tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NetworkPkg: Add Wi-Fi Wpa3 support in WifiConnectManager 

https://bugzilla.tianocore.org/show_bug.cgi?id=3961

Add below Wpa3 support:
    WPA3-Personal:
      Ieee80211AkmSuiteSAE                = 8
    WPA3-Enterprise:
      Ieee80211AkmSuite8021XSuiteB        = 11
      Ieee80211AkmSuite8021XSuiteB192     = 12
    Wi-Fi CERTIFIED Enhanced Open:
      Ieee80211AkmSuiteOWE                = 18

Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Signed-off-by: Heng Luo <heng.luo@intel.com>
This commit is contained in:
Heng Luo 2022-06-24 15:59:44 +08:00 committed by mergify[bot]
parent 7861b24dc9
commit e1eef3a8b0
6 changed files with 119 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionManagerDxe.vfr
View File

@ -1,7 +1,7 @@
/** @file
Vfr files used in WiFi Connection Manager.
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -121,7 +121,8 @@ formset
text = STRING_TOKEN(STR_SECURITY_TYPE); // TextTwo
suppressif NOT ideqval WIFI_MANAGER_IFR_NVDATA.SecurityType == SECURITY_TYPE_WPA2_PERSONAL;
suppressif NOT ideqval WIFI_MANAGER_IFR_NVDATA.SecurityType == SECURITY_TYPE_WPA2_PERSONAL
AND NOT ideqval WIFI_MANAGER_IFR_NVDATA.SecurityType == SECURITY_TYPE_WPA3_PERSONAL;
password varid = WIFI_MANAGER_IFR_NVDATA.Password,
prompt = STRING_TOKEN(STR_PASSWORD),
help = STRING_TOKEN(STR_PASSWORD_HELP),
@ -132,7 +133,8 @@ formset
endpassword;
endif;
suppressif NOT ideqval WIFI_MANAGER_IFR_NVDATA.SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE;
suppressif NOT ideqval WIFI_MANAGER_IFR_NVDATA.SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE
AND NOT ideqval WIFI_MANAGER_IFR_NVDATA.SecurityType == SECURITY_TYPE_WPA3_ENTERPRISE;
oneof varid = WIFI_MANAGER_IFR_NVDATA.EapAuthMethod,
questionid = KEY_EAP_AUTH_METHOD_CONNECT_NETWORK,

8
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrConfigNVDataStruct.h
View File

@ -1,7 +1,7 @@
/** @file
Define IFR NVData structures used by the WiFi Connection Manager.
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -119,8 +119,10 @@
#define SECURITY_TYPE_WPA_PERSONAL 3
#define SECURITY_TYPE_WPA2_PERSONAL 4
#define SECURITY_TYPE_WEP 5
#define SECURITY_TYPE_UNKNOWN 6
#define SECURITY_TYPE_MAX 7
#define SECURITY_TYPE_WPA3_PERSONAL 6
#define SECURITY_TYPE_WPA3_ENTERPRISE 7
#define SECURITY_TYPE_UNKNOWN 8
#define SECURITY_TYPE_MAX 9
#define EAP_AUTH_METHOD_TTLS 0
#define EAP_AUTH_METHOD_PEAP 1

