Add DPP service based on configuration filesubmit/tizen/20190927.130602

Description: This is incomplete solution becase there's
no defined way to connect to DPP AP for upstream connman
for current patch

Change-Id: Ia6a3188e2826708c2123d209249d8b59fb5a42dc
Signed-off-by: Yu jiung <jiung.yu@samsung.com>

7 files changed, 522 insertions, 2 deletions

diff --git a/gsupplicant/gsupplicant.h b/gsupplicant/gsupplicant.h
index f79e6e49..220e4074 100644
--- a/gsupplicant/gsupplicant.h
+++ b/gsupplicant/gsupplicant.h
@@ -72,6 +72,7 @@ extern "C" {
 #if defined TIZEN_EXT
 #define G_SUPPLICANT_KEYMGMT_SAE		(1 << 10)
 #define G_SUPPLICANT_KEYMGMT_OWE		(1 << 22)
+#define G_SUPPLICANT_KEYMGMT_DPP		(1 << 23)
 #endif
 
 #define G_SUPPLICANT_PROTO_WPA		(1 << 0)
@@ -125,6 +126,7 @@ typedef enum {
 	G_SUPPLICANT_SECURITY_FT_IEEE8021X,
 	G_SUPPLICANT_SECURITY_SAE,
 	G_SUPPLICANT_SECURITY_OWE,
+	G_SUPPLICANT_SECURITY_DPP,
 #endif
 } GSupplicantSecurity;
 
@@ -215,6 +217,9 @@ struct _GSupplicantSSID {
 	const char *phase1;
 	const char *pac_file;
 	uint16_t ieee80211w;
+	const char *connector;
+	const char *c_sign_key;
+	const char *net_access_key;
 #endif
 };
 
diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c
index 9c12093e..431c6e73 100644
--- a/gsupplicant/supplicant.c
+++ b/gsupplicant/supplicant.c
@@ -104,6 +104,7 @@ static struct strvalmap keymgmt_map[] = {
 #if defined TIZEN_EXT
 	{ "sae",		G_SUPPLICANT_KEYMGMT_SAE		},
 	{ "owe",		G_SUPPLICANT_KEYMGMT_OWE		},
+	{ "dpp",		G_SUPPLICANT_KEYMGMT_DPP		},
 #endif
 	{ }
 };
@@ -172,6 +173,11 @@ struct added_network_information {
 	GSupplicantSecurity security;
 	char * passphrase;
 	char * private_passphrase;
+#if defined TIZEN_EXT
+	char *connector;
+	char *c_sign_key;
+	char *net_access_key;
+#endif
 };
 
 #if defined TIZEN_EXT_WIFI_MESH
@@ -259,6 +265,7 @@ struct g_supplicant_bss {
 #if defined TIZEN_EXT
 	dbus_bool_t sae;
 	dbus_bool_t owe;
+	dbus_bool_t dpp;
 #endif
 };
 
@@ -461,6 +468,8 @@ static const char *security2string(GSupplicantSecurity security)
 		return "sae";
 	case G_SUPPLICANT_SECURITY_OWE:
 		return "owe";
+	case G_SUPPLICANT_SECURITY_DPP:
+		return "dpp";
 #endif
 	}
 
@@ -524,6 +533,23 @@ static bool compare_network_parameters(GSupplicantInterface *interface,
 		return FALSE;
 	}
 
+#if defined TIZEN_EXT
+	if (interface->network_info.connector &&
+			g_strcmp0(interface->network_info.connector,
+				ssid->connector) != 0) {
+		return FALSE;
+	}
+	if (interface->network_info.c_sign_key &&
+			g_strcmp0(interface->network_info.c_sign_key,
+				ssid->c_sign_key) != 0) {
+		return FALSE;
+	}
+	if (interface->network_info.net_access_key &&
+			g_strcmp0(interface->network_info.net_access_key,
+				ssid->net_access_key) != 0) {
+		return FALSE;
+	}
+#endif
 	return TRUE;
 }
 
@@ -532,9 +558,19 @@ static void remove_network_information(GSupplicantInterface * interface)
 	g_free(interface->network_info.ssid);
 	g_free(interface->network_info.passphrase);
 	g_free(interface->network_info.private_passphrase);
+#if defined TIZEN_EXT
+	g_free(interface->network_info.connector);
+	g_free(interface->network_info.c_sign_key);
+	g_free(interface->network_info.net_access_key);
+#endif
 	interface->network_info.ssid = NULL;
 	interface->network_info.passphrase = NULL;
 	interface->network_info.private_passphrase = NULL;
+#if defined TIZEN_EXT
+	interface->network_info.connector = NULL;
+	interface->network_info.c_sign_key = NULL;
+	interface->network_info.net_access_key = NULL;
+#endif
 }
 
