From 19eff7fa3e5ef3e5ec10639f613ac8d9e8354de7 Mon Sep 17 00:00:00 2001
From: Pavan Kumar Reddy B <pavankumar464@gmail.com>
Date: Mon, 25 May 2026 10:45:35 +0530
Subject: [PATCH 1/2] RDKB-64863 GUI displays incorrect security mode [Open
 (Risky)] after a Factory Reset

---
 ...et_wireless_network_configuration_edit.jst | 36 ------------
 .../xb3/jst/includes/actionHandlerUtility.jst | 55 ++++++++++++++++++
 source/Styles/xb3/jst/includes/utility.jst    | 58 ++++++++++---------
 .../wireless_network_configuration_edit.jst   | 36 +-----------
 ...et_wireless_network_configuration_edit.jst | 45 --------------
 ...ess_network_configuration_edit_onewifi.jst | 49 ----------------
 .../wireless_network_configuration_edit.jst   | 23 +-------
 ...ess_network_configuration_edit_onewifi.jst | 22 +------
 8 files changed, 92 insertions(+), 232 deletions(-)

diff --git a/source/Styles/xb3/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst b/source/Styles/xb3/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
index a0a6604..bf829a5 100644
--- a/source/Styles/xb3/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
+++ b/source/Styles/xb3/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
@@ -55,42 +55,6 @@ function MiniApplySSID($ssid) {
 	setStr("Device.WiFi.Radio."+$apply_rf+".X_CISCO_COM_ApplySettingSSID", $apply_id, false);
 	setStr("Device.WiFi.Radio."+$apply_rf+".X_CISCO_COM_ApplySetting", "true", true);
 }
-// security_mode from encrypt_mode & encrypt_method
-function security_mode($encrypt_mode, $encrypt_method) {
-	$security = "None";
-	if ("WEP-64" == $encrypt_mode){
-		$security = "WEP_64";
-	}
-	else if ("WEP-128" == $encrypt_mode){
-		$security = "WEP_128";
-	}
-	else if ("WPA-Personal" == $encrypt_mode){
-		if ("TKIP" == $encrypt_method){
-			$security = "WPA_PSK_TKIP";
-		}
-		else{
-			$security = "WPA_PSK_AES";
-		}
-	}
-	else if ("WPA2-Personal" == $encrypt_mode){
-		if ("TKIP" == $encrypt_method){
-			$security = "WPA2_PSK_TKIP";
-		}
-		else if ("AES" == $encrypt_method){
-			$security = "WPA2_PSK_AES";
-		}
-		else{
-			$security = "WPA2_PSK_TKIPAES";
-		}
-	}
-	else if ("WPA-WPA2-Personal" == $encrypt_mode){
-		$security = "WPAWPA2_PSK_TKIPAES";
-	}
-	else{
-		$security = "None";
-	}
-	return $security;
-}
 $response_message = '';
 //ssid 1,2 for all
 //ssid 3,4 for mso only
diff --git a/source/Styles/xb3/jst/includes/actionHandlerUtility.jst b/source/Styles/xb3/jst/includes/actionHandlerUtility.jst
index 3b9c07b..cee771e 100644
--- a/source/Styles/xb3/jst/includes/actionHandlerUtility.jst
+++ b/source/Styles/xb3/jst/includes/actionHandlerUtility.jst
@@ -359,4 +359,59 @@ function voiceDML(){
 	return $voiceDML;
 }
 $tvdml = voiceDML();
+
+// $security_mode from $encrypt_mode & $encrypt_method
+function security_mode($encrypt_mode, $encrypt_method) {
+	$security = "None";
+	if ("WEP-64" == $encrypt_mode){
+		$security = "WEP_64";
+	}
+	else if ("WEP-128" == $encrypt_mode){
+		$security = "WEP_128";
+	}
+	else if ("WPA-Personal" == $encrypt_mode){
+		if ("TKIP" == $encrypt_method){
+			$security = "WPA_PSK_TKIP";
+		}
+		else {
+			$security = "WPA_PSK_AES";
+		}
+	}
+	else if ("WPA2-Personal" == $encrypt_mode){
+		if ("TKIP" == $encrypt_method){
+			$security = "WPA2_PSK_TKIP";
+		}
+		else if ("AES" == $encrypt_method){
+			$security = "WPA2_PSK_AES";
+		}
+		else {