18
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrDxe.h
View File

@ -1,7 +1,7 @@
/** @file
The miscellaneous structure definitions for WiFi connection driver.
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -82,6 +82,8 @@ typedef enum {
Ieee80211PairwiseCipherSuiteCCMP = 4,
Ieee80211PairwiseCipherSuiteWEP104 = 5,
Ieee80211PairwiseCipherSuiteBIP = 6,
Ieee80211PairwiseCipherSuiteGCMP = 8,
Ieee80211PairwiseCipherSuiteGCMP256 = 9,
// ...
} IEEE_80211_PAIRWISE_CIPHER_SUITE;
@ -91,19 +93,29 @@ typedef enum {
#define IEEE_80211_PAIRWISE_CIPHER_SUITE_CCMP (OUI_IEEE_80211I | (Ieee80211PairwiseCipherSuiteCCMP << 24))
#define IEEE_80211_PAIRWISE_CIPHER_SUITE_WEP104 (OUI_IEEE_80211I | (Ieee80211PairwiseCipherSuiteWEP104 << 24))
#define IEEE_80211_PAIRWISE_CIPHER_SUITE_BIP (OUI_IEEE_80211I | (Ieee80211PairwiseCipherSuiteBIP << 24))
#define IEEE_80211_PAIRWISE_CIPHER_SUITE_GCMP (OUI_IEEE_80211I | (Ieee80211PairwiseCipherSuiteGCMP << 24))
#define IEEE_80211_PAIRWISE_CIPHER_SUITE_GCMP256 (OUI_IEEE_80211I | (Ieee80211PairwiseCipherSuiteGCMP256 << 24))
typedef enum {
Ieee80211AkmSuite8021XOrPMKSA = 1,
Ieee80211AkmSuitePSK = 2,
Ieee80211AkmSuite8021XOrPMKSASHA256 = 5,
Ieee80211AkmSuitePSKSHA256 = 6
// ...
Ieee80211AkmSuitePSKSHA256 = 6,
Ieee80211AkmSuiteSAE = 8,
Ieee80211AkmSuite8021XSuiteB = 11,
Ieee80211AkmSuite8021XSuiteB192 = 12,
Ieee80211AkmSuiteOWE = 18,
// ...
} IEEE_80211_AKM_SUITE;
#define IEEE_80211_AKM_SUITE_8021X_OR_PMKSA (OUI_IEEE_80211I | (Ieee80211AkmSuite8021XOrPMKSA << 24))
#define IEEE_80211_AKM_SUITE_PSK (OUI_IEEE_80211I | (Ieee80211AkmSuitePSK << 24))
#define IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256 (OUI_IEEE_80211I | (Ieee80211AkmSuite8021XOrPMKSASHA256 << 24))
#define IEEE_80211_AKM_SUITE_PSK_SHA256 (OUI_IEEE_80211I | (Ieee80211AkmSuitePSKSHA256 << 24))
#define IEEE_80211_AKM_SUITE_SAE (OUI_IEEE_80211I | (Ieee80211AkmSuiteSAE << 24))
#define IEEE_80211_AKM_SUITE_8021X_SUITE_B (OUI_IEEE_80211I | (Ieee80211AkmSuite8021XSuiteB << 24))
#define IEEE_80211_AKM_SUITE_8021X_SUITE_B192 (OUI_IEEE_80211I | (Ieee80211AkmSuite8021XSuiteB192 << 24))
#define IEEE_80211_AKM_SUITE_OWE (OUI_IEEE_80211I | (Ieee80211AkmSuiteOWE << 24))
//
// Protocol instances

37
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrHiiConfigAccess.c
View File