 static int store_network_information(GSupplicantInterface * interface,
@@ -1686,6 +1722,7 @@ const char *g_supplicant_network_get_enc_mode(GSupplicantNetwork *network)
 #if defined TIZEN_EXT
 	    network->best_bss->security == G_SUPPLICANT_SECURITY_SAE ||
 	    network->best_bss->security == G_SUPPLICANT_SECURITY_OWE ||
+	    network->best_bss->security == G_SUPPLICANT_SECURITY_DPP ||
 #endif /* TIZEN_EXT */
 	    network->best_bss->security == G_SUPPLICANT_SECURITY_IEEE8021X) {
 		unsigned int pairwise;
@@ -1716,7 +1753,8 @@ bool g_supplicant_network_get_rsn_mode(GSupplicantNetwork *network)
 
 #if defined TIZEN_EXT
 	if (network->best_bss->security == G_SUPPLICANT_SECURITY_SAE ||
-			network->best_bss->security == G_SUPPLICANT_SECURITY_OWE)
+			network->best_bss->security == G_SUPPLICANT_SECURITY_OWE ||
+			network->best_bss->security == G_SUPPLICANT_SECURITY_DPP)
 		return false;
 #endif /* TIZEN_EXT */
 
@@ -2541,6 +2579,8 @@ static void bss_compute_security(struct g_supplicant_bss *bss)
 		bss->sae = TRUE;
 	if (bss->keymgmt & G_SUPPLICANT_KEYMGMT_OWE)
 		bss->owe = TRUE;
+	if (bss->keymgmt & G_SUPPLICANT_KEYMGMT_DPP)
+		bss->dpp = TRUE;
 #endif
 
 	if (bss->ieee8021x)
@@ -2556,6 +2596,8 @@ static void bss_compute_security(struct g_supplicant_bss *bss)
 		bss->security = G_SUPPLICANT_SECURITY_SAE;
 	else if (bss->owe)
 		bss->security = G_SUPPLICANT_SECURITY_OWE;
+	else if (bss->dpp)
+		bss->security = G_SUPPLICANT_SECURITY_DPP;
 #endif
 	else if (bss->privacy)
 		bss->security = G_SUPPLICANT_SECURITY_WEP;
@@ -5687,6 +5729,9 @@ static void interface_select_network_result(const char *error,
 #if defined TIZEN_EXT
 	g_free(data->ssid->ssid);
 	g_free((char *)data->ssid->passphrase);
+	g_free((char *)data->ssid->connector);
+	g_free((char *)data->ssid->c_sign_key);
+	g_free((char *)data->ssid->net_access_key);
 #endif
 	g_free(data->ssid);
 	dbus_free(data);
@@ -5776,6 +5821,9 @@ error:
 #if defined TIZEN_EXT
 	g_free(data->ssid->ssid);
 	g_free((char *)data->ssid->passphrase);
+	g_free((char *)data->ssid->connector);
+	g_free((char *)data->ssid->c_sign_key);
+	g_free((char *)data->ssid->net_access_key);
 #endif
 	g_free(data->ssid);
 	g_free(data);
@@ -6240,12 +6288,77 @@ static void add_network_security_proto(DBusMessageIter *dict,
 static void add_network_ieee80211w(DBusMessageIter *dict, GSupplicantSSID *ssid)
 {
 	if (ssid->security != G_SUPPLICANT_SECURITY_SAE
-			&& ssid->security != G_SUPPLICANT_SECURITY_OWE)
+			&& ssid->security != G_SUPPLICANT_SECURITY_OWE
+			&& ssid->security != G_SUPPLICANT_SECURITY_DPP)
 		return;
 
