E1UKWUd5CRjbh6f+k/iYp1wuw -W2O9qW/aatQyrcWMLboJLTs9XarTFXYSA66bvhPfP/lP4BPm4eQM1xCS7qSjbJMK -OuTX9J++ZzNIiUJjFTAWW4cIEKkJ+PpljTgdcfnwUCGUcxuqJaVbWVrPstc2tyjJ -8Ravtr5Fp79dYsD5xSB31ATiAVehp0Zn7lorwmFZ1fhZNMOaFjDk0e3GJPrWgTGY -DUyeN2Ec/lY76+nTKLqpCPmP/aM3uOEsKEXmtuiYONnz1ZcRSXqAfZKW0Sv9iEQA -IK31lNuU6CULXM6aUn0lwdoYKZ1S7SPwK6UmqSimBb/5FF5zaZPgzHKhClsnd6EN -ToMDw18YD1rY6jaAxZdXiaI70i7V9S3RkfjlYkiaLEmjO44yg6Ae7xL0KbOut8iB -ZCyMHRjobFCLWPTdplQux0xzPD0FXrl8GgJBmiY8SkiFh9NKDNyB6SodjVKXsIhe -BPsdmh9E66XfHkI16LkkoK5eKgtVDpXVAJBAI2wURIwfIzfzOJ6SExQd3capXqfr -HpC+sJJjAPy0hHTkv3RnzX1NHqYK5gHq/WCSda/4cl8ZepF5eoyJ8h+9TJzlTDJX -REyt5iUvKbFT3bQ3WYwWUW6lEei16KK9Cm8ivZsEQqbeG0kP6lO3pG+WNsAYRXlE -aXg8wgFLJRS/7llaB8xiZHZ0mMsj9UAwZd7gUkp1EjDt7A6f1KlYEtIXtQ9TVXhS -kegWYMvJOpzJoOTcZ2Yu/wNUEAnnOnXzCrr5EAD3aHUwaSHfj75y44uHrYtEKEyO -Q1bhRhSC5rFcEEomHofy7PlJqoynxMxOd6VZdSpMr2fSDKO36aY8bGD7ST0hpHrs -6NNbywy23G68YX6QREwcuT4EDzIQOQsl7GCSx8KVibubsYcGSuXSVlBMI9sLOtsA -AwSAXOyGoVrmms79ekp4O4Pzq4vqE61KEh8K0/h5qDJ8+c2kqQl5eeDkDwtBYwjD -oYKRlmCkKzoo7qW4uIeVy4ZeQIuzWcCWnSZumtBa2mLlo4w9njmwgPR0wtDU8daW -+0CL828/eNfIN3awo0VeAJ8nbZlKL2ioyND9KNXjJ2fJNuwyrWv9c5fz/NeWgv9O -Z2S6ZI0xPgZJNQ6rLcPigA== +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIjI78fcZSH7oCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDfF676hRrL290F0MgMDZiuBIIE +0Hkz7skRV8Ox0SoX5N8GsOPfN4PS1cLyHgokY6dUhJPU5vUzOn9iSiGQSEzSguQ7 +11mssjRC2T45wB/95VK2EPtRw1f/6VOUR6RJnnGb0PV1Rydp/x5TZ6vzcXpakqly +eljJR/20fIJClsZzhw0iu5la9fkF6G8WYFEkqex5jALSiN4qVLvkiqcTnh5+amem +8+OCKgvgooKD2ids4/0GGfJRQSC6DFf3kuxNl+MMvmDXmz/vrD85ONnyXzKXDA3N +3vRgL/YT6GzwIXb+7/c/tIMpnacxPAdbNOs3DY5ss4xcK68L5PwpM2BljzBa5dGw +Smgf2VRaYRVzmrte5j280QjfrlHRU2cHaxm0GCu2AOTGwMXcSNYMXfDNuxc57oQJ +vHXMeZD4K5lACbhYdZ5lJNFvv29YI7dZ7QOGu6nXlAuhZfbdc/cgT0som7eG8xpT +pERllhQ5ych9sP9nAccN6VUsWgmlF73lbSptBek1ccYkp9LIYCteJUPl2qPcz6zl +A7zrZ54f3Lg0fOm2pCtg+qKBiw1nd3MR/YbRCgyvudyZE2cCN/ZspWqxsavbGYOz +JOfIFNnyAcOYtEv1n1BGLfMa1THW2bDV8XmHVHUtM0k4z250QAmLygWLY2166iUF +qotBkvctKKdulzGdT4nVer1UEKTqcxhDf0dRiHN5spZtFrOee0uGIoQWHt2oecaK +pJovW+i0qO/1DG5spfU2m1bz6jR2u6nxi340oRrMSoe1ELVg3l1/wmM8yzh07GuK +pshzxwqAG/FnaKCvcKGUG2EfnAvOcbMgSa2w3GvyRkcDPn00arvX9nuXj0gkRDBi +eoVMkKKTeeYSGQ4ik+ja3xkgHcxh5W8aoezLvBbmUq206cmhLwfnYMhnvFTs6EBK +E0ENpCHwF/qoVBIzRCijG/eeCuf3a1YkJsWlvEeVrPeOmDFeDft3SSGOzHxE2A/7 +HWmHbWTm7dPOfgsU4zf+HglnBjN3kYU7StyM0EGxmB4lfB2BiWiL/3R13ERHQZfa +oOqa4/hOFXOXfTQk6ufXtBx8L9BemBqh36zbs2xVvIizJKeRMruoRblWZkHhUKR8 +K5GA7FYkU9ZPPP0UPKsO94xzwfbevi+7nWeUZoqcqAUy8Jt5aD2QpvFVbPBBOz17 +PGaubeVn/Ry8swPvkpddtmJ4mgF+3SVctmzY+EE/oN1XS8wa+XeuaThzk89Lvrfa +606nRWrNw3PSKjYoEEtRLhPeJCi9uOVenbOjtclio9mV5Sugwurolczvq8DAGpMG +W4WgALgOWDjQAudiNH5dtcMGkBONbYywkJc7cT2OZFmzkCbchPPWlKGopuaFGAoU +SPj7C9SenHmOWAFRX5jJrOZAuVqkdKN3ShWZUL+cDkOCCQlZ0E31u0m9yozY1MeO +Sx42GtZaSGff37FGYeMZM2ztlutw2zmv2B1g52SBHTjCqQU/ud2Q6/U0kUzjbsdF +/0KQY9wgZRdOvbnA2lBirN1rXzLWPdduOZ5QImfHfvToN+oOlEqVvvWG12DdA4e5 +y4Dumx00lfKEsGutjF3oKgE6jsjwqAwCoYEAFHTtsvA0hKPisQwNHZmpjGARvR56 +yMEmXynKvgyVGvVP2a9VdqBXSpstL24HfDIu+nlyEWGQ -----END ENCRYPTED PRIVATE KEY----- diff --git a/samples/net/wifi/test_certs/server-key2.pem b/samples/net/wifi/test_certs/server-key2.pem new file mode 100644 index 000000000000..5f032cad701d --- /dev/null +++ b/samples/net/wifi/test_certs/server-key2.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIjI78fcZSH7oCAggA +MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDfF676hRrL290F0MgMDZiuBIIE +0Hkz7skRV8Ox0SoX5N8GsOPfN4PS1cLyHgokY6dUhJPU5vUzOn9iSiGQSEzSguQ7 +11mssjRC2T45wB/95VK2EPtRw1f/6VOUR6RJnnGb0PV1Rydp/x5TZ6vzcXpakqly +eljJR/20fIJClsZzhw0iu5la9fkF6G8WYFEkqex5jALSiN4qVLvkiqcTnh5+amem +8+OCKgvgooKD2ids4/0GGfJRQSC6DFf3kuxNl+MMvmDXmz/vrD85ONnyXzKXDA3N +3vRgL/YT6GzwIXb+7/c/tIMpnacxPAdbNOs3DY5ss4xcK68L5PwpM2BljzBa5dGw +Smgf2VRaYRVzmrte5j280QjfrlHRU2cHaxm0GCu2AOTGwMXcSNYMXfDNuxc57oQJ +vHXMeZD4K5lACbhYdZ5lJNFvv29YI7dZ7QOGu6nXlAuhZfbdc/cgT0som7eG8xpT +pERllhQ5ych9sP9nAccN6VUsWgmlF73lbSptBek1ccYkp9LIYCteJUPl2qPcz6zl +A7zrZ54f3Lg0fOm2pCtg+qKBiw1nd3MR/YbRCgyvudyZE2cCN/ZspWqxsavbGYOz +JOfIFNnyAcOYtEv1n1BGLfMa1THW2bDV8XmHVHUtM0k4z250QAmLygWLY2166iUF +qotBkvctKKdulzGdT4nVer1UEKTqcxhDf0dRiHN5spZtFrOee0uGIoQWHt2oecaK +pJovW+i0qO/1DG5spfU2m1bz6jR2u6nxi340oRrMSoe1ELVg3l1/wmM8yzh07GuK +pshzxwqAG/FnaKCvcKGUG2EfnAvOcbMgSa2w3GvyRkcDPn00arvX9nuXj0gkRDBi +eoVMkKKTeeYSGQ4ik+ja3xkgHcxh5W8aoezLvBbmUq206cmhLwfnYMhnvFTs6EBK +E0ENpCHwF/qoVBIzRCijG/eeCuf3a1YkJsWlvEeVrPeOmDFeDft3SSGOzHxE2A/7 +HWmHbWTm7dPOfgsU4zf+HglnBjN3kYU7StyM0EGxmB4lfB2BiWiL/3R13ERHQZfa +oOqa4/hOFXOXfTQk6ufXtBx8L9BemBqh36zbs2xVvIizJKeRMruoRblWZkHhUKR8 +K5GA7FYkU9ZPPP0UPKsO94xzwfbevi+7nWeUZoqcqAUy8Jt5aD2QpvFVbPBBOz17 +PGaubeVn/Ry8swPvkpddtmJ4mgF+3SVctmzY+EE/oN1XS8wa+XeuaThzk89Lvrfa +606nRWrNw3PSKjYoEEtRLhPeJCi9uOVenbOjtclio9mV5Sugwurolczvq8DAGpMG +W4WgALgOWDjQAudiNH5dtcMGkBONbYywkJc7cT2OZFmzkCbchPPWlKGopuaFGAoU +SPj7C9SenHmOWAFRX5jJrOZAuVqkdKN3ShWZUL+cDkOCCQlZ0E31u0m9yozY1MeO +Sx42GtZaSGff37FGYeMZM2ztlutw2zmv2B1g52SBHTjCqQU/ud2Q6/U0kUzjbsdF +/0KQY9wgZRdOvbnA2lBirN1rXzLWPdduOZ5QImfHfvToN+oOlEqVvvWG12DdA4e5 +y4Dumx00lfKEsGutjF3oKgE6jsjwqAwCoYEAFHTtsvA0hKPisQwNHZmpjGARvR56 +yMEmXynKvgyVGvVP2a9VdqBXSpstL24HfDIu+nlyEWGQ +-----END ENCRYPTED PRIVATE KEY----- diff --git a/samples/net/wifi/test_certs/server.pem b/samples/net/wifi/test_certs/server.pem index 12b9a5458bd2..d8f82faf6dd3 100644 --- a/samples/net/wifi/test_certs/server.pem +++ b/samples/net/wifi/test_certs/server.pem @@ -1,68 +1,22 @@ -Bag Attributes - localKeyID: 70 E4 1E 20 0B 8A 3E 65 06 98 99 29 C2 A4 26 33 38 D8 94 23 -subject=C = FR, ST = Radius, O = Example Inc, CN = Example Server Certificate, emailAddress = admin@example.org -issuer=C = FR, ST = Radius, L = Somewhere, O = Example Inc, emailAddress = admin@example.org, CN = Example Certificate Authority -----BEGIN CERTIFICATE----- -MIIFZzCCBE+gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx -DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF -eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk -BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTI0MDgwNzE4 -NDMwNloXDTI0MTAwNjE4NDMwNlowezELMAkGA1UEBhMCRlIxDzANBgNVBAgMBlJh -ZGl1czEUMBIGA1UECgwLRXhhbXBsZSBJbmMxIzAhBgNVBAMMGkV4YW1wbGUgU2Vy -dmVyIENlcnRpZmljYXRlMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9y -ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtkktsya+B8p8x5/P7t -IDIVcc0E6PPUklUmrcAzBuLNdnHH0FCbzqqsE+28L36gyriNv+l0EOvvnV3LJJdc -RO/6Ee4NHjO/GKcmTCDOC1KSl7yP+IaPog/f86UJ1rTOQpnpCi/uB3Gd3ZocZ+s+ -5fnPCVFdAaRfLs8fVbJ3Lt79E/FiVhXXjG4/wFMGHg/6P3fsq5B+VqUww8xUjfZ9 -MUuo+MYP5CPYJHfhuIwNHsunGKsmjMtQ4nR84huTOKy9+YVsKr+GRzGy4aC3ElCb -HTU+axLVcVPRgpsdCaFzXLAg5L//rufgWI7NKIV16t+6q/3euFWPHYW3lqdAWMD4 -yssCAwEAAaOCAdwwggHYMB0GA1UdDgQWBBT5kdLsBRD8WBlzoAmLWRMZf6PvOjCB -0gYDVR0jBIHKMIHHgBRCXfgmfvHHnNNdyS6ziTT1JyZ9RqGBmKSBlTCBkjELMAkG -A1UEBhMCRlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQw -EgYDVQQKDAtFeGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBs -ZS5vcmcxJjAkBgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5ghQ1 -f/ABa8HTFuVRSCGWyh5qvh/qSTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNV -HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAw4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0 -cDovL3d3dy5leGFtcGxlLmNvbS9leGFtcGxlX2NhLmNybDA3BggrBgEFBQcBAQQr -MCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly93d3cuZXhhbXBsZS5vcmcvb2NzcDA6BgNV -HREEMzAxghJyYWRpdXMuZXhhbXBsZS5vcmegGwYIKwYBBQUHCAigDwwNKi5leGFt -cGxlLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAX5O3aUlupNs8C0blKzGJosqKoEP1 -D0/RUESK6443TlK2hAImSE/qz9JGQ4tMSO1bfnYUS9Mnk4hStlG4gg6F/B4nV1eZ -qbHEFWCyhCAlUUeDF+8Lz2G6wYXrw9pPe1GpQSFdHLTV2WKVK0IaRaote8bCQHBm -bgNbfZVXK4JJKX0Wg+ECNQv8bGA/WwZ+QKOcjemaa1kxwi9PFRNOIOdFfk1zKXHz -D6Ex0hFzl2dt+aSpmb93Fo4wDz1rtCJ7HGo1TtUbDdDwDoZv8SKsAI7XtDmrqqP/ -MZa+lI5xVXCsSBDppGZb6BVkl3AfUIIhbCDqj1MT9vXqjtaWsyG4F3iHuw== +MIIDojCCAooCFCPQcj7ej5jhr6/mLlAoLYgfgsYcMA0GCSqGSIb3DQEBCwUAMIGS +MQswCQYDVQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hl +cmUxFDASBgNVBAoMC0V4YW1wbGUgSW5jMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRp +ZmljYXRlIEF1dGhvcml0eTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5v +cmcwHhcNMjQxMDA4MTAyNTI5WhcNMzQxMDA2MTAyNTI5WjCBhzELMAkGA1UEBhMC +RlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQK +DAtFeGFtcGxlIEluYzEbMBkGA1UEAwwSc2VydmVyLmV4YW1wbGUub3JnMSAwHgYJ +KoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANcE/OPHQK/y1b6UsIktNK7WIZB528HECY7Bz18EGba0uHod +91RbzHSJ1qI3iQyldI1UW/kY5oYjBW3lhLH0BkD/EsqvNYCV+3YzAM3ITtdOdEU9 +CqjgXttehQHfXvc7jQlF8Q2gYPUz2dDLo/gcTkz1d+mCr6nQUjT8Kq/nG54T0NnD +k8udchjUlNaQsvx/WVs3TUYxMbWzQRtpJIbv99rAWq7YgQbkNZnSYC1VgrU/BiuQ +0KrP6rfkxvBCGwIh2JXIL3FV4N8AsgGZvjXQ3zXKXwuPhxWdSmjKWlioVM3mha2A +/1e1gX6nFY/uk46D60XWxcJ6tHGHoafU7EtN3zMCAwEAATANBgkqhkiG9w0BAQsF +AAOCAQEAWwdTMphD0jxLtYO0iq/+fMtq2R96ZUN9wprZ7qg1evUNQjqLR4jKX306 +ZJX5uw+6r5Ve/k368qvcSF/sSfvBm8yd3JcegTl5t8T2/Aks8o3sfyuS0uyJC1rS +zTrd7FmJG9YMosU1BqYobda64MXq7g+6MyrQoZ6fVdPvC6Sox3+a4fl9xjdm4CTY +MsWqBJMe26LptvRIJ01/B6PjVTvsn/fxxj7rHmnJ/j63AIiBntm0vV/85cwYy/4o +HlPH/Qjvn3hZjUlBcveiYat998F+s9gH2usvCkG3kly/n1/667LLCymmCHxtH8ka +7tF3siO1EANureFY8qj6ZvlKeTkZ6g== -----END CERTIFICATE----- -Bag Attributes - localKeyID: 70 E4 1E 20 0B 8A 3E 65 06 98 99 29 C2 A4 26 33 38 D8 94 23 -Key Attributes: ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQI0/IqoquZd2sCAggA -MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBA3/HwadBWDheQI/8p1u6j+BIIE -0N7R2UwLzLVPv/QR/hfYtK56iUtq0j5dqW/1Yos5IpkmUhOdXa149OGmzUkM6JQ/ -GaYQ5TbCn0+/HZx0k1nLIHL0fOUlorW/6i/pfw+KMR0bZrPUoZJyukG7iFIcD5yB -Pq6Q/QXVIH0qzB2lTTEa6TNSzM4PtcGd24Ivt7GwX8vz/bbW+gPCnAEbFKTrn1aP -Dr5LRIn9MOStPox/PmCEysdrdgJ8W9BD9J7iviUOmfJckl7hc10j87SvqHDYuPIP -a5QZnGanbsdOfYRCtg6jkLPiR7f3kS+aeITGx1iKdm+wqpcp1JelYmg3b9a0mSGk -fLgOS8z0hmdPrPT4yZtU1MvjxPpbVcpP+S5idWWD30bit2c7lqW3shXjan+voA4R -gYbJewXiJbjFCElj/EnvX5dFaJyBdeRcaIZcKhEwsTGJ/GI6S7nFdDNao4dXUESX -CWgVQNcdqiK/OJ8blQR6+1vxajJNLqx5GwbLJdMbN7d+o8m0O7O+lygF3BiDYpp0 -niLrB+qTM2H5jGRe2Vwhs5HxU1b0uN85xqUHRppeFmNB4mEcpT0XZ0a5kZZhuCQg -P48ONl46i1DAAKOAQ+WSiSQUBO+AmMlzNquCNstkSrEis4szfDOT/RQmlMwLEyb9 -3aXZwsHzZREi7gojsyEHyadeKhsblBITSD79MmVpPBhym6sok8QWgk4R4+Xsckll -cxqhsczmGv/tSz71/Soqql6KXmtk7YUAWDM1YtF1K2pb4zF9q0/mp3MgUB7sjcfm -HMFDD3KSMFGfP9ex4MTUlEFXoBS0jM1rC+L0OtSDsBs23BOJvgi3JArZD2WPUPeR -1dxcrtqYFy1DGkCMZ8+24GmqXbaL+iG/vgyAyhjcgWet2Xk8BHpuYPWSoGlnmJTP -tqLC13jU0to8S8H7vsrbUP5m+XN/sVXkYE86AOsMO+/g+1fcqQOu0fSdSOvNvw5c -/56yHA/+bJJfcQyqoEpPrpR2npazcG0cop3FOP9eTvNERRO6ayXJjrq1Tl9Ok39v -DRQy/TLt6tQtHjiTFDgiZI+PI7FVzSudCGa2oMKTyf8qDWUN65825oSL7e7jggFM -8VFf1MBXb1lCIFIrukNnXuXnYMWtQYjvHS/vN3jP/BGnVW+rEupj/hq4gtv1J2Pu -B5Qn8Q+szCz8ha6ziA9+iVt57SRakK87bZ7qEIIy4XTJBnCGHTVjQOn+aMHJ/76H -wiw8CPgKKQMwx0JyySMfZih+LgxlibPpk76zNIw0eYLM4DQEwmx9LGXZ4TIPCyAg -GiWeKYn4zD0ub634DBFRTmX5XGQhqmKSkCIKOs4/8yzmX3649vess85RJN4DjjGN -njzxuInblVxVg0YvzlGQHXwwCJuG48yoTa3UPvqft67kOoBLh8Kky1kMPPtPm8yR -ZT8E8VdYSg2ssyCpyfaV3RCnxsMpnFUER+JU0g6IxTpDqxA4zK5XS6Wt/KsdnU+1 -locA7O1+lcsDXf2FyDFtwPwNZIjchV1UDXSYr/fKyn10TDoSMeRTZsC0vwm2/9bW -peH+nk/x93j29VZVzGk6hlpLC9MBRq/qGhNqIwklxtfIKLr0l5oMcWwm4h4dAVBR -HUC0MTfbSTrC8mAsOglVa87dF9v1gnA2FVlRZEHJCGwe ------END ENCRYPTED PRIVATE KEY----- diff --git a/samples/net/wifi/test_certs/server2.pem b/samples/net/wifi/test_certs/server2.pem new file mode 100644 index 000000000000..d8f82faf6dd3 --- /dev/null +++ b/samples/net/wifi/test_certs/server2.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDojCCAooCFCPQcj7ej5jhr6/mLlAoLYgfgsYcMA0GCSqGSIb3DQEBCwUAMIGS +MQswCQYDVQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hl +cmUxFDASBgNVBAoMC0V4YW1wbGUgSW5jMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRp +ZmljYXRlIEF1dGhvcml0eTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5v +cmcwHhcNMjQxMDA4MTAyNTI5WhcNMzQxMDA2MTAyNTI5WjCBhzELMAkGA1UEBhMC +RlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQK +DAtFeGFtcGxlIEluYzEbMBkGA1UEAwwSc2VydmVyLmV4YW1wbGUub3JnMSAwHgYJ +KoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANcE/OPHQK/y1b6UsIktNK7WIZB528HECY7Bz18EGba0uHod +91RbzHSJ1qI3iQyldI1UW/kY5oYjBW3lhLH0BkD/EsqvNYCV+3YzAM3ITtdOdEU9 +CqjgXttehQHfXvc7jQlF8Q2gYPUz2dDLo/gcTkz1d+mCr6nQUjT8Kq/nG54T0NnD +k8udchjUlNaQsvx/WVs3TUYxMbWzQRtpJIbv99rAWq7YgQbkNZnSYC1VgrU/BiuQ +0KrP6rfkxvBCGwIh2JXIL3FV4N8AsgGZvjXQ3zXKXwuPhxWdSmjKWlioVM3mha2A +/1e1gX6nFY/uk46D60XWxcJ6tHGHoafU7EtN3zMCAwEAATANBgkqhkiG9w0BAQsF +AAOCAQEAWwdTMphD0jxLtYO0iq/+fMtq2R96ZUN9wprZ7qg1evUNQjqLR4jKX306 +ZJX5uw+6r5Ve/k368qvcSF/sSfvBm8yd3JcegTl5t8T2/Aks8o3sfyuS0uyJC1rS +zTrd7FmJG9YMosU1BqYobda64MXq7g+6MyrQoZ6fVdPvC6Sox3+a4fl9xjdm4CTY +MsWqBJMe26LptvRIJ01/B6PjVTvsn/fxxj7rHmnJ/j63AIiBntm0vV/85cwYy/4o +HlPH/Qjvn3hZjUlBcveiYat998F+s9gH2usvCkG3kly/n1/667LLCymmCHxtH8ka +7tF3siO1EANureFY8qj6ZvlKeTkZ6g== +-----END CERTIFICATE----- diff --git a/soc/nordic/nrf54h/Kconfig b/soc/nordic/nrf54h/Kconfig index 51dc4e074806..9132ca8458b8 100644 --- a/soc/nordic/nrf54h/Kconfig +++ b/soc/nordic/nrf54h/Kconfig @@ -24,6 +24,7 @@ config SOC_NRF54H20_CPUAPP_COMMON select HAS_SEGGER_RTT if