Add WPA3 support for green tea tests

praveenCY · praveenCY · commit 8b97e4c3ef4b · 2020-02-25T10:14:30.000-08:00
diff --git a/TESTS/network/wifi/README.md b/TESTS/network/wifi/README.md
@@ -37,6 +37,7 @@ The general test environment consists of DUTs, base stations, a network connecti
     -   Time protocol, [RFC 868](https://tools.ietf.org/html/rfc868) in both TCP and UDP. Port 37.
 -   Channels to be used must be different for both APs. For secure on channel number is later referred as `<ch:secure>` and for unsecure on `<ch:unsecure>`.
 -   MAC addresses of Wi-Fi APs must be known. These are later referred to as `<mac:secure>` and `<mac:unsecure>`.
+-   WPA3 may not be supported for all target platforms, Refer to target specifications before updating security protocol to WPA3 or WPA3/WPA2 in  `mbed_app.json`
 
 **NOTE:** This document refers to an echo server because it is a requirement for running Socket API tests. The test cases defined in this document do not directly use it.
 
@@ -58,6 +59,8 @@ Please refer to the following table for priorities of test cases. Priorities are
 |     |                                         | NSAPI_SECURITY_WPA         | SHOULD   |
 |     |                                         | NSAPI_SECURITY_WPA2        | SHOULD   |
 |     |                                         | NSAPI_SECURITY_WPA_WPA2    | MUST     |
+|     |                                         | NSAPI_SECURITY_WPA3_WPA2   | SHOULD   |
+|     |                                         | NSAPI_SECURITY_WPA3        | SHOULD   |
 | 9   | WIFI_CONNECT_PARAMS_CHANNEL             |                            | SHOULD   |
 | 10  | WIFI_CONNECT_PARAMS_CHANNEL_FAIL        |                            | SHOULD   |
 | 11  | WIFI_CONNECT                            |                            | MUST     |
@@ -67,6 +70,8 @@ Please refer to the following table for priorities of test cases. Priorities are
 |     |                                         | NSAPI_SECURITY_WPA         | SHOULD   |
 |     |                                         | NSAPI_SECURITY_WPA2        | SHOULD   |
 |     |                                         | NSAPI_SECURITY_WPA_WPA2    | MUST     |
+|     |                                         | NSAPI_SECURITY_WPA3_WPA2   | SHOULD   |
+|     |                                         | NSAPI_SECURITY_WPA3        | SHOULD   |
 | 14  | WIFI_CONNECT_SECURE_FAIL                |                            | MUST     |
 | 15  | WIFI_CONNECT_DISCONNECT_REPEAT          |                            | MUST     |
 | 16  | WIFI_SCAN_NULL                          |                            | SHOULD   |
@@ -167,15 +172,19 @@ Call `set_credentials()` with various parameters described in "Expected results"
 |------------|---------------------------|----------------------------------|-----------------------------------------------------|
 | ssid=NULL  | NULL                      | NSAPI_SECURITY_NONE              | NSAPI_ERROR_PARAMETER                               |
 | ssid="OK"  | NULL                      | NSAPI_SECURITY_WPA_WPA2          | NSAPI_ERROR_PARAMETER                               |
+| ssid="OK"  | NULL                      | NSAPI_SECURITY_WPA3_WPA2         | NSAPI_ERROR_PARAMETER                               |
 | ssid="OK"  | NULL                      | NSAPI_SECURITY_WEP               | NSAPI_ERROR_PARAMETER because password is missing.  |
 | ssid="OK"  | NULL                      | NSAPI_SECURITY_NONE              | NSAPI_ERROR_OK                                      |
 | ssid="OK"  | [any 64 character string] | NSAPI_SECURITY_WPA2              | NSAPI_ERROR_PARAMETER because password is too long  |
 | ssid="OK"  | [any 63 character string] | NSAPI_SECURITY_WPA2              | NSAPI_ERROR_OK                                      |
 | ssid="OK"  | ""                        | NSAPI_SECURITY_WPA_WPA2          | NSAPI_ERROR_PARAMETER                               |
+| ssid="OK"  | ""                        | NSAPI_SECURITY_WPA3_WPA2         | NSAPI_ERROR_PARAMETER                               |
 | ssid="OK"  | ""                        | NSAPI_SECURITY_WEP               | NSAPI_ERROR_PARAMETER because password is missing.  |
 | ssid="OK"  | ""                        | NSAPI_SECURITY_NONE              | NSAPI_ERROR_OK                                      |
 | ssid="OK"  | "12345678"                | NSAPI_SECURITY_WPA_WPA2          | NSAPI_ERROR_OK                                      |
+| ssid="OK"  | "12345678"                | NSAPI_SECURITY_WPA3_WPA2         | NSAPI_ERROR_OK                                      |
 | ssid="OK"  | "12345678"                | NSAPI_SECURITY_WPA2              | NSAPI_ERROR_OK                                      |
+| ssid="OK"  | "12345678"                | NSAPI_SECURITY_WPA3              | NSAPI_ERROR_OK                                      |
 | ssid="OK"  | "12345678"                | NSAPI_SECURITY_WPA               | NSAPI_ERROR_OK                                      |
 | ssid="OK"  | "12345678"                | NSAPI_SECURITY_WEP               | NSAPI_ERROR_OK or NSAPI_ERROR_UNSUPPORTED           |
 | ssid=""    | ""                        | NSAPI_SECURITY_NONE              | NSAPI_ERROR_PARAMETER                               |
diff --git a/TESTS/network/wifi/get_security.cpp b/TESTS/network/wifi/get_security.cpp
@@ -26,6 +26,8 @@ nsapi_security get_security()
     static const char *SEC_WPA = "WPA";
     static const char *SEC_WPA2 = "WPA2";
     static const char *SEC_WPA_WPA2 = "WPA/WPA2";
+    static const char *SEC_WPA3 = "WPA3";
+    static const char *SEC_WPA3_WPA2 = "WPA3/WPA2";
 