 	supplicant_dbus_dict_append_basic(dict, "ieee80211w", DBUS_TYPE_UINT32,
 					  &ssid->ieee80211w);
 }
+
+static void add_network_security_connector(DBusMessageIter *dict, GSupplicantSSID *ssid)
+{
+	if (ssid->connector && strlen(ssid->connector) > 0) {
+		const char *key = "dpp_connector";
+
+		supplicant_dbus_dict_append_basic(dict,
+				key, DBUS_TYPE_STRING,
+				&ssid->connector);
+	}
+}
+
+static size_t convert_hexstr_to_bin(const char *hex_str, unsigned char **bin)
+{
+	unsigned char *bin_res = NULL;
+	unsigned int i, j, hex;
+	size_t hex_str_len;
+
+	if (!hex_str || strlen(hex_str) == 0)
+		return 0;
+
+	hex_str_len = strlen(hex_str);
+	bin_res = g_try_malloc0(hex_str_len / 2);
+	if (!bin_res)
+		return 0;
+
+	j = 0;
+	for (i = 0; i < hex_str_len; i+=2) {
+		sscanf(hex_str + i, "%02x", &hex);
+		bin_res[j++] = hex;
+	}
+
+	*bin = bin_res;
+	return hex_str_len / 2;
+}
+
+static void add_network_security_c_sign_key(DBusMessageIter *dict, GSupplicantSSID *ssid)
+{
+	if (ssid->c_sign_key && strlen(ssid->c_sign_key) > 0) {
+		const char *key = "dpp_csign";
+		unsigned char *bin_csign = NULL;
+		size_t bin_csign_len = convert_hexstr_to_bin(ssid->c_sign_key, &bin_csign);
+		if  (bin_csign_len != 0)
+			supplicant_dbus_dict_append_fixed_array(dict,
+					key, DBUS_TYPE_BYTE,
+					&bin_csign, bin_csign_len);
+		g_free(bin_csign);
+	}
+}
+
+static void add_network_security_net_access_key(DBusMessageIter *dict, GSupplicantSSID *ssid)
+{
+	if (ssid->net_access_key && strlen(ssid->net_access_key) > 0) {
+		const char *key = "dpp_netaccesskey";
+		unsigned char *bin_netaccesskey = NULL;
+		size_t bin_netaccesskey_len = convert_hexstr_to_bin(ssid->net_access_key, &bin_netaccesskey);
+		if  (bin_netaccesskey_len != 0)
+			supplicant_dbus_dict_append_fixed_array(dict,
+					key, DBUS_TYPE_BYTE,
+					&bin_netaccesskey, bin_netaccesskey_len);
+		g_free(bin_netaccesskey);
+	}
+}
+
 #endif
 
 static void add_network_security(DBusMessageIter *dict, GSupplicantSSID *ssid)
@@ -6298,6 +6411,12 @@ static void add_network_security(DBusMessageIter *dict, GSupplicantSSID *ssid)
 		add_network_security_ciphers(dict, ssid);
 		add_network_security_proto(dict, ssid);
 		break;
+	case G_SUPPLICANT_SECURITY_DPP:
+		key_mgmt = "DPP";
+		add_network_security_connector(dict, ssid);
+		add_network_security_c_sign_key(dict, ssid);
+		add_network_security_net_access_key(dict, ssid);
+		break;
 #endif
 	}
 
@@ -6557,6 +6676,9 @@ done:
 		g_free(data->path);
 		g_free(data->ssid->ssid);
 		g_free((char *)data->ssid->passphrase);
+		g_free((char *)data->ssid->connector);
+		g_free((char *)data->ssid->c_sign_key);
+		g_free((char *)data->ssid->net_access_key);
 		g_free(data->ssid);
 		dbus_free(data);
 	}
@@ -6613,6 +6735,146 @@ static int send_decryption_request(const char *passphrase,
 
