From 8771892df9403da5fdd16cdbdcff95c242730a36 Mon Sep 17 00:00:00 2001
From: Anjan Chanda <anjan.chanda@iopsys.eu>
Date: Fri, 13 Aug 2021 13:46:32 +0200
Subject: [PATCH] support sae and sae-mixed encryption types for AP-autoconfig

---
 src/config.c    | 10 ++++++++++
 src/i1905_wsc.h |  7 +++++--
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/config.c b/src/config.c
index bf8ca44a..29463479 100644
--- a/src/config.c
+++ b/src/config.c
@@ -109,6 +109,10 @@ static int uci_update_section_ap(const char *config, struct i1905_apconfig *ap)
 	uci_add_option(ctx, pkg, sec, "key", ap->key, false);
 	if (ap->auth_type == 0x0020) /* WPS_AUTH_WPA2PSK */
 		uci_add_option(ctx, pkg, sec, "encryption", "psk2", false);
+	else if (ap->auth_type == 0x0040) /* WPS_AUTH_SAE */
+		uci_add_option(ctx, pkg, sec, "encryption", "sae", false);
+	else if (ap->auth_type == 0x0060)
+		uci_add_option(ctx, pkg, sec, "encryption", "sae-mixed", false);
 
 	uci_commit(ctx, &pkg, false);
 	uci_free_context(ctx);
@@ -300,6 +304,12 @@ static int i1905_config_get_ap(struct i1905_config *cfg, struct uci_section *s)
 		if (strstr(val, "psk2")) {
 			ap->auth_type = 0x0020;  /* WPS_AUTH_WPA2PSK */
 			ap->enc_type = 0x0008;	 /* WPS_ENCR_AES */
+		} else if (strstr(val, "sae-mixed")) {
+			ap->auth_type = 0x0060;  /* WPS_AUTH_SAE | WPS_AUTH_WPA2PSK */
+			ap->enc_type = 0x0008;	 /* WPS_ENCR_AES */
+		} else if (strstr(val, "sae")) {
+			ap->auth_type = 0x0040;  /* WPS_AUTH_SAE */
+			ap->enc_type = 0x0008;	 /* WPS_ENCR_AES */
 		} else {
 			free(ap);
 			fprintf(stderr, "Unsupported ap encryption in config\n");
diff --git a/src/i1905_wsc.h b/src/i1905_wsc.h
index d8bf5090..ab107151 100644
--- a/src/i1905_wsc.h
+++ b/src/i1905_wsc.h
@@ -30,11 +30,14 @@
 #define ATTR_PUBLIC_KEY        (0x1032)
 #define ATTR_AUTH_TYPE_FLAGS   (0x1004)
 #define WPS_AUTH_OPEN          (0x0001)
-#define WPS_AUTH_WPAPSK        (0x0002)
+#define WPS_AUTH_WPAPSK        (0x0002)	/* deprecated */
 #define WPS_AUTH_SHARED        (0x0004)	/* deprecated */
-#define WPS_AUTH_WPA           (0x0008)
+#define WPS_AUTH_WPA           (0x0008)	/* deprecated */
 #define WPS_AUTH_WPA2          (0x0010)
 #define WPS_AUTH_WPA2PSK       (0x0020)
+#define WPS_AUTH_SAE           (0x0040)
+#define WPS_AUTH_WPA3_T        (WPS_AUTH_WPA2PSK | WPS_AUTH_SAE)
+
 #define ATTR_ENCR_TYPE_FLAGS   (0x1010)
 #define WPS_ENCR_NONE          (0x0001)
 #define WPS_ENCR_WEP           (0x0002)	/* deprecated */
-- 
GitLab