From 20237ebc1fe76971d368a5ecf59ea7489d2fb858 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Tue, 15 Jul 2025 13:32:35 +0530
Subject: [PATCH 1/2] modules: hostap: Add Kconfig option for debug key
 material

Add CONFIG_WIFI_NM_WPA_SUPPLICANT_DEBUG_SHOW_KEYS option to control
whether key material (passwords, encryption keys, etc.) is included
in debug output. This is equivalent to the -K command line flag in
wpa_supplicant.

The option:
- Defaults to disabled (n) for security reasons
- Includes clear warning about security risks
- Should only be enabled during development/debugging
- Provides compile-time control over key material logging

This allows developers to enable key material debugging when needed
while maintaining security by default.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
 modules/hostap/Kconfig | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/modules/hostap/Kconfig b/modules/hostap/Kconfig
index 91ecd040459b..16d03c85388f 100644
--- a/modules/hostap/Kconfig
+++ b/modules/hostap/Kconfig
@@ -79,6 +79,18 @@ config WIFI_NM_WPA_SUPPLICANT_DEBUG_LEVEL
 	  runtime filtering can also be configured in addition to the compile-time
 	  filtering.
 
+config WIFI_NM_WPA_SUPPLICANT_DEBUG_SHOW_KEYS
+	bool "Include key material in debug output"
+	default n
+	help
+	  This option enables inclusion of key material (passwords, encryption keys,
+	  etc.) in debug output. This is equivalent to the -K command line flag
+	  in wpa_supplicant.
+
+	  WARNING: This is a security risk and should only be enabled during
+	  development or debugging. Key material should never be logged in production
+	  systems as it can compromise network security.
+
 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_DBG
 # hostap debug is very verbose and despite large log buffer sizes
 # log messages can be lost. So, we set the log mode to immediate

From 71ea15f66490ea3f8ea634cfe67cab49b9673ee3 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Tue, 15 Jul 2025 13:34:44 +0530
Subject: [PATCH 2/2] manifest: hostap: Pull support to dump keys

Helps in debugging crypto issues.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
 west.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/west.yml b/west.yml
index 3634554334c3..cacf2eda9ef2 100644
--- a/west.yml
+++ b/west.yml
@@ -281,7 +281,7 @@ manifest:
         - hal
     - name: hostap
       path: modules/lib/hostap
-      revision: e942f86e865d5b24bbbe8b0c333f030cbbe62bfb
+      revision: pull/94/head
     - name: liblc3
       revision: 48bbd3eacd36e99a57317a0a4867002e0b09e183
       path: modules/lib/liblc3