 	return 0;
 }
+
+static void decrypt_conf_obj_reply(DBusPendingCall *call,
+						void *user_data)
+{
+	DBusMessage *reply;
+	DBusError error;
+	DBusMessageIter iter, dict;
+	char *out_data;
+	int ret;
+	struct interface_connect_data *data = user_data;
+
+	reply = dbus_pending_call_steal_reply(call);
+
+	dbus_error_init(&error);
+	if (dbus_set_error_from_message(&error, reply)) {
+		SUPPLICANT_DBG("decryption_conf_obj_reply() %s %s", error.name, error.message);
+		dbus_error_free(&error);
+		ret = -EINVAL;
+		goto done;
+	}
+
+	if (dbus_message_iter_init(reply, &iter) == FALSE) {
+		SUPPLICANT_DBG("dbus_message_iter_init() failed");
+		ret = -EINVAL;
+		goto done;
+	}
+
+	dbus_message_iter_recurse(&iter, &dict);
+
+	while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
+		DBusMessageIter entry, value;
+		const char *key;
+
+		dbus_message_iter_recurse(&dict, &entry);
+		dbus_message_iter_get_basic(&entry, &key);
+		dbus_message_iter_next(&entry);
+		dbus_message_iter_recurse(&entry, &value);
+		if (dbus_message_iter_get_arg_type(&value) == DBUS_TYPE_STRING) {
+			if (g_strcmp0(key, "connector") == 0) {
+				dbus_message_iter_get_basic(&value, &out_data);
+				data->ssid->connector = g_strdup((const gchar *)out_data);
+				SUPPLICANT_DBG("connector %s", data->ssid->connector);
+			} else if (g_strcmp0(key, "c_sign_key") == 0) {
+				dbus_message_iter_get_basic(&value, &out_data);
+				data->ssid->c_sign_key = g_strdup((const gchar *)out_data);
+				SUPPLICANT_DBG("c_sign_key %s", data->ssid->c_sign_key);
+			} else if (g_strcmp0(key, "net_access_key") == 0) {
+				dbus_message_iter_get_basic(&value, &out_data);
+				data->ssid->net_access_key = g_strdup((const gchar *)out_data);
+				SUPPLICANT_DBG("net_access_key %s", data->ssid->net_access_key);
+			}
+		}
+		dbus_message_iter_next(&dict);
+	}
+
+	ret = supplicant_dbus_method_call(data->interface->path,
+		SUPPLICANT_INTERFACE ".Interface", "AddNetwork",
+		interface_add_network_params,
+		interface_add_network_result, data,
+		data->interface);
+
+done:
+	if (ret < 0) {
+		SUPPLICANT_DBG("AddNetwork failed %d", ret);
+		callback_assoc_failed(decrypt_request_data.data->user_data);
+		g_free(data->path);
+		g_free(data->ssid->ssid);
+		g_free((char *)data->ssid->connector);
+		g_free((char *)data->ssid->c_sign_key);
+		g_free((char *)data->ssid->net_access_key);
+		g_free(data->ssid);
+		dbus_free(data);
+	}
+
+	dbus_message_unref(reply);
+	dbus_pending_call_unref(call);
+
+	decrypt_request_data.pending_call = NULL;
+	decrypt_request_data.data = NULL;
+}
+
+static int send_decryption_conf_obj_request(GSupplicantSSID *ssid,
+			struct interface_connect_data *data)
+{
+	DBusMessage *msg = NULL;
+	DBusPendingCall *call;
+
+	SUPPLICANT_DBG("Decryption configuration object request");
+
+	if (!ssid) {
+		SUPPLICANT_DBG("Invalid parameter");
+		return -EINVAL;
+	}
+
+	if (!connection)
+		return -EINVAL;
+
+	msg = dbus_message_new_method_call(NETCONFIG_SERVICE, NETCONFIG_WIFI_PATH,
+			NETCONFIG_WIFI_INTERFACE, "DecryptConfObj");
+	if (!msg)
+		return -EINVAL;
+
+	dbus_message_append_args(msg, DBUS_TYPE_STRING, &ssid->connector,
+							DBUS_TYPE_INVALID);
+	dbus_message_append_args(msg, DBUS_TYPE_STRING, &ssid->c_sign_key,
+							DBUS_TYPE_INVALID);
+	dbus_message_append_args(msg, DBUS_TYPE_STRING, &ssid->net_access_key,
+							DBUS_TYPE_INVALID);
+
+	if (!dbus_connection_send_with_reply(connection, msg,
+				&call, DBUS_TIMEOUT_USE_DEFAULT)) {
+		dbus_message_unref(msg);
+		return -EIO;
+	}
+
+	if (!call) {
+		dbus_message_unref(msg);
+		return -EIO;
+	}
+
+	decrypt_request_data.pending_call = call;
+	decrypt_request_data.data = data;
+
+	dbus_pending_call_set_notify(call, decrypt_conf_obj_reply, data, NULL);
+	dbus_message_unref(msg);
+
+	SUPPLICANT_DBG("Decrypt Conf Obj request succeeded");
+
+	return 0;
+}
+
+static bool is_valid_config_object(GSupplicantSSID *ssid)
+{
+	return ((ssid->connector &&
+			g_strcmp0(ssid->connector, "") != 0) &&
+			(ssid->c_sign_key &&
+			g_strcmp0(ssid->c_sign_key, "") != 0) &&
+			(ssid->net_access_key &&
+			g_strcmp0(ssid->net_access_key, "") != 0));
+}
 #endif
 
 int g_supplicant_interface_connect(GSupplicantInterface *interface,
@@ -6708,6 +6970,11 @@ int g_supplicant_interface_connect(GSupplicantInterface *interface,
 				ret = send_decryption_request(ssid->passphrase, data);
 				if (ret < 0)
 					SUPPLICANT_DBG("Decryption request failed %d", ret);
+			} else if (is_valid_config_object(ssid)) {
+				ret = send_decryption_conf_obj_request(ssid, data);
+				if (ret < 0)
+					SUPPLICANT_DBG("Decryption Conf Obj request failed %d", ret);
+
 			} else
 #endif
 			ret = supplicant_dbus_method_call(interface->path,
@@ -6773,6 +7040,14 @@ static void network_remove_result(const char *error,
 				g_free(connect_data->path);
 				dbus_free(connect_data);
 			}
+		} else if (is_valid_config_object(data->ssid)) {
+			ret = send_decryption_conf_obj_request(data->ssid, connect_data);
+			if (ret < 0) {
+				SUPPLICANT_DBG("Decryption Conf Obj request failed %d", ret);
+				g_free(connect_data->ssid);
+				g_free(connect_data->path);
+				dbus_free(connect_data);
+			}
 		} else
 #endif
 		supplicant_dbus_method_call(data->interface->path,
diff --git a/include/service.h b/include/service.h
index 6ae94021..03371860 100644
--- a/include/service.h
+++ b/include/service.h
@@ -71,6 +71,7 @@ enum connman_service_security {
 #if defined TIZEN_EXT
 	CONNMAN_SERVICE_SECURITY_SAE     = 10,
 	CONNMAN_SERVICE_SECURITY_OWE     = 11,
+	CONNMAN_SERVICE_SECURITY_DPP     = 12,
 #endif
 };
 