     if (strcmp(MBED_CONF_APP_WIFI_SECURE_PROTOCOL, SEC_WEP) == 0) {
         return NSAPI_SECURITY_WEP;
@@ -39,6 +41,12 @@ nsapi_security get_security()
     if (strcmp(MBED_CONF_APP_WIFI_SECURE_PROTOCOL, SEC_WPA_WPA2) == 0) {
         return NSAPI_SECURITY_WPA_WPA2;
     }
+    if (strcmp(MBED_CONF_APP_WIFI_SECURE_PROTOCOL, SEC_WPA3) == 0) {
+        return NSAPI_SECURITY_WPA3;
+    }
+    if (strcmp(MBED_CONF_APP_WIFI_SECURE_PROTOCOL, SEC_WPA3_WPA2) == 0) {
+        return NSAPI_SECURITY_WPA3_WPA2;
+    }
 #endif
     return NSAPI_SECURITY_NONE;
 }
diff --git a/TESTS/network/wifi/wifi_set_credential.cpp b/TESTS/network/wifi/wifi_set_credential.cpp
@@ -52,6 +52,12 @@ void wifi_set_credential(void)
     error = iface->set_credentials("OK", "", NSAPI_SECURITY_WPA_WPA2);
     TEST_ASSERT_EQUAL(NSAPI_ERROR_PARAMETER, error);
 
+    error = iface->set_credentials("OK", NULL, NSAPI_SECURITY_WPA3_WPA2);
+    TEST_ASSERT_EQUAL(NSAPI_ERROR_PARAMETER, error);
+
+    error = iface->set_credentials("OK", "", NSAPI_SECURITY_WPA3_WPA2);
+    TEST_ASSERT_EQUAL(NSAPI_ERROR_PARAMETER, error);
+
     error = iface->set_credentials("OK", NULL, NSAPI_SECURITY_NONE);
     TEST_ASSERT_EQUAL(NSAPI_ERROR_OK, error);
 
@@ -64,9 +70,15 @@ void wifi_set_credential(void)
     error = iface->set_credentials("OK", "12345678", NSAPI_SECURITY_WPA2);
     TEST_ASSERT((error == NSAPI_ERROR_OK) || (error == NSAPI_ERROR_UNSUPPORTED));
 
+    error = iface->set_credentials("OK", "12345678", NSAPI_SECURITY_WPA3);
+    TEST_ASSERT((error == NSAPI_ERROR_OK) || (error == NSAPI_ERROR_UNSUPPORTED));
+
     error = iface->set_credentials("OK", "12345678", NSAPI_SECURITY_WPA_WPA2);
     TEST_ASSERT_EQUAL(NSAPI_ERROR_OK, error);
 
