Skip to content

hostap: support enterprise and DPP #73249

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jun 7, 2024
Merged

hostap: support enterprise and DPP #73249

merged 6 commits into from
Jun 7, 2024

Conversation

@fengming-ye
Copy link
Contributor

@fengming-ye fengming-ye commented May 24, 2024

Change cmake and kconfig for enterprise and DPP support.

@zephyrbot zephyrbot added the area: Wi-Fi Wi-Fi label May 24, 2024
@zephyrbot zephyrbot requested review from jukkar and krish2718 May 24, 2024 05:52
@fengming-ye fengming-ye force-pushed the feature/hostap_crypto_mbedtls branch from 1ab6b9d to cdb34b0 Compare May 27, 2024 10:07
@zephyrbot zephyrbot requested review from ceolin, d3zd3z and ithinuel May 27, 2024 10:08
@fengming-ye fengming-ye force-pushed the feature/hostap_crypto_mbedtls branch 3 times, most recently from fc9091b to 4631607 Compare May 29, 2024 07:43
@fengming-ye fengming-ye mentioned this pull request May 29, 2024
Merged
@fengming-ye fengming-ye force-pushed the feature/hostap_crypto_mbedtls branch from 4631607 to cd9a397 Compare May 29, 2024 08:23
krish2718
krish2718 reviewed May 29, 2024
View reviewed changes
Copy link
Contributor

@krish2718 krish2718 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From a quick look changes LGTM, but can you please divide in to smaller commits with appropriate commit logs?

E.g.

  • NO_PBKDF2
  • Removing blobs and why
  • Adding CRC32
  • Moving existing crypto
  • Adding DPP
  • Adding ALT crypto
    ...

@fengming-ye fengming-ye force-pushed the feature/hostap_crypto_mbedtls branch from cd9a397 to e2450e2 Compare May 29, 2024 09:24
@fengming-ye
Copy link
Contributor Author

fengming-ye commented May 29, 2024

From a quick look changes LGTM, but can you please divide in to smaller commits with appropriate commit logs?

E.g.

  • NO_PBKDF2
  • Removing blobs and why
  • Adding CRC32
  • Moving existing crypto
  • Adding DPP
  • Adding ALT crypto
    ...

updated pls check

@fengming-ye
Copy link
Contributor Author

fengming-ye commented May 29, 2024

There might be a CI issue in compliance check fail
Undefined Kconfig symbols:

warning: undefined symbol MBEDTLS_MAC_CMAC_ENABLED:

But MBEDTLS_MAC_CMAC_ENABLED is defined in modules/mbedtls/Kconfig.tls-generic like other symbols.

@fengming-ye fengming-ye force-pushed the feature/hostap_crypto_mbedtls branch from e2450e2 to 5dc42d5 Compare May 29, 2024 09:47
@dleach02
Copy link
Member

dleach02 commented May 30, 2024
edited
Loading

MBEDTLS_MAC_CMAC_ENABLED

@fengming-ye, this changed in a PR that merged yesterday (things move fast at times) [#73267]. All the MBED_MAC_ENABLED have changed to just MBED

dleach02
dleach02 reviewed May 30, 2024
View reviewed changes
modules/hostap/Kconfig Outdated
Copy link
Member

@dleach02 dleach02 May 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change this to MBEDTLS_CMAC

@fengming-ye
hostap: add crypto backend alt for enterprise and DPP
934a983 
Add kconfig CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT to get more mbedtls
functionality for enterprise and DPP.
Split cmake sources related to hostap SME and crypto backend.
Default backend CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO use internal crypto
and some mbedtls apis.
Backend CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT use most mbedtls apis
and PSA apis, except some apis no longer supported in mbedtls 3.x,
or called in the middle of hostap and mbedtls.

Signed-off-by: Fengming Ye <[email protected]>
@fengming-ye
hostap: add PSA apis support for mbedtls 3.x
7c08b75 
Add Platform Secure Architecture support support to use
HW acceleration, which needs to be called under PSA driver wrapper
in mbedtls 3.x.

Signed-off-by: Fengming Ye <[email protected]>
@fengming-ye
hostap: add DPP support
69b9374 
Add kconfig and cmake to support DPP (Easy Connect).

Signed-off-by: Fengming Ye <[email protected]>
@fengming-ye
hostap: remove CONFIG_NO_PBKDF2 and CONFIG_NO_CONFIG_BLOBS in cmake
729fdb1 
Remove CONFIG_NO_PBKDF2 and CONFIG_NO_CONFIG_BLOBS definition
and let them be decided in kconfig.
CONFIG_NO_PBKDF2 is default y when crypto backend is
WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE.
CONFIG_NO_CONFIG_BLOBS is default y when both DPP and enterprise disable.

Signed-off-by: Fengming Ye <[email protected]>
@fengming-ye
hostap: add enterprise source files in cmake
16e510f 
Add enterprise needed source files.

Signed-off-by: Fengming Ye <[email protected]>
@fengming-ye
mbedtls: add kconfig options
a794aa6 
Add MBEDTLS_NIST_KW_C, MBEDTLS_DHM_C and X509 CRL, CSR options.

Signed-off-by: Fengming Ye <[email protected]>
@fengming-ye fengming-ye force-pushed the feature/hostap_crypto_mbedtls branch from 5dc42d5 to a794aa6 Compare May 30, 2024 03:03
@fengming-ye fengming-ye requested review from dleach02 and krish2718 June 4, 2024 08:07
@fengming-ye
Copy link
Contributor Author

fengming-ye commented Jun 4, 2024

Hi @jukkar @krish2718
Here is kconfig and cmake changes for WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT
Pls also help review.

Hi @ceolin @d3zd3z @ithinuel
Here is some kconfig adds for MBEDTLS_CONFIG macros.
Pls help review.

Thanks.

@fengming-ye fengming-ye mentioned this pull request Jun 4, 2024
Merged
jukkar
jukkar approved these changes Jun 4, 2024
View reviewed changes
Copy link
Member

@jukkar jukkar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dleach02 dleach02 added this to the v3.7.0 milestone Jun 6, 2024
@nashif nashif merged commit edd0ed7 into zephyrproject-rtos:main Jun 7, 2024
@fengming-ye fengming-ye deleted the feature/hostap_crypto_mbedtls branch June 7, 2024 07:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jukkar jukkar jukkar approved these changes

@dleach02 dleach02 dleach02 approved these changes

@krish2718 krish2718 krish2718 approved these changes

@ceolin ceolin Awaiting requested review from ceolin

@d3zd3z d3zd3z Awaiting requested review from d3zd3z

@ithinuel ithinuel Awaiting requested review from ithinuel

Assignees

@krish2718 krish2718

Labels

area: Crypto / RNG area: Wi-Fi Wi-Fi

Projects

None yet

Milestone

v3.7.0

Development

Successfully merging this pull request may close these issues.

6 participants

@fengming-ye @dleach02 @jukkar @krish2718 @nashif @zephyrbot