diff --git a/plugins/wifi.c b/plugins/wifi.c
index f4e6d59f..dd58a446 100644
--- a/plugins/wifi.c
+++ b/plugins/wifi.c
@@ -3387,6 +3387,8 @@ static GSupplicantSecurity network_security(const char *security)
 		return G_SUPPLICANT_SECURITY_SAE;
 	else if (g_str_equal(security, "owe"))
 		return G_SUPPLICANT_SECURITY_OWE;
+	else if (g_str_equal(security, "dpp"))
+		return G_SUPPLICANT_SECURITY_DPP;
 #endif
 
 	return G_SUPPLICANT_SECURITY_UNKNOWN;
@@ -3480,6 +3482,14 @@ static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network)
 
 	ssid->use_wps = connman_network_get_bool(network, "WiFi.UseWPS");
 	ssid->pin_wps = connman_network_get_string(network, "WiFi.PinWPS");
+#if defined TIZEN_EXT
+	ssid->connector = connman_network_get_string(network,
+							"WiFi.Connector");
+	ssid->c_sign_key = connman_network_get_string(network,
+							"WiFi.CSignKey");
+	ssid->net_access_key = connman_network_get_string(network,
+						"WiFi.NetAccessKey");
+#endif
 
 #if defined TIZEN_EXT
 	if (set_connman_bssid(CHECK_BSSID, NULL) == 6) {
diff --git a/src/config.c b/src/config.c
index ca5957d6..0e550e42 100644
--- a/src/config.c
+++ b/src/config.c
@@ -77,6 +77,11 @@ struct connman_config_service {
 	char **search_domains;
 	char **timeservers;
 	char *domain_name;
+#if defined TIZEN_EXT
+	char *connector;
+	char *c_sign_key;
+	char *net_access_key;
+#endif
 };
 
 struct connman_config {
@@ -123,6 +128,11 @@ static bool cleanup = false;
 #define SERVICE_KEY_SEARCH_DOMAINS     "SearchDomains"
 #define SERVICE_KEY_TIMESERVERS        "Timeservers"
 #define SERVICE_KEY_DOMAIN             "Domain"
+#if defined TIZEN_EXT
+#define SERVICE_KEY_CONNECTOR          "Connector"
+#define SERVICE_KEY_C_SIGN_KEY         "CSignKey"
+#define SERVICE_KEY_NET_ACCESS_KEY     "NetAccessKey"
+#endif
 
 static const char *config_possible_keys[] = {
 	CONFIG_KEY_NAME,
@@ -159,6 +169,11 @@ static const char *service_possible_keys[] = {
 	SERVICE_KEY_SEARCH_DOMAINS,
 	SERVICE_KEY_TIMESERVERS,
 	SERVICE_KEY_DOMAIN,
+#if defined TIZEN_EXT
+	SERVICE_KEY_CONNECTOR,
+	SERVICE_KEY_C_SIGN_KEY,
+	SERVICE_KEY_NET_ACCESS_KEY,
+#endif
 	NULL,
 };
 
@@ -265,6 +280,11 @@ free_only:
 	g_free(config_service->config_ident);
 	g_free(config_service->config_entry);
 	g_free(config_service->virtual_file);
+#if defined TIZEN_EXT
+	g_free(config_service->connector);
+	g_free(config_service->c_sign_key);
+	g_free(config_service->net_access_key);
+#endif
 	g_free(config_service);
 }
 
@@ -728,6 +748,29 @@ static bool load_service(GKeyFile *keyfile, const char *group,
 		g_free(service->passphrase);
 		service->passphrase = str;
 	}
+#if defined TIZEN_EXT
+
+	str = __connman_config_get_string(keyfile, group, SERVICE_KEY_CONNECTOR,
+					NULL);
+	if (str) {
+		g_free(service->connector);
+		service->connector = str;
+	}
+
+	str = __connman_config_get_string(keyfile, group, SERVICE_KEY_C_SIGN_KEY,
+					NULL);
+	if (str) {
+		g_free(service->c_sign_key);
+		service->c_sign_key = str;
+	}
+
+	str = __connman_config_get_string(keyfile, group, SERVICE_KEY_NET_ACCESS_KEY,
+					NULL);
+	if (str) {
+		g_free(service->net_access_key);
+		service->net_access_key = str;
+	}
+#endif
 
 	str = __connman_config_get_string(keyfile, group, SERVICE_KEY_SECURITY,
 			NULL);
@@ -763,6 +806,16 @@ static bool load_service(GKeyFile *keyfile, const char *group,
 
