From e35699e100d8b04b44c89ac3f9d989422282f7a7 Mon Sep 17 00:00:00 2001
From: Anjan Chanda <anjan.chanda@iopsys.eu>
Date: Fri, 13 Aug 2021 11:04:43 +0200
Subject: [PATCH] support SAE and WPA3-Transition encryption for AP-autoconfig

---
 src/core/cntlr_tlv_generator.c | 6 +++++-
 src/core/config.c              | 7 ++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/core/cntlr_tlv_generator.c b/src/core/cntlr_tlv_generator.c
index 08ba5315..e2b6117c 100644
--- a/src/core/cntlr_tlv_generator.c
+++ b/src/core/cntlr_tlv_generator.c
@@ -67,7 +67,11 @@ uint16_t wifi_sec_to_auth_types(enum wifi_security sec)
 			auth_type |= WPS_AUTH_WPA2;
 		}
 	} else if (sec >= WIFI_SECURITY_WPAPSK) {
-		if (sec == WIFI_SECURITY_WPA2PSK) {
+		if (sec == WIFI_SECURITY_WPA3PSK) {
+			auth_type = WPS_AUTH_SAE;
+		} else if (sec == WIFI_SECURITY_WPA3PSK_T) {
+			auth_type = WPS_AUTH_WPA3_T;
+		} else if (sec == WIFI_SECURITY_WPA2PSK) {
 			auth_type = WPS_AUTH_WPA2PSK;
 		} else if (sec == WIFI_SECURITY_WPAPSK) {
 			auth_type = WPS_AUTH_WPAPSK;
diff --git a/src/core/config.c b/src/core/config.c
index 5e77d78f..0eb9012f 100644
--- a/src/core/config.c
+++ b/src/core/config.c
@@ -489,7 +489,12 @@ static int cntlr_config_get_credentials(struct controller_config *c,
 	if (tb[CRED_SEC]) {
 		const char *sec = tb[CRED_SEC]->v.string;
 
-		if (!strncmp(sec, "psk-mixed", 9)) {
+		if (!strncmp(sec, "sae-mixed", 9)) {
+			cred->sec |= WIFI_SECURITY_WPA3PSK;
+			cred->sec |= WIFI_SECURITY_WPA3PSK_T;
+		} else if (!strncmp(sec, "sae", 3)) {
+			cred->sec |= WIFI_SECURITY_WPA3PSK;
+		} else if (!strncmp(sec, "psk-mixed", 9)) {
 			cred->sec |= WIFI_SECURITY_WPAPSK;
 			cred->sec |= WIFI_SECURITY_WPA2PSK;
 		} else if (!strncmp(sec, "psk2", 4)) {
-- 
GitLab