From e1eef3a8b01a25e75abf63d15bdc90157a74cba9 Mon Sep 17 00:00:00 2001 From: Heng Luo Date: Fri, 24 Jun 2022 15:59:44 +0800 Subject: NetworkPkg: Add Wi-Fi Wpa3 support in WifiConnectManager https://bugzilla.tianocore.org/show_bug.cgi?id=3961 Add below Wpa3 support: WPA3-Personal: Ieee80211AkmSuiteSAE = 8 WPA3-Enterprise: Ieee80211AkmSuite8021XSuiteB = 11 Ieee80211AkmSuite8021XSuiteB192 = 12 Wi-Fi CERTIFIED Enhanced Open: Ieee80211AkmSuiteOWE = 18 Cc: Maciej Rabeda Cc: Fu Siyuan Cc: Wu Jiaxin Signed-off-by: Heng Luo --- .../WifiConnectionMgrMisc.c | 77 ++++++++++++++++++---- 1 file changed, 66 insertions(+), 11 deletions(-) (limited to 'NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrMisc.c') diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrMisc.c b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrMisc.c index 4e7c241..4ad5643 100644 --- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrMisc.c +++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrMisc.c @@ -1,7 +1,7 @@ /** @file The Miscellaneous Routines for WiFi Connection Manager. - Copyright (c) 2019, Intel Corporation. All rights reserved.
+ Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -9,6 +9,24 @@ #include "WifiConnectionMgrDxe.h" +// +// STA AKM preference order +// REF: https://www.wi-fi.org/file/wpa3-specification +// +STATIC UINT32 mAKMSuitePreference[] = { + IEEE_80211_AKM_SUITE_8021X_SUITE_B192, // AKM Suite 12 + IEEE_80211_AKM_SUITE_8021X_SUITE_B, // AKM Suite 11 + IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256, // AKM Suite 5 + IEEE_80211_AKM_SUITE_8021X_OR_PMKSA, // AKM Suite 1 + + IEEE_80211_AKM_SUITE_SAE, // AKM Suite 8 + IEEE_80211_AKM_SUITE_PSK_SHA256, // AKM Suite 6 + IEEE_80211_AKM_SUITE_PSK, // AKM Suite 2 + + IEEE_80211_AKM_SUITE_OWE // AKM Suite 18 +}; +#define AKM_SUITE_PREFERENCE_COUNT (sizeof (mAKMSuitePreference) / sizeof (UINT32)) + /** Empty function for event process function. @@ -340,7 +358,7 @@ WifiMgrCheckRSN ( EFI_80211_AKM_SUITE_SELECTOR *SupportedAKMSuites; EFI_80211_CIPHER_SUITE_SELECTOR *SupportedSwCipherSuites; EFI_80211_CIPHER_SUITE_SELECTOR *SupportedHwCipherSuites; - EFI_80211_SUITE_SELECTOR *AKMSuite; + UINT32 *AKMSuite; EFI_80211_SUITE_SELECTOR *CipherSuite; UINT16 AKMIndex; UINT16 CipherIndex; @@ -371,18 +389,29 @@ WifiMgrCheckRSN ( return EFI_SUCCESS; } - for (AKMIndex = 0; AKMIndex < AKMList->AKMSuiteCount; AKMIndex++) { - AKMSuite = AKMList->AKMSuiteList + AKMIndex; - if (WifiMgrSupportAKMSuite ( - SupportedAKMSuites->AKMSuiteCount, - (UINT32 *)SupportedAKMSuites->AKMSuiteList, - (UINT32 *)AKMSuite - )) + for (AKMIndex = 0; AKMIndex < AKM_SUITE_PREFERENCE_COUNT; AKMIndex++) { + AKMSuite = mAKMSuitePreference + AKMIndex; + if (WifiMgrSupportAKMSuite (AKMList->AKMSuiteCount, (UINT32 *)AKMList->AKMSuiteList, AKMSuite) && + WifiMgrSupportAKMSuite (SupportedAKMSuites->AKMSuiteCount, (UINT32 *)SupportedAKMSuites->AKMSuiteList, AKMSuite)) { if ((AKMSuiteSupported != NULL) && (CipherSuiteSupported != NULL)) { *AKMSuiteSupported = TRUE; } + // + // OWE transition mode allow CipherSuiteCount is 0 + // + if (CipherList->CipherSuiteCount == 0) { + *SecurityType = WifiMgrGetSecurityType ((UINT32 *)AKMSuite, NULL); + if (*SecurityType != SECURITY_TYPE_UNKNOWN) { + if ((AKMSuiteSupported != NULL) && (CipherSuiteSupported != NULL)) { + *CipherSuiteSupported = TRUE; + } + + return EFI_SUCCESS; + } + } + for (CipherIndex = 0; CipherIndex < CipherList->CipherSuiteCount; CipherIndex++) { CipherSuite = CipherList->CipherSuiteList + CipherIndex; @@ -450,6 +479,10 @@ WifiMgrGetSecurityType ( IN UINT32 *CipherSuite ) { + if ((AKMSuite != NULL) && (*AKMSuite == IEEE_80211_AKM_SUITE_OWE)) { + return SECURITY_TYPE_NONE; + } + if (CipherSuite == NULL) { if (AKMSuite == NULL) { return SECURITY_TYPE_NONE; @@ -471,8 +504,10 @@ WifiMgrGetSecurityType ( return SECURITY_TYPE_UNKNOWN; } - if ((*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA) || - (*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256)) + if (*AKMSuite == IEEE_80211_AKM_SUITE_SAE) { + return SECURITY_TYPE_WPA3_PERSONAL; + } else if ((*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA) || + (*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256)) { return SECURITY_TYPE_WPA2_ENTERPRISE; } else if ((*AKMSuite == IEEE_80211_AKM_SUITE_PSK) || @@ -498,6 +533,26 @@ WifiMgrGetSecurityType ( } else { return SECURITY_TYPE_UNKNOWN; } + } else if (*CipherSuite == IEEE_80211_PAIRWISE_CIPHER_SUITE_GCMP) { + if (AKMSuite == NULL) { + return SECURITY_TYPE_UNKNOWN; + } + + if (*AKMSuite == IEEE_80211_AKM_SUITE_8021X_SUITE_B) { + return SECURITY_TYPE_WPA3_ENTERPRISE; + } else { + return SECURITY_TYPE_UNKNOWN; + } + } else if (*CipherSuite == IEEE_80211_PAIRWISE_CIPHER_SUITE_GCMP256) { + if (AKMSuite == NULL) { + return SECURITY_TYPE_UNKNOWN; + } + + if (*AKMSuite == IEEE_80211_AKM_SUITE_8021X_SUITE_B192) { + return SECURITY_TYPE_WPA3_ENTERPRISE; + } else { + return SECURITY_TYPE_UNKNOWN; + } } else { return SECURITY_TYPE_UNKNOWN; } -- cgit v1.1