 		} else
 			service->security = CONNMAN_SERVICE_SECURITY_PSK;
+#if defined TIZEN_EXT
+	} else if (service->connector) {
+
+		if (str && security != CONNMAN_SERVICE_SECURITY_DPP)
+			connman_info("Mismatch between DPP configuration and "
+					"setting %s = %s",
+					SERVICE_KEY_SECURITY, str);
+
+		service->security = CONNMAN_SERVICE_SECURITY_DPP;
+#endif
 	} else if (str) {
 
 		if (security != CONNMAN_SERVICE_SECURITY_NONE)
@@ -1178,6 +1231,18 @@ static void provision_service_wifi(struct connman_config_service *config,
 
 	if (config->hidden)
 		__connman_service_set_hidden(service);
+
+#if defined TIZEN_EXT
+	if (config->connector)
+		__connman_service_set_string(service, "Connector",
+						config->connector);
+	if (config->c_sign_key)
+		__connman_service_set_string(service, "CSignKey",
+						config->c_sign_key);
+	if (config->net_access_key)
+		__connman_service_set_string(service, "NetAccessKey",
+						config->net_access_key);
+#endif
 }
 
 struct connect_virtual {
diff --git a/src/network.c b/src/network.c
index a6d635ec..d8756ec1 100755
--- a/src/network.c
+++ b/src/network.c
@@ -127,6 +127,9 @@ struct connman_network {
 		GSList *bssid_list;
 		ieee80211_modes_e phy_mode;
 		connection_mode_e connection_mode;
+		char *connector;
+		char *c_sign_key;
+		char *net_access_key;
 #endif
 	} wifi;
 
@@ -2702,6 +2705,17 @@ int connman_network_set_string(struct connman_network *network,
 	} else if (g_str_equal(key, "WiFi.PinWPS")) {
 		g_free(network->wifi.pin_wps);
 		network->wifi.pin_wps = g_strdup(value);
+#if defined TIZEN_EXT
+	} else if (g_str_equal(key, "WiFi.Connector")) {
+		g_free(network->wifi.connector);
+		network->wifi.connector = g_strdup(value);
+	} else if (g_str_equal(key, "WiFi.CSignKey")) {
+		g_free(network->wifi.c_sign_key);
+		network->wifi.c_sign_key = g_strdup(value);
+	} else if (g_str_equal(key, "WiFi.NetAccessKey")) {
+		g_free(network->wifi.net_access_key);
+		network->wifi.net_access_key = g_strdup(value);
+#endif
 	} else {
 		return -EINVAL;
 	}
@@ -2767,6 +2781,14 @@ const char *connman_network_get_string(struct connman_network *network,
 		return network->wifi.phase2_auth;
 	else if (g_str_equal(key, "WiFi.PinWPS"))
 		return network->wifi.pin_wps;
+#if defined TIZEN_EXT
+	else if (g_str_equal(key, "WiFi.Connector"))
+		return network->wifi.connector;
+	else if (g_str_equal(key, "WiFi.CSignKey"))
+		return network->wifi.c_sign_key;
+	else if (g_str_equal(key, "WiFi.NetAccessKey"))
+		return network->wifi.net_access_key;
+#endif
 
 	return NULL;
 }
diff --git a/src/service.c b/src/service.c
index 0c6e6235..9cbfa6ce 100644
--- a/src/service.c
+++ b/src/service.c
@@ -172,6 +172,11 @@ struct connman_service {
 	enum connman_dnsconfig_method dns_config_method_ipv4;
 	enum connman_dnsconfig_method dns_config_method_ipv6;
 #endif
+#if defined TIZEN_EXT
+	char *connector;
+	char *c_sign_key;
+	char *net_access_key;
+#endif
 };
 
 static bool allow_property_changed(struct connman_service *service);
@@ -350,6 +355,8 @@ enum connman_service_security __connman_service_string2security(const char *str)
 		return CONNMAN_SERVICE_SECURITY_SAE;
 	if (!strcmp(str, "owe"))
 		return CONNMAN_SERVICE_SECURITY_OWE;
+	if (!strcmp(str, "dpp"))
+		return CONNMAN_SERVICE_SECURITY_DPP;
 #endif
 