+			$security = "WPA2_PSK_TKIPAES";
+		}
+	}
+	else if ("WPA-WPA2-Personal" == $encrypt_mode){
+		$security = "WPAWPA2_PSK_TKIPAES";
+	}
+	else if ("WPA3-Personal" == $encrypt_mode){
+		if ("AES" == $encrypt_method)
+			$security = "WPA3-Personal Only";
+		else if("AES+GCMP" == $encrypt_method)
+			$security = "WPA3-Personal Only AES_GCMP";
+	}
+	else if ("WPA3-Personal-Transition" == $encrypt_mode){
+		if ("AES" == $encrypt_method)
+			$security = "WPA3-Personal Transition";
+		else if("AES+GCMP" == $encrypt_method)
+			$security = "WPA3-Personal Transition AES_GCMP";
+	}
+	else if ("WPA3-Personal-Compatibility" == $encrypt_mode){
+		if ("AES" == $encrypt_method)
+			$security = "WPA3-Personal Compatibility";
+		else if("AES+GCMP" == $encrypt_method)
+			$security = "WPA3-Personal Compatibility AES_GCMP";
+	}
+	else {
+		$security = "None";
+	}
+	return $security;
+}
 ?>
diff --git a/source/Styles/xb3/jst/includes/utility.jst b/source/Styles/xb3/jst/includes/utility.jst
index 5ccbefe..2abaefe 100644
--- a/source/Styles/xb3/jst/includes/utility.jst
+++ b/source/Styles/xb3/jst/includes/utility.jst
@@ -91,35 +91,39 @@ function KeyExtGet($root, $param)
 //return a string of encryption type
 function encrypt_map($mode, $method)
 {
-	$method = str_replace("AES+TKIP", "TKIP/AES", $method);
+	if ($method == "AES+TKIP") {
+		$method = "TKIP/AES";
+	} elseif ($method == "AES+GCMP") {
+		$method = "GCMP/AES";
+	}
 	switch ($mode)
 	{
-	case "None":
-		return "Open (risky)";
-	case "WEP-64":
-		return "WEP 64 (risky)";
-	case "WEP-128":
-		return "WEP 128 (risky)";
-	case "WPA-Personal":
-		return "WPA-PSK ("+$method+")"; 
-	case "WPA2-Personal":
-		return "WPA2-PSK ("+$method+")"; 
-	case "WPA-WPA2-Personal":
-		return "WPAWPA2-PSK ("+$method+")"; 
-	case "WPA-Enterprise":
-		return "WPA ("+$method+")"; 
-	case "WPA2-Enterprise":
-		return "WPA2 ("+$method+")"; 
-	case "WPA-WPA2-Enterprise":
-		return "WPAWPA2 ("+$method+")"; 
-	case "WPA3-Personal":
-		return "WPA3-Personal Only";
-	case "WPA3-Personal-Transition":
-                return "WPA3-Personal Transition";
-        case "WPA3-Personal-Compatibility":
-                return "WPA3-Personal Compatibility";
-	default:
-		return "WPAWPA2-PSK (TKIP/AES)";
+		case "None":
+			return "Open (risky)";
+		case "WEP-64":
+			return "WEP 64 (risky)";
+		case "WEP-128":
+			return "WEP 128 (risky)";
+		case "WPA-Personal":
+			return "WPA-PSK ("+$method+")";
+		case "WPA2-Personal":
+			return "WPA2-PSK ("+$method+")";
+		case "WPA-WPA2-Personal":
+			return "WPAWPA2-PSK ("+$method+")";
+		case "WPA-Enterprise":
+			return "WPA ("+$method+")";
+		case "WPA2-Enterprise":
+			return "WPA2 ("+$method+")";
+		case "WPA-WPA2-Enterprise":
+			return "WPAWPA2 ("+$method+")";
+		case "WPA3-Personal":
+			return "WPA3-Personal Only";
+		case "WPA3-Personal-Transition":
+			return "WPA3-Personal Transition";
+		case "WPA3-Personal-Compatibility":
+			return "WPA3-Personal Compatibility";
+		default:
+			return "WPAWPA2-PSK (TKIP/AES)";
 	}
 }
 /**
diff --git a/source/Styles/xb3/jst/wireless_network_configuration_edit.jst b/source/Styles/xb3/jst/wireless_network_configuration_edit.jst
index c0410a5..156332f 100644
--- a/source/Styles/xb3/jst/wireless_network_configuration_edit.jst
+++ b/source/Styles/xb3/jst/wireless_network_configuration_edit.jst