ZEPHYR_SEGGER_MODULE select NRFS_HAS_CLOCK_SERVICE select NRFS_HAS_DVFS_SERVICE + select NRFS_HAS_GDPWR_SERVICE select NRFS_HAS_MRAM_SERVICE select NRFS_HAS_TEMP_SERVICE select NRFS_HAS_VBUS_DETECTOR_SERVICE @@ -49,6 +50,7 @@ config SOC_NRF54H20_CPURAD_COMMON select CPU_HAS_CUSTOM_FIXED_SOC_MPU_REGIONS select HAS_SEGGER_RTT if ZEPHYR_SEGGER_MODULE select NRFS_HAS_CLOCK_SERVICE + select NRFS_HAS_GDPWR_SERVICE select NRFS_HAS_MRAM_SERVICE select NRFS_HAS_TEMP_SERVICE select NRFS_HAS_VBUS_DETECTOR_SERVICE diff --git a/soc/nordic/nrf92/Kconfig b/soc/nordic/nrf92/Kconfig index f6efecb6ad07..1f60b944b760 100644 --- a/soc/nordic/nrf92/Kconfig +++ b/soc/nordic/nrf92/Kconfig @@ -22,6 +22,7 @@ config SOC_NRF9230_ENGB_CPUAPP select HAS_NORDIC_DMM select HAS_SEGGER_RTT if ZEPHYR_SEGGER_MODULE select NRFS_HAS_CLOCK_SERVICE + select NRFS_HAS_GDPWR_SERVICE select NRFS_HAS_MRAM_SERVICE select NRFS_HAS_PMIC_SERVICE select NRFS_HAS_TEMP_SERVICE @@ -40,6 +41,7 @@ config SOC_NRF9230_ENGB_CPURAD select HAS_NORDIC_DMM select HAS_SEGGER_RTT if ZEPHYR_SEGGER_MODULE select NRFS_HAS_CLOCK_SERVICE + select NRFS_HAS_GDPWR_SERVICE select NRFS_HAS_MRAM_SERVICE select NRFS_HAS_PMIC_SERVICE select NRFS_HAS_TEMP_SERVICE diff --git a/subsys/net/ip/Kconfig b/subsys/net/ip/Kconfig index cb08b3846ca4..f8c215b4fc3d 100644 --- a/subsys/net/ip/Kconfig +++ b/subsys/net/ip/Kconfig @@ -663,7 +663,7 @@ config NET_BUF_TX_COUNT Each data buffer will occupy CONFIG_NET_BUF_DATA_SIZE + smallish header (sizeof(struct net_buf)) amount of data. -choice +choice NET_PKT_DATA_ALLOC_TYPE prompt "Network packet data allocator type" default NET_BUF_FIXED_DATA_SIZE help diff --git a/subsys/net/l2/wifi/CMakeLists.txt b/subsys/net/l2/wifi/CMakeLists.txt index bab445e82629..fc844e37ca2e 100644 --- a/subsys/net/l2/wifi/CMakeLists.txt +++ b/subsys/net/l2/wifi/CMakeLists.txt @@ -23,27 +23,49 @@ if (CONFIG_WIFI_NM) zephyr_iterable_section(NAME wifi_nm_instance GROUP DATA_REGION ${XIP_ALIGN_WITH_INPUT} SUBALIGN ${CONFIG_LINKER_ITERABLE_SUBALIGN}) endif() -# Wi-Fi Enterprise test certificates handling -set(gen_inc_dir ${ZEPHYR_BINARY_DIR}/misc/generated) -set(gen_dir ${gen_inc_dir}/wifi_enterprise_test_certs) - -# convert .pem files to array data at build time -zephyr_include_directories(${gen_inc_dir}) - -generate_inc_file_for_target( - app - ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client.pem - ${gen_dir}/client.pem.inc - ) - -generate_inc_file_for_target( - app - ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client-key.pem - ${gen_dir}/client-key.pem.inc - ) - -generate_inc_file_for_target( - app - ${ZEPHYR_BASE}/samples/net/wifi/test_certs/ca.pem - ${gen_dir}/ca.pem.inc - ) +if(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE) + # Wi-Fi Enterprise test certificates handling + set(gen_inc_dir ${ZEPHYR_BINARY_DIR}/misc/generated) + set(gen_dir ${gen_inc_dir}/wifi_enterprise_test_certs) + # Create output directory for test certs + file(MAKE_DIRECTORY ${gen_dir}) + + # convert .pem files to array data at build time + zephyr_include_directories(${gen_inc_dir}) + + generate_inc_file_for_target( + app + ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client.pem + ${gen_dir}/client.pem.inc + ) + + generate_inc_file_for_target( + app + ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client-key.pem + ${gen_dir}/client-key.pem.inc + ) + + generate_inc_file_for_target( + app + ${ZEPHYR_BASE}/samples/net/wifi/test_certs/ca.pem + ${gen_dir}/ca.pem.inc + ) + + generate_inc_file_for_target( + app + ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client2.pem + ${gen_dir}/client2.pem.inc + ) + + generate_inc_file_for_target( + app + ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client-key2.pem + ${gen_dir}/client-key2.pem.inc + ) + + generate_inc_file_for_target( + app + ${ZEPHYR_BASE}/samples/net/wifi/test_certs/ca2.pem + ${gen_dir}/ca2.pem.inc + ) +endif() diff --git a/subsys/net/l2/wifi/wifi_mgmt.c b/subsys/net/l2/wifi/wifi_mgmt.c index d676edd8f993..5974cde6a1a2 100644 --- a/subsys/net/l2/wifi/wifi_mgmt.c +++ b/subsys/net/l2/wifi/wifi_mgmt.c @@ -41,6 +41,8 @@ const char *wifi_security_txt(enum wifi_security_type security) return "WAPI"; case WIFI_SECURITY_TYPE_EAP_TLS: return "EAP"; + case WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL: + return "WPA/WPA2/WPA3 