 	return CONNMAN_SERVICE_SECURITY_UNKNOWN;
@@ -374,6 +381,8 @@ static const char *security2string(enum connman_service_security security)
 		return "sae";
 	case CONNMAN_SERVICE_SECURITY_OWE:
 		return "owe";
+	case CONNMAN_SERVICE_SECURITY_DPP:
+		return "dpp";
 #else
 	case CONNMAN_SERVICE_SECURITY_RSN:
 		return "psk";
@@ -812,6 +821,29 @@ static int service_load(struct connman_service *service)
 		}
 	}
 #endif
+#if defined TIZEN_EXT
+	if (service->type == CONNMAN_SERVICE_TYPE_WIFI &&
+			service->security == CONNMAN_SERVICE_SECURITY_DPP) {
+		str = g_key_file_get_string(keyfile,
+				service->identifier, "Connector", NULL);
+		if (str != NULL) {
+			g_free(service->connector);
+			service->connector = str;
+		}
+		str = g_key_file_get_string(keyfile,
+				service->identifier, "CSignKey", NULL);
+		if (str != NULL) {
+			g_free(service->c_sign_key);
+			service->c_sign_key = str;
+		}
+		str = g_key_file_get_string(keyfile,
+				service->identifier, "NetAccessKey", NULL);
+		if (str != NULL) {
+			g_free(service->net_access_key);
+			service->net_access_key = str;
+		}
+	}
+#endif
 
 done:
 	g_key_file_free(keyfile);
@@ -1087,6 +1119,29 @@ static int service_save(struct connman_service *service)
 			g_key_file_remove_key(keyfile, service->identifier,
 					"PrivateKeyPassphrase", NULL);
 	}
+	if (service->type == CONNMAN_SERVICE_TYPE_WIFI &&
+			service->security == CONNMAN_SERVICE_SECURITY_DPP) {
+		if (service->connector != NULL && strlen(service->connector) > 0)
+			g_key_file_set_string(keyfile, service->identifier,
+					"Connector", service->connector);
+		else
+			g_key_file_remove_key(keyfile, service->identifier,
+					"Connector", NULL);
+
+		if (service->c_sign_key != NULL && strlen(service->c_sign_key) > 0)
+			g_key_file_set_string(keyfile, service->identifier,
+					"CSignKey", service->c_sign_key);
+		else
+			g_key_file_remove_key(keyfile, service->identifier,
+					"CSignKey", NULL);
+
+		if (service->net_access_key != NULL && strlen(service->net_access_key) > 0)
+			g_key_file_set_string(keyfile, service->identifier,
+					"NetAccessKey", service->net_access_key);
+		else
+			g_key_file_remove_key(keyfile, service->identifier,
+					"NetAccessKey", NULL);
+	}
 #endif
 
 done:
@@ -4204,6 +4259,7 @@ int __connman_service_check_passphrase(enum connman_service_security security,
 	case CONNMAN_SERVICE_SECURITY_8021X:
 #if defined TIZEN_EXT
 	case CONNMAN_SERVICE_SECURITY_OWE:
+	case CONNMAN_SERVICE_SECURITY_DPP:
 #endif
 		break;
 	}
@@ -4224,6 +4280,9 @@ int __connman_service_set_passphrase(struct connman_service *service,
 		return -EINVAL;
 
 #if defined TIZEN_EXT
+	if (service->immutable &&
+			service->security != CONNMAN_SERVICE_SECURITY_DPP)
+		return -EINVAL;
 	/* The encrypted passphrase is used here
 	 * and validation is done by net-config before being encrypted.
 	 */
@@ -5711,6 +5770,17 @@ static void __connman_service_cleanup_network_8021x(struct connman_service *serv
 	connman_network_set_string(service->network, "WiFi.Phase2", NULL);
 	connman_network_set_string(service->network, "WiFi.AnonymousIdentity", NULL);
 }
+static void __connman_service_cleanup_network_dpp(struct connman_service *service)
+{
+	if (service == NULL)
+		return;
+
+	DBG("service %p ", service);
+
+	connman_network_set_string(service->network, "WiFi.Connector", NULL);
+	connman_network_set_string(service->network, "WiFi.CSignKey", NULL);
+	connman_network_set_string(service->network, "WiFi.NetAccessKey", NULL);
+}
 #endif
 
 bool __connman_service_remove(struct connman_service *service)
@@ -5784,6 +5854,16 @@ bool __connman_service_remove(struct connman_service *service)
 	g_strfreev(service->nameservers_config);
 	service->nameservers_config = NULL;
 