@@ -157,40 +157,8 @@ if ("false" == $wifi_value['Radio_'+$rf+'_Enable']){
 $supported_mode		= $wifi_value['SupportedStandards'];
 if ("1-11"==$possible_channels)
 $possible_channels = "1,2,3,4,5,6,7,8,9,10,11";
-$security = "None";
-if ("WEP-64" == $encrypt_mode){
-		$security = "WEP_64";
-		$network_password = $network_pass_64;
-}
-else if ("WEP-128" == $encrypt_mode){
-		$security = "WEP_128";
-		$network_password = $network_pass_128;
-}
-else if ("WPA-Personal" == $encrypt_mode){
-	if ("TKIP" == $encrypt_method){
-		$security = "WPA_PSK_TKIP";
-	}
-	else{
-		$security = "WPA_PSK_AES";
-	}
-}
-else if ("WPA2-Personal" == $encrypt_mode){
-	if ("TKIP" == $encrypt_method){
-		$security = "WPA2_PSK_TKIP";
-	}
-	else if ("AES" == $encrypt_method){
-		$security = "WPA2_PSK_AES";
-	}
-	else{
-		$security = "WPA2_PSK_TKIPAES";
-	}
-}
-else if ("WPA-WPA2-Personal" == $encrypt_mode){
-		$security = "WPAWPA2_PSK_TKIPAES";
-}
-else{
-		$security = "None";
-}
+$security = encrypt_map($encrypt_mode, $encrypt_method);
+
 //for SSID 1 and 2 don't show password for mso user
 $password_mso_user = !(($id == 1 || $id == 2) && ($_SESSION["loginuser"] == "mso"));
 ?>
diff --git a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
index 671ac52..e71a98a 100644
--- a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
+++ b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
@@ -71,51 +71,6 @@ $get_encrypt_mode	= getStr("Device.WiFi.AccessPoint."+$i+".Security.ModeEnabled"
 $get_encrypt_method	= getStr("Device.WiFi.AccessPoint."+$i+".Security.X_CISCO_COM_EncryptionMethod");
 $WifiPersonalizationEnable = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_WiFiNeedsPersonalization");
 
-// security_mode from $encrypt_mode & $encrypt_method
-function security_mode($encrypt_mode, $encrypt_method) {
-	$security = "None";
-	if ("WEP-64" == $encrypt_mode){
-		$security = "WEP_64";
-	}
-	else if ("WEP-128" == $encrypt_mode){
-		$security = "WEP_128";
-	}
-	else if ("WPA-Personal" == $encrypt_mode){
-		if ("TKIP" == $encrypt_method){
-			$security = "WPA_PSK_TKIP";
-		}
-		else {
-			$security = "WPA_PSK_AES";
-		}
-	}
-	else if ("WPA2-Personal" == $encrypt_mode){
-		if ("TKIP" == $encrypt_method){
-			$security = "WPA2_PSK_TKIP";
-		}
-		else if ("AES" == $encrypt_method){
-			$security = "WPA2_PSK_AES";
-		}
-		else {
-			$security = "WPA2_PSK_TKIPAES";
-		}
-	}
-	else if ("WPA-WPA2-Personal" == $encrypt_mode){
-		$security = "WPAWPA2_PSK_TKIPAES";
-	}
-	else if ("WPA3-Personal" == $encrypt_mode){
-		if ("AES" == $encrypt_method)
-			$security = "WPA3-Personal Only";
-	}
-	else if ("WPA3-Personal-Transition" == $encrypt_mode){
-		if ("AES" == $encrypt_method)
-			$security = "WPA3-Personal Transition";
-	}
-	else {
-		$security = "None";
-	}
-	return $security;
-}
-
 if($i != 1 && $i != 2 && $i != 17) $Mesh_Mode = false;
 if($i != 1 && $i != 2 && $i != 17) $HCM_Mode = "Disable";
 $response_message = '';
diff --git a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst
index 48bed5f..59856ff 100644
--- a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst
+++ b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst
@@ -71,55 +71,6 @@ $get_encrypt_mode	= getStr("Device.WiFi.AccessPoint."+$i+".Security.ModeEnabled"
 $get_encrypt_method	= getStr("Device.WiFi.AccessPoint."+$i+".Security.X_CISCO_COM_EncryptionMethod");