PSK"; case WIFI_SECURITY_TYPE_UNKNOWN: default: return "UNKNOWN"; @@ -240,6 +242,18 @@ const char *wifi_ps_wakeup_mode_txt(enum wifi_ps_wakeup_mode ps_wakeup_mode) } } +const char * const wifi_ps_exit_strategy_txt(enum wifi_ps_exit_strategy ps_exit_strategy) +{ + switch (ps_exit_strategy) { + case WIFI_PS_EXIT_EVERY_TIM: + return "Every TIM"; + case WIFI_PS_EXIT_CUSTOM_ALGO: + return "Custom algorithm"; + default: + return "UNKNOWN"; + } +} + static const struct wifi_mgmt_ops *const get_wifi_api(struct net_if *iface) { const struct device *dev = net_if_get_device(iface); @@ -570,6 +584,13 @@ static int wifi_set_power_save(uint32_t mgmt_request, struct net_if *iface, case WIFI_PS_PARAM_WAKEUP_MODE: case WIFI_PS_PARAM_TIMEOUT: break; + case WIFI_PS_PARAM_EXIT_STRATEGY: + if (ps_params->exit_strategy > WIFI_PS_EXIT_MAX) { + ps_params->fail_reason = + WIFI_PS_PARAM_FAIL_INVALID_EXIT_STRATEGY; + return -EINVAL; + } + break; default: ps_params->fail_reason = WIFI_PS_PARAM_FAIL_OPERATION_NOT_SUPPORTED; @@ -813,6 +834,21 @@ static int wifi_get_connection_params(uint32_t mgmt_request, struct net_if *ifac NET_MGMT_REGISTER_REQUEST_HANDLER(NET_REQUEST_WIFI_CONN_PARAMS, wifi_get_connection_params); +static int wifi_wps_config(uint32_t mgmt_request, struct net_if *iface, void *data, size_t len) +{ + const struct device *dev = net_if_get_device(iface); + const struct wifi_mgmt_ops *const wifi_mgmt_api = get_wifi_api(iface); + struct wifi_wps_config_params *params = data; + + if (wifi_mgmt_api == NULL || wifi_mgmt_api->wps_config == NULL) { + return -ENOTSUP; + } + + return wifi_mgmt_api->wps_config(dev, params); +} + +NET_MGMT_REGISTER_REQUEST_HANDLER(NET_REQUEST_WIFI_WPS_CONFIG, wifi_wps_config); + static int wifi_set_rts_threshold(uint32_t mgmt_request, struct net_if *iface, void *data, size_t len) { diff --git a/subsys/net/l2/wifi/wifi_shell.c b/subsys/net/l2/wifi/wifi_shell.c index 2dbb44de0aa8..d422abb5024c 100644 --- a/subsys/net/l2/wifi/wifi_shell.c +++ b/subsys/net/l2/wifi/wifi_shell.c @@ -32,15 +32,30 @@ LOG_MODULE_REGISTER(net_wifi_shell, LOG_LEVEL_INF); #ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE static const char ca_cert_test[] = { #include + '\0' }; static const char client_cert_test[] = { #include + '\0' }; static const char client_key_test[] = { #include + '\0' }; + +static const char ca_cert2_test[] = { + #include + '\0'}; + +static const char client_cert2_test[] = { + #include + '\0'}; + +static const char client_key2_test[] = { + #include + '\0'}; #endif #define WIFI_SHELL_MODULE "wifi" @@ -100,6 +115,12 @@ static int cmd_wifi_set_enterprise_creds(const struct shell *sh, struct net_if * params.client_cert_len = ARRAY_SIZE(client_cert_test); params.client_key = (uint8_t *)client_key_test; params.client_key_len = ARRAY_SIZE(client_key_test); + params.ca_cert2 = (uint8_t *)ca_cert2_test; + params.ca_cert2_len = ARRAY_SIZE(ca_cert2_test); + params.client_cert2 = (uint8_t *)client_cert2_test; + params.client_cert2_len = ARRAY_SIZE(client_cert2_test); + params.client_key2 = (uint8_t *)client_key2_test; + params.client_key2_len = ARRAY_SIZE(client_key2_test); if (net_mgmt(NET_REQUEST_WIFI_ENTERPRISE_CREDS, iface, ¶ms, sizeof(params))) { PR_WARNING("Set enterprise credentials failed\n"); @@ -125,16 +146,16 @@ static bool parse_number(const struct shell *sh, long *param, char *str, } if (*endptr != '\0') { - PR_ERROR("Invalid number: %s", str_tmp); + PR_ERROR("Invalid number: %s\n", str_tmp); return false; } if ((num) < (min) || (num) > (max)) { if (pname) { - PR_WARNING("%s value out of range: %s, (%ld-%ld)", + PR_WARNING("%s value out of range: %s, (%ld-%ld)\n", pname, str_tmp, min, max); } else { - PR_WARNING("Value out of range: %s, (%ld-%ld)", + PR_WARNING("Value out of range: %s, (%ld-%ld)\n", str_tmp, min, max); } return false; @@ -500,7 +521,26 @@ static int __wifi_args_to_params(const struct shell *sh, size_t argc, char *argv {"channel", required_argument, 0, 'c'}, {"timeout", required_argument, 0, 't'}, {"anon-id", required_argument, 0, 'a'}, - {"key-passwd", required_argument, 0, 'K'}, + {"key1-pwd", required_argument, 0, 'K'}, + {"key2-pwd", required_argument, 0, 'K'}, + {"suiteb-type", required_argument, 0, 'S'}, + {"eap-version", required_argument, 0, 'V'}, + {"eap-id1", required_argument, 0, 