@ -1,7 +1,7 @@
/** @file
The Hii functions for WiFi Connection Manager.
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -50,6 +50,8 @@ CHAR16 *mSecurityType[] = {
L"WPA-Personal ",
L"WPA2-Personal ",
L"WEP ",
L"WPA3-Personal ",
L"WPA3-Enterprise",
L"UnKnown "
};
@ -269,6 +271,7 @@ WifiMgrGetStrAKMList (
UINT8 Index;
UINT16 AKMSuiteCount;
CHAR16 *AKMListDisplay;
UINTN Length;
AKMListDisplay = NULL;
if ((Profile == NULL) || (Profile->Network.AKMSuite == NULL)) {
@ -278,23 +281,24 @@ WifiMgrGetStrAKMList (
AKMSuiteCount = Profile->Network.AKMSuite->AKMSuiteCount;
if (AKMSuiteCount != 0) {
//
// Current AKM Suite is between 1-9
// Current AKM Suite is between 1-18
//
AKMListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * (AKMSuiteCount * 2 + 1));
AKMListDisplay = (CHAR16 *)AllocateZeroPool (sizeof (CHAR16) * (AKMSuiteCount * 3 + 1));
Length = 0;
if (AKMListDisplay != NULL) {
for (Index = 0; Index < AKMSuiteCount; Index++) {
//
// The size of buffer should be 3 CHAR16 for Null-terminated Unicode string.
// The first char is the AKM Suite number, the second char is ' ', the third char is '\0'.
// The size of buffer should be 4 CHAR16 for Null-terminated Unicode string.
//
UnicodeSPrint (
AKMListDisplay + (Index * 2),
sizeof (CHAR16) * 3,
AKMListDisplay + Length,
sizeof (CHAR16) * 4,
L"%d ",
Profile->Network.AKMSuite->AKMSuiteList[Index].SuiteType
);
Length = StrLen (AKMListDisplay + Length) + Length;
if (Index == AKMSuiteCount - 1) {
*(AKMListDisplay + (Index * 2 + 1)) = L'\0';
*(AKMListDisplay + (Length - 1)) = L'\0';
}
}
}
@ -1461,7 +1465,9 @@ WifiMgrDxeHiiConfigAccessCallback (
return EFI_OUT_OF_RESOURCES;
}
if (IfrNvData->SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE) {
if ((IfrNvData->SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE) ||
(IfrNvData->SecurityType == SECURITY_TYPE_WPA3_ENTERPRISE))
{
IfrNvData->EapAuthMethod = Profile->EapAuthMethod;
IfrNvData->EapSecondAuthMethod = Profile->EapSecondAuthMethod;
StrCpyS (IfrNvData->EapIdentity, EAP_IDENTITY_SIZE, Profile->EapIdentity);
@ -1529,7 +1535,9 @@ WifiMgrDxeHiiConfigAccessCallback (
//
// Restore User Config Data for Page recovery
//
if (IfrNvData->SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE) {
if ((IfrNvData->SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE) ||
(IfrNvData->SecurityType == SECURITY_TYPE_WPA3_ENTERPRISE))
{
Profile->EapAuthMethod = IfrNvData->EapAuthMethod;
Profile->EapSecondAuthMethod = IfrNvData->EapSecondAuthMethod;
StrCpyS (Profile->EapIdentity, EAP_IDENTITY_SIZE, IfrNvData->EapIdentity);
@ -1598,12 +1606,17 @@ WifiMgrDxeHiiConfigAccessCallback (
// When this network is not currently connected, pend it to connect.
//
if (Profile->AKMSuiteSupported && Profile->CipherSuiteSupported) {
if ((Profile->SecurityType == SECURITY_TYPE_NONE) || (Profile->SecurityType == SECURITY_TYPE_WPA2_PERSONAL)) {
if ((Profile->SecurityType == SECURITY_TYPE_NONE) ||
(Profile->SecurityType == SECURITY_TYPE_WPA2_PERSONAL) ||
(Profile->SecurityType == SECURITY_TYPE_WPA3_PERSONAL))
{
//
// For Open network, connect directly.
//
ProfileToConnect = Profile;
} else if (Profile->SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE) {
} else if ((Profile->SecurityType == SECURITY_TYPE_WPA2_ENTERPRISE) ||
(Profile->SecurityType == SECURITY_TYPE_WPA3_ENTERPRISE))
{
//
// For WPA/WPA2-Enterprise network, conduct eap configuration first.
// Only EAP-TLS, TTLS and PEAP is supported now!

4
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c
View File

@ -1,7 +1,7 @@
/** @file
The Mac Connection2 Protocol adapter functions for WiFi Connection Manager.
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -848,6 +848,7 @@ WifiMgrPrepareConnection (
if (AKMSuiteSupported && CipherSuiteSupported) {
switch (SecurityType) {
case SECURITY_TYPE_WPA2_PERSONAL:
case SECURITY_TYPE_WPA3_PERSONAL:
Status = WifiMgrConfigPassword (Nic, Profile);
if (EFI_ERROR (Status)) {
@ -863,6 +864,7 @@ WifiMgrPrepareConnection (
break;
case SECURITY_TYPE_WPA2_ENTERPRISE:
case SECURITY_TYPE_WPA3_ENTERPRISE:
Status = WifiMgrConfigEap (Nic, Profile);
if (EFI_ERROR (Status)) {

77
NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrMisc.c
View File

@ -1,7 +1,7 @@
/** @file
The Miscellaneous Routines for WiFi Connection Manager.
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@ -9,6 +9,24 @@
#include "WifiConnectionMgrDxe.h"
//
// STA AKM preference order
// REF: https://www.wi-fi.org/file/wpa3-specification
//
STATIC UINT32 mAKMSuitePreference[] = {
IEEE_80211_AKM_SUITE_8021X_SUITE_B192, // AKM Suite 12
IEEE_80211_AKM_SUITE_8021X_SUITE_B, // AKM Suite 11
IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256, // AKM Suite 5
IEEE_80211_AKM_SUITE_8021X_OR_PMKSA, // AKM Suite 1
IEEE_80211_AKM_SUITE_SAE, // AKM Suite 8
IEEE_80211_AKM_SUITE_PSK_SHA256, // AKM Suite 6
IEEE_80211_AKM_SUITE_PSK, // AKM Suite 2
IEEE_80211_AKM_SUITE_OWE // AKM Suite 18
};
#define AKM_SUITE_PREFERENCE_COUNT (sizeof (mAKMSuitePreference) / sizeof (UINT32))
/**
Empty function for event process function.
@ -340,7 +358,7 @@ WifiMgrCheckRSN (
EFI_80211_AKM_SUITE_SELECTOR *SupportedAKMSuites;
EFI_80211_CIPHER_SUITE_SELECTOR *SupportedSwCipherSuites;
EFI_80211_CIPHER_SUITE_SELECTOR *SupportedHwCipherSuites;
EFI_80211_SUITE_SELECTOR *AKMSuite;
UINT32 *AKMSuite;
EFI_80211_SUITE_SELECTOR *CipherSuite;
UINT16 AKMIndex;
UINT16 CipherIndex;
@ -371,18 +389,29 @@ WifiMgrCheckRSN (
return EFI_SUCCESS;
}
for (AKMIndex = 0; AKMIndex < AKMList->AKMSuiteCount; AKMIndex++) {
AKMSuite = AKMList->AKMSuiteList + AKMIndex;
if (WifiMgrSupportAKMSuite (
SupportedAKMSuites->AKMSuiteCount,
(UINT32 *)SupportedAKMSuites->AKMSuiteList,
(UINT32 *)AKMSuite
))
for (AKMIndex = 0; AKMIndex < AKM_SUITE_PREFERENCE_COUNT; AKMIndex++) {
AKMSuite = mAKMSuitePreference + AKMIndex;
if (WifiMgrSupportAKMSuite (AKMList->AKMSuiteCount, (UINT32 *)AKMList->AKMSuiteList, AKMSuite) &&
WifiMgrSupportAKMSuite (SupportedAKMSuites->AKMSuiteCount, (UINT32 *)SupportedAKMSuites->AKMSuiteList, AKMSuite))
{
if ((AKMSuiteSupported != NULL) && (CipherSuiteSupported != NULL)) {
*AKMSuiteSupported = TRUE;
}
//
// OWE transition mode allow CipherSuiteCount is 0
//
if (CipherList->CipherSuiteCount == 0) {
*SecurityType = WifiMgrGetSecurityType ((UINT32 *)AKMSuite, NULL);
if (*SecurityType != SECURITY_TYPE_UNKNOWN) {
if ((AKMSuiteSupported != NULL) && (CipherSuiteSupported != NULL)) {
*CipherSuiteSupported = TRUE;
}
return EFI_SUCCESS;
}
}
for (CipherIndex = 0; CipherIndex < CipherList->CipherSuiteCount; CipherIndex++) {
CipherSuite = CipherList->CipherSuiteList + CipherIndex;
@ -450,6 +479,10 @@ WifiMgrGetSecurityType (
IN UINT32 *CipherSuite
)
{
if ((AKMSuite != NULL) && (*AKMSuite == IEEE_80211_AKM_SUITE_OWE)) {
return SECURITY_TYPE_NONE;
}
if (CipherSuite == NULL) {
if (AKMSuite == NULL) {
return SECURITY_TYPE_NONE;
@ -471,8 +504,10 @@ WifiMgrGetSecurityType (
return SECURITY_TYPE_UNKNOWN;
}
if ((*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA) ||
(*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256))
if (*AKMSuite == IEEE_80211_AKM_SUITE_SAE) {
return SECURITY_TYPE_WPA3_PERSONAL;
} else if ((*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA) ||
(*AKMSuite == IEEE_80211_AKM_SUITE_8021X_OR_PMKSA_SHA256))
{
return SECURITY_TYPE_WPA2_ENTERPRISE;
} else if ((*AKMSuite == IEEE_80211_AKM_SUITE_PSK) ||
@ -498,6 +533,26 @@ WifiMgrGetSecurityType (
} else {
return SECURITY_TYPE_UNKNOWN;
}
} else if (*CipherSuite == IEEE_80211_PAIRWISE_CIPHER_SUITE_GCMP) {
if (AKMSuite == NULL) {
return SECURITY_TYPE_UNKNOWN;
}
if (*AKMSuite == IEEE_80211_AKM_SUITE_8021X_SUITE_B) {
return SECURITY_TYPE_WPA3_ENTERPRISE;
} else {
return SECURITY_TYPE_UNKNOWN;
}
} else if (*CipherSuite == IEEE_80211_PAIRWISE_CIPHER_SUITE_GCMP256) {
if (AKMSuite == NULL) {
return SECURITY_TYPE_UNKNOWN;
}
if (*AKMSuite == IEEE_80211_AKM_SUITE_8021X_SUITE_B192) {
return SECURITY_TYPE_WPA3_ENTERPRISE;
} else {
return SECURITY_TYPE_UNKNOWN;
}
} else {
return SECURITY_TYPE_UNKNOWN;
}