+    error = iface->set_credentials("OK", "12345678", NSAPI_SECURITY_WPA3_WPA2);
+    TEST_ASSERT_EQUAL(NSAPI_ERROR_OK, error);
+
     error = iface->set_credentials("OK", "kUjd0PHHeAqaDoyfcDDEOvbyiVbYMpUHDukGoR6EJZnO5iLzWsfwiM9JQqOngni", get_security());
     TEST_ASSERT_EQUAL(NSAPI_ERROR_OK, error);
 
diff --git a/features/netsocket/emac-drivers/TARGET_Cypress/COMPONENT_WHD/interface/WhdSTAInterface.cpp b/features/netsocket/emac-drivers/TARGET_Cypress/COMPONENT_WHD/interface/WhdSTAInterface.cpp
@@ -125,6 +125,10 @@ static nsapi_security_t whd_tosecurity(whd_security_t sec)
         case WHD_SECURITY_WPA2_FBT_PSK:
         case WHD_SECURITY_WPA2_FBT_ENT:
             return NSAPI_SECURITY_WPA2;
+        case WHD_SECURITY_WPA3_SAE:
+            return NSAPI_SECURITY_WPA3;
+        case WHD_SECURITY_WPA3_WPA2_PSK:
+            return NSAPI_SECURITY_WPA3_WPA2;
         default:
             return NSAPI_SECURITY_UNKNOWN;
     }
@@ -145,6 +149,10 @@ whd_security_t whd_fromsecurity(nsapi_security_t sec)
             return WHD_SECURITY_WPA2_MIXED_PSK;
         case NSAPI_SECURITY_WPA2_ENT:
             return WHD_SECURITY_WPA2_MIXED_ENT;
+        case NSAPI_SECURITY_WPA3:
+            return WHD_SECURITY_WPA3_SAE;
+        case NSAPI_SECURITY_WPA3_WPA2:
+            return WHD_SECURITY_WPA3_WPA2_PSK;
         default:
             return WHD_SECURITY_UNKNOWN;
     }
@@ -224,7 +232,8 @@ nsapi_error_t WhdSTAInterface::set_credentials(const char *ssid, const char *pas
             (strlen(ssid) == 0) ||
             (pass == NULL && (security != NSAPI_SECURITY_NONE && security != NSAPI_SECURITY_WPA2_ENT)) ||
             (strlen(pass) == 0 && (security != NSAPI_SECURITY_NONE && security != NSAPI_SECURITY_WPA2_ENT)) ||
-            (strlen(pass) > 63 && (security == NSAPI_SECURITY_WPA2 || security == NSAPI_SECURITY_WPA || security == NSAPI_SECURITY_WPA_WPA2))
+            (strlen(pass) > 63 && (security == NSAPI_SECURITY_WPA2 || security == NSAPI_SECURITY_WPA ||
+            security == NSAPI_SECURITY_WPA_WPA2 || security == NSAPI_SECURITY_WPA3 || security == NSAPI_SECURITY_WPA3_WPA2))
        ) {
         return NSAPI_ERROR_PARAMETER;
     }
@@ -292,6 +301,19 @@ nsapi_error_t WhdSTAInterface::connect()
     // choose network security
     whd_security_t security = whd_fromsecurity(_security);
 
+#if defined MBED_CONF_APP_WIFI_PASSWORD_WPA2PSK
+    /* Set PSK password for WPA3_WPA2 */
+    if (security == WHD_SECURITY_WPA3_WPA2_PSK) {
+        res = (whd_result_t)whd_wifi_enable_sup_set_passphrase( _whd_emac.ifp, (const uint8_t *)MBED_CONF_APP_WIFI_PASSWORD_WPA2PSK,
+                  strlen(MBED_CONF_APP_WIFI_PASSWORD_WPA2PSK), WHD_SECURITY_WPA3_WPA2_PSK );
+    }
+#else
+    /* Set PSK password for WPA3_WPA2 */
+    if (security == WHD_SECURITY_WPA3_WPA2_PSK) {
+        res = (whd_result_t)whd_wifi_enable_sup_set_passphrase( _whd_emac.ifp, (const uint8_t *)_pass,
+                  strlen(_pass), WHD_SECURITY_WPA3_WPA2_PSK );
+    }
+#endif
     // join the network
     for (i = 0; i < MAX_RETRY_COUNT; i++) {
         res = (whd_result_t)whd_wifi_join(_whd_emac.ifp,
diff --git a/features/netsocket/nsapi_types.h b/features/netsocket/nsapi_types.h
@@ -128,6 +128,8 @@ typedef enum nsapi_security {
     NSAPI_SECURITY_EAP_TLS      = 0x7,      /*!< phrase conforms to EAP-TLS */
     NSAPI_SECURITY_PEAP         = 0x8,      /*!< phrase conforms to PEAP */
     NSAPI_SECURITY_WPA2_ENT     = 0x9,      /*!< phrase conforms to WPA2-AES and WPA-TKIP with enterprise security */
+    NSAPI_SECURITY_WPA3         = 0xA,      /*!< phrase conforms to WPA3 */
+    NSAPI_SECURITY_WPA3_WPA2    = 0xB,      /*!< phrase conforms to WPA3_WPA2 */
     NSAPI_SECURITY_UNKNOWN      = 0xFF,     /*!< unknown/unsupported security in scan results */
 } nsapi_security_t;
 