+	g_free(service->connector);
+	service->connector = NULL;
+
+	g_free(service->c_sign_key);
+	service->c_sign_key = NULL;
+
+	g_free(service->net_access_key);
+	service->net_access_key = NULL;
+
+	__connman_service_cleanup_network_dpp(service);
 #endif
 
 	service->error = CONNMAN_SERVICE_ERROR_UNKNOWN;
@@ -6282,6 +6362,11 @@ static void service_free(gpointer user_data)
 	g_free(service->phase2);
 	g_free(service->config_file);
 	g_free(service->config_entry);
+#if defined TIZEN_EXT
+	g_free(service->connector);
+	g_free(service->c_sign_key);
+	g_free(service->net_access_key);
+#endif
 
 	if (service->stats.timer)
 		g_timer_destroy(service->stats.timer);
@@ -6855,6 +6940,19 @@ void __connman_service_set_string(struct connman_service *service,
 		service->phase2 = g_strdup(value);
 	} else if (g_str_equal(key, "Passphrase"))
 		__connman_service_set_passphrase(service, value);
+#if defined TIZEN_EXT
+	 else if (g_str_equal(key, "Connector")) {
+		g_free(service->connector);
+		service->connector = g_strdup(value);
+	 }	else if (g_str_equal(key, "CSignKey")) {
+		g_free(service->c_sign_key);
+		service->c_sign_key = g_strdup(value);
+	 }	else if (g_str_equal(key, "NetAccessKey")) {
+		g_free(service->net_access_key);
+		service->net_access_key = g_strdup(value);
+	} else
+		DBG("Unknown key: %s", key);
+#endif
 }
 
 void __connman_service_set_search_domains(struct connman_service *service,
@@ -8064,6 +8162,29 @@ static void prepare_8021x(struct connman_service *service)
 							service->phase1);
 #endif
 }
+#if defined TIZEN_EXT
+
+static bool has_valid_configuration_object(struct connman_service *service)
+{
+	return service->connector && service->c_sign_key && service->net_access_key;
+}
+
+static void prepare_dpp(struct connman_service *service)
+{
+	DBG("prepare dpp");
+	if (service->connector)
+		connman_network_set_string(service->network, "WiFi.Connector",
+								service->connector);
+
+	if (service->c_sign_key)
+		connman_network_set_string(service->network, "WiFi.CSignKey",
+							service->c_sign_key);
+
+	if (service->net_access_key)
+		connman_network_set_string(service->network, "WiFi.NetAccessKey",
+							service->net_access_key);
+}
+#endif
 
 static int service_connect(struct connman_service *service)
 {
@@ -8142,6 +8263,13 @@ static int service_connect(struct connman_service *service)
 			}
 			break;
 
+#if defined TIZEN_EXT
+		case CONNMAN_SERVICE_SECURITY_DPP:
+			if (has_valid_configuration_object(service) &&
+					!service->network)
+				return -EINVAL;
+			break;
+#endif
 		case CONNMAN_SERVICE_SECURITY_8021X:
 			if (!service->eap) {
 				connman_warn("EAP type has not been found. "
@@ -8206,6 +8334,9 @@ static int service_connect(struct connman_service *service)
 #if defined TIZEN_EXT
 		case CONNMAN_SERVICE_SECURITY_SAE:
 		case CONNMAN_SERVICE_SECURITY_OWE:
+			break;
+		case CONNMAN_SERVICE_SECURITY_DPP:
+			prepare_dpp(service);
 #endif
 			break;
 		case CONNMAN_SERVICE_SECURITY_8021X:
@@ -8902,6 +9033,8 @@ static enum connman_service_security convert_wifi_security(const char *security)
 		return CONNMAN_SERVICE_SECURITY_SAE;
 	else if (g_str_equal(security, "owe"))
 		return CONNMAN_SERVICE_SECURITY_OWE;
+	else if (g_str_equal(security, "dpp"))
+		return CONNMAN_SERVICE_SECURITY_DPP;
 	else if (g_str_equal(security, "ft_psk") == TRUE)
 		return CONNMAN_SERVICE_SECURITY_PSK;
 	else if (g_str_equal(security, "ft_ieee8021x") == TRUE)
@@ -9122,6 +9255,15 @@ struct connman_service * __connman_service_create_from_network(struct connman_ne
 		if (service->phase2 != NULL)
 			connman_network_set_string(service->network, "WiFi.Phase2",
 								service->phase2);
+		if (service->eap != NULL)
+			connman_network_set_string(service->network, "WiFi.Connector",
+								service->connector);
+		if (service->identity != NULL)
+			connman_network_set_string(service->network, "WiFi.CSignKey",
+								service->c_sign_key);
+		if (service->phase2 != NULL)
+			connman_network_set_string(service->network, "WiFi.NetAccessKey",
+								service->net_access_key);
 #endif
 	}