'I'}, + {"eap-id2", required_argument, 0, 'I'}, + {"eap-id3", required_argument, 0, 'I'}, + {"eap-id4", required_argument, 0, 'I'}, + {"eap-id5", required_argument, 0, 'I'}, + {"eap-id6", required_argument, 0, 'I'}, + {"eap-id7", required_argument, 0, 'I'}, + {"eap-id8", required_argument, 0, 'I'}, + {"eap-pwd1", required_argument, 0, 'P'}, + {"eap-pwd2", required_argument, 0, 'P'}, + {"eap-pwd3", required_argument, 0, 'P'}, + {"eap-pwd4", required_argument, 0, 'P'}, + {"eap-pwd5", required_argument, 0, 'P'}, + {"eap-pwd6", required_argument, 0, 'P'}, + {"eap-pwd7", required_argument, 0, 'P'}, + {"eap-pwd8", required_argument, 0, 'P'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0}}; char *endptr; @@ -516,14 +556,16 @@ static int __wifi_args_to_params(const struct shell *sh, size_t argc, char *argv char bands_str[MAX_BANDS_STR_LEN] = {0}; size_t offset = 0; long channel; + int key_passwd_cnt = 0; /* Defaults */ params->band = WIFI_FREQ_BAND_UNKNOWN; params->channel = WIFI_CHANNEL_ANY; params->security = WIFI_SECURITY_TYPE_NONE; params->mfp = WIFI_MFP_OPTIONAL; + params->eap_ver = 1; - while ((opt = getopt_long(argc, argv, "s:p:k:w:b:c:m:t:a:K:h", + while ((opt = getopt_long(argc, argv, "s:p:k:e:w:b:c:m:t:a:K:S:V:I:P:h", long_options, &opt_index)) != -1) { state = getopt_state_get(); switch (opt) { @@ -584,7 +626,8 @@ static int __wifi_args_to_params(const struct shell *sh, size_t argc, char *argv params->channel = channel; break; case 'b': - if (iface_mode == WIFI_MODE_INFRA) { + if (iface_mode == WIFI_MODE_INFRA || + iface_mode == WIFI_MODE_AP) { switch (atoi(state->optarg)) { case 2: params->band = WIFI_FREQ_BAND_2_4_GHZ; @@ -636,10 +679,54 @@ static int __wifi_args_to_params(const struct shell *sh, size_t argc, char *argv } break; case 'K': - params->key_passwd = optarg; - params->key_passwd_length = strlen(params->key_passwd); - if (params->key_passwd_length > WIFI_ENT_PSWD_MAX_LEN) { - PR_WARNING("key_passwd too long (max %d characters)\n", + if (key_passwd_cnt >= 2) { + PR_WARNING("too many key_passwd (max 2 key_passwd)\n"); + return -EINVAL; + } + + if (key_passwd_cnt == 0) { + params->key_passwd = optarg; + params->key_passwd_length = strlen(params->key_passwd); + if (params->key_passwd_length > WIFI_ENT_PSWD_MAX_LEN) { + PR_WARNING("key_passwd too long (max %d characters)\n", + WIFI_ENT_PSWD_MAX_LEN); + return -EINVAL; + } + } else if (key_passwd_cnt == 1) { + params->key2_passwd = optarg; + params->key2_passwd_length = strlen(params->key2_passwd); + if (params->key2_passwd_length > WIFI_ENT_PSWD_MAX_LEN) { + PR_WARNING("key2_passwd too long (max %d characters)\n", + WIFI_ENT_PSWD_MAX_LEN); + return -EINVAL; + } + } + key_passwd_cnt++; + break; + case 'S': + params->suiteb_type = atoi(optarg); + break; + case 'V': + params->eap_ver = atoi(optarg); + if (params->eap_ver != 0U && params->eap_ver != 1U) { + PR_WARNING("eap_ver error %d\n", params->eap_ver); + return -EINVAL; + } + break; + case 'I': + params->eap_identity = optarg; + params->eap_id_length = strlen(params->eap_identity); + if (params->eap_id_length > WIFI_ENT_IDENTITY_MAX_LEN) { + PR_WARNING("eap identity too long (max %d characters)\n", + WIFI_ENT_IDENTITY_MAX_LEN); + return -EINVAL; + } + break; + case 'P': + params->eap_password = optarg; + params->eap_passwd_length = strlen(params->eap_password); + if (params->eap_passwd_length > WIFI_ENT_PSWD_MAX_LEN) { + PR_WARNING("eap password length too long (max %d characters)\n", WIFI_ENT_PSWD_MAX_LEN); return -EINVAL; } @@ -706,7 +793,12 @@ static int cmd_wifi_connect(const struct shell *sh, size_t argc, #ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE /* Load the enterprise credentials if needed */ - if (cnx_params.security == WIFI_SECURITY_TYPE_EAP_TLS) { + if (cnx_params.security == WIFI_SECURITY_TYPE_EAP_TLS || + cnx_params.security == WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2 || + cnx_params.security == WIFI_SECURITY_TYPE_EAP_PEAP_GTC || + cnx_params.security == WIFI_SECURITY_TYPE_EAP_TTLS_MSCHAPV2 || + cnx_params.security == WIFI_SECURITY_TYPE_EAP_PEAP_TLS || + cnx_params.security == WIFI_SECURITY_TYPE_EAP_TLS_SHA256) { cmd_wifi_set_enterprise_creds(sh, iface); } #endif @@ -950,6 +1042,65 @@ static int cmd_wifi_status(const struct shell *sh, size_t argc, char *argv[]) return 0; } +static int cmd_wifi_ap_status(const struct shell *sh, size_t argc, char *argv[]) +{ + struct net_if *iface = net_if_get_wifi_sap(); + struct wifi_iface_status status = {0}; + uint8_t mac_string_buf[sizeof("xx:xx:xx:xx:xx:xx")]; + + context.sh = sh; + + if (net_mgmt(NET_REQUEST_WIFI_IFACE_STATUS, iface, &status, + sizeof(struct wifi_iface_status))) { + PR_WARNING("Status request failed\n"); + + return -ENOEXEC; + } + + switch (status.state) { + case WIFI_HAPD_IFACE_UNINITIALIZED: + PR("State: %s\n", "HAPD_IFACE_UNINITIALIZED"); + return 0; + case WIFI_HAPD_IFACE_DISABLED: + PR("State: %s\n", "HAPD_IFACE_DISABLED"); + return 0; + case WIFI_HAPD_IFACE_COUNTRY_UPDATE: + PR("State: %s\n", "HAPD_IFACE_DISABLED"); + return 0; + case WIFI_HAPD_IFACE_ACS: + PR("State: %s\n", "HAPD_IFACE_DISABLED"); + return 0; + case WIFI_HAPD_IFACE_HT_SCAN: + PR("State: %s\n", "HAPD_IFACE_DISABLED"); + return 0; + case WIFI_HAPD_IFACE_DFS: + PR("State: %s\n", "HAPD_IFACE_DISABLED"); + break; + case WIFI_HAPD_IFACE_ENABLED: + break; + default: + return 0; + } + + PR("Interface Mode: %s\n", wifi_mode_txt(status.iface_mode)); + PR("Link Mode: %s\n", wifi_link_mode_txt(status.link_mode)); + PR("SSID: %.32s\n", status.ssid); + PR("BSSID: %s\n", net_sprint_ll_addr_buf(status.bssid, WIFI_MAC_ADDR_LEN, mac_string_buf, + sizeof(mac_string_buf))); + PR("Band: %s\n", wifi_band_txt(status.band)); + PR("Channel: %d\n", status.channel); + PR("Security: %s\n", wifi_security_txt(status.security)); + PR("MFP: %s\n", wifi_mfp_txt(status.mfp)); + if (status.iface_mode == WIFI_MODE_INFRA) { + PR("RSSI: %d\n", status.rssi); + } + PR("Beacon Interval: %d\n", status.beacon_interval); + PR("DTIM: %d\n", status.dtim_period); + PR("TWT: %s\n", status.twt_capable ? "Supported" : "Not supported"); + + return 0; +} + #if defined(CONFIG_NET_STATISTICS_WIFI) && \ defined(CONFIG_NET_STATISTICS_USER_API) static void print_wifi_stats(struct net_if *iface, struct net_stats_wifi *data, @@ -1062,6 +1213,9 @@ static int cmd_wifi_ps(const struct shell *sh, size_t argc, char *argv[]) PR("PS timeout: disabled\n"); } + shell_fprintf(sh, SHELL_NORMAL, "PS exit strategy: %s\n", + wifi_ps_exit_strategy_txt(config.ps_params.exit_strategy)); + if (config.num_twt_flows == 0) { PR("No TWT flows\n"); } else { @@ -1671,16 +1825,19 @@ static int cmd_wifi_btm_query(const struct shell *sh, size_t argc, char *argv[]) { struct net_if *iface = net_if_get_first_wifi(); uint8_t query_reason = 0; + long tmp = 0; context.sh = sh; - if (!parse_number(sh, (long *)&query_reason, argv[1], NULL, + if (!parse_number(sh, &tmp, argv[1], NULL, WIFI_BTM_QUERY_REASON_UNSPECIFIED, WIFI_BTM_QUERY_REASON_LEAVING_ESS)) { return -EINVAL; } + query_reason = tmp; + if (net_mgmt(NET_REQUEST_WIFI_BTM_QUERY, iface, &query_reason, sizeof(query_reason))) { - PR_WARNING("Setting BTM query Reason failed..Reason :%d\n", query_reason); + PR_WARNING("Setting BTM query Reason failed. Reason : %d\n", query_reason); return -ENOEXEC; } @@ -1690,6 +1847,57 @@ static int cmd_wifi_btm_query(const struct shell *sh, size_t argc, char *argv[]) } #endif +static int cmd_wifi_wps_pbc(const struct shell *sh, size_t argc, char *argv[]) +{ + struct net_if *iface = net_if_get_first_wifi(); + struct wifi_wps_config_params params = {0}; + + context.sh = sh; + + if (argc == 1) { + params.oper = WIFI_WPS_PBC; + } else { + shell_help(sh); + return -ENOEXEC; + } + + if (net_mgmt(NET_REQUEST_WIFI_WPS_CONFIG, iface, ¶ms, sizeof(params))) { + PR_WARNING("Start wps pbc connection failed\n"); + return -ENOEXEC; + } + + return 0; +} + +static int cmd_wifi_wps_pin(const struct shell *sh, size_t argc, char *argv[]) +{ + struct net_if *iface = net_if_get_first_wifi(); + struct wifi_wps_config_params params = {0}; + + context.sh = sh; + + if (argc == 1) { + params.oper = WIFI_WPS_PIN_GET; + } else if (argc == 2) { + params.oper = WIFI_WPS_PIN_SET; + strncpy(params.pin, argv[1], WIFI_WPS_PIN_MAX_LEN); + } else { + shell_help(sh); + return -ENOEXEC; + } + + if (net_mgmt(NET_REQUEST_WIFI_WPS_CONFIG, iface, ¶ms, sizeof(params))) { + PR_WARNING("Start wps pin connection failed\n"); + return -ENOEXEC; + } + + if (params.oper == WIFI_WPS_PIN_GET) { + PR("WPS PIN is: %s\n", params.pin); + } + + return 0; +} + static int cmd_wifi_ps_wakeup_mode(const struct shell *sh, size_t argc, char *argv[]) { struct net_if *iface = net_if_get_first_wifi(); @@ -1777,6 +1985,40 @@ static int cmd_wifi_set_rts_threshold(const struct shell *sh, size_t argc, char return 0; } +static int cmd_wifi_ps_exit_strategy(const struct shell *sh, size_t argc, + char *argv[]) +{ + struct net_if *iface = net_if_get_first_wifi(); + struct wifi_ps_params params = { 0 }; + + context.sh = sh; + + if (!strncmp(argv[1], "tim", 3)) { + params.exit_strategy = WIFI_PS_EXIT_EVERY_TIM; + } else if (!strncmp(argv[1], "custom", 6)) { + params.exit_strategy = WIFI_PS_EXIT_CUSTOM_ALGO; + } else { + shell_fprintf(sh, SHELL_WARNING, "Invalid argument\n"); + shell_fprintf(sh, SHELL_INFO, "Valid argument : / \n"); + return -ENOEXEC; + } + + params.type = WIFI_PS_PARAM_EXIT_STRATEGY; + + if (net_mgmt(NET_REQUEST_WIFI_PS, iface, ¶ms, sizeof(params))) { + shell_fprintf(sh, SHELL_WARNING, + "Setting PS exit strategy to %s failed..Reason :%s\n", + wifi_ps_exit_strategy_txt(params.exit_strategy), + wifi_ps_get_config_err_code_str(params.fail_reason)); + return -ENOEXEC; + } + + shell_fprintf(sh, SHELL_NORMAL, "%s\n", + wifi_ps_exit_strategy_txt(params.exit_strategy)); + + return 0; +} + void parse_mode_args_to_params(const struct shell *sh, int argc, char *argv[], struct wifi_mode_info *mode, bool *do_mode_oper) @@ -2580,24 +2822,27 @@ static int cmd_wifi_dpp_ap_qr_code(const struct shell *sh, size_t argc, char *ar static int cmd_wifi_dpp_ap_auth_init(const struct shell *sh, size_t argc, char *argv[]) { - int ret = 0; - struct net_if *iface = net_if_get_wifi_sap(); - struct wifi_dpp_params params = {0}; int opt; int opt_index = 0; struct getopt_state *state; - static struct option long_options[] = {{"peer", required_argument, 0, 'p'}, {0, 0, 0, 0}}; + static const struct option long_options[] = { + {"peer", required_argument, 0, 'p'}, + {0, 0, 0, 0}}; + int ret = 0; + struct net_if *iface = net_if_get_wifi_sap(); + struct wifi_dpp_params params = {0}; params.action = WIFI_DPP_AUTH_INIT; - while ((opt = getopt_long(argc, argv, "p:", long_options, &opt_index)) != -1) { + while ((opt = getopt_long(argc, argv, "p:", + long_options, &opt_index)) != -1) { state = getopt_state_get(); switch (opt) { case 'p': - params.auth_init.peer = shell_strtol(optarg, 10, &ret); + params.auth_init.peer = shell_strtol(state->optarg, 10, &ret); break; default: - PR_ERROR("Invalid option %c\n", optopt); + PR_ERROR("Invalid option %c\n", state->optopt); return -EINVAL; } @@ -2656,43 +2901,41 @@ static int cmd_wifi_pmksa_flush(const struct shell *sh, size_t argc, char *argv[ return 0; } -SHELL_STATIC_SUBCMD_SET_CREATE(wifi_cmd_ap, - SHELL_CMD_ARG(disable, NULL, - "Disable Access Point mode.\n", - cmd_wifi_ap_disable, - 1, 0), +SHELL_STATIC_SUBCMD_SET_CREATE( + wifi_cmd_ap, + SHELL_CMD_ARG(disable, NULL, "Disable Access Point mode.\n", cmd_wifi_ap_disable, 1, 0), SHELL_CMD_ARG(enable, NULL, - "-s --ssid=\n" - "-c --channel=\n" - "-p --passphrase= (valid only for secure SSIDs)\n" - "-k --key-mgmt= (valid only for secure SSIDs)\n" - "0:None, 1:WPA2-PSK, 2:WPA2-PSK-256, 3:SAE, 4:WAPI, 5:EAP-TLS, 6:WEP\n" - "7: WPA-PSK, 11: DPP\n" - "-w --ieee-80211w= (optional: needs security type to be specified)\n" - "0:Disable, 1:Optional, 2:Required\n" - "-b --band= (2 -2.6GHz, 5 - 5Ghz, 6 - 6GHz)\n" - "-m --bssid=\n" - "-h --help (prints help)", - cmd_wifi_ap_enable, - 2, 13), - SHELL_CMD_ARG(stations, NULL, - "List stations connected to the AP", - cmd_wifi_ap_stations, - 1, 0), + "-s --ssid=\n" + "-c --channel=\n" + "-p --passphrase= (valid only for secure SSIDs)\n" + "-k --key-mgmt= (valid only for secure SSIDs)\n" + "0:None, 1:WPA2-PSK, 2:WPA2-PSK-256, 3:SAE, 4:WAPI, 5:EAP-TLS, 6:WEP\n" + "7: WPA-PSK, 11: DPP\n" + "-w --ieee-80211w= (optional: needs security type to be specified)\n" + "0:Disable, 1:Optional, 2:Required\n" + "-b --band= (2 -2.6GHz, 5 - 5Ghz, 6 - 6GHz)\n" + "-m --bssid=\n" + "-h --help (prints help)", + cmd_wifi_ap_enable, 2, 13), + SHELL_CMD_ARG(stations, NULL, "List stations connected to the AP", cmd_wifi_ap_stations, 1, + 0), SHELL_CMD_ARG(disconnect, NULL, - "Disconnect a station from the AP\n" - "\n", - cmd_wifi_ap_sta_disconnect, - 2, 0), + "Disconnect a station from the AP\n" + "\n", + cmd_wifi_ap_sta_disconnect, 2, 0), SHELL_CMD_ARG(config, NULL, - "Configure AP parameters.\n" - "-i --max_inactivity=