 $WifiPersonalizationEnable = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_WiFiNeedsPersonalization");
 
-// security_mode from $encrypt_mode & $encrypt_method
-function security_mode($encrypt_mode, $encrypt_method) {
-	$security = "None";
-	if ("WEP-64" == $encrypt_mode){
-		$security = "WEP_64";
-	}
-	else if ("WEP-128" == $encrypt_mode){
-		$security = "WEP_128";
-	}
-	else if ("WPA-Personal" == $encrypt_mode){
-		if ("TKIP" == $encrypt_method){
-			$security = "WPA_PSK_TKIP";
-		}
-		else {
-			$security = "WPA_PSK_AES";
-		}
-	}
-	else if ("WPA2-Personal" == $encrypt_mode){
-		if ("TKIP" == $encrypt_method){
-			$security = "WPA2_PSK_TKIP";
-		}
-		else if ("AES" == $encrypt_method){
-			$security = "WPA2_PSK_AES";
-		}
-		else {
-			$security = "WPA2_PSK_TKIPAES";
-		}
-	}
-	else if ("WPA-WPA2-Personal" == $encrypt_mode){
-		$security = "WPAWPA2_PSK_TKIPAES";
-	}
-	else if ("WPA3-Personal" == $encrypt_mode){
-		if ("AES" == $encrypt_method)
-			$security = "WPA3-Personal Only";
-	}
-	else if ("WPA3-Personal-Transition" == $encrypt_mode){
-		if ("AES" == $encrypt_method)
-			$security = "WPA3-Personal Transition";
-	}
-        else if ("WPA3-Personal-Compatibility" == $encrypt_mode){
-                if ("AES" == $encrypt_method)
-                        $security = "WPA3-Personal Compatibility";
-        }
-	else {
-		$security = "None";
-	}
-	return $security;
-}
-
 if($i != 1 && $i != 2 && $i != 17) $Mesh_Mode = false;
 if($i != 1 && $i != 2 && $i != 17) $HCM_Mode = "Disable";
 $response_message = '';
diff --git a/source/Styles/xb6/jst/wireless_network_configuration_edit.jst b/source/Styles/xb6/jst/wireless_network_configuration_edit.jst
index a57b84e..ebcfee1 100644
--- a/source/Styles/xb6/jst/wireless_network_configuration_edit.jst
+++ b/source/Styles/xb6/jst/wireless_network_configuration_edit.jst
@@ -158,7 +158,7 @@ if($id != 1 && $id != 2 && $id != 17) $Mesh_Mode = 'false';
 if(strstr($_SESSION["lanMode"], "bridge-static") ) {
 	if($_SESSION["loginuser"] != "mso")
 	{
-        	if($OperatingChannelBandwidth == "6GHz")
+		if($OperatingChannelBandwidth == "6GHz")
         	array_remove($valid_ids,4);
 		array_remove($valid_ids,3);
 		array_remove($valid_ids,2);
@@ -167,7 +167,7 @@ if(strstr($_SESSION["lanMode"], "bridge-static") ) {
 	}
 	else
 	{
-        	if($OperatingChannelBandwidth == "6GHz")
+		if($OperatingChannelBandwidth == "6GHz")
         	array_remove($valid_ids,4);
 		array_remove($valid_ids,1);
 		array_remove($valid_ids,0);
@@ -188,24 +188,7 @@ $supported_mode         = $wifi_value['SupportedStandards'];
 
 if ("1-11"==$possible_channels)
 $possible_channels = "1,2,3,4,5,6,7,8,9,10,11";
-$security = "None";
-if ("WPA2-Personal" == $encrypt_mode){
-	if ("TKIP" == $encrypt_method){
-		$security = "WPA2_PSK_TKIP";
-	}
-	else if ("AES" == $encrypt_method){
-		$security = "WPA2_PSK_AES";
-	}
-}else if ("WPA3-Personal" == $encrypt_mode){
-    if ("AES" == $encrypt_method)
-        	$security = "WPA3-Personal Only";
-}else if ("WPA3-Personal-Transition" == $encrypt_mode){
-    if ("AES" == $encrypt_method)
-        $security = "WPA3-Personal Transition";
-}
-else{
-                $security = "None";
-}
+$security = encrypt_map($encrypt_mode, $encrypt_method);
 
 //for SSID 1 and 2 don't show password for mso user
 $password_mso_user = !(($id == 1 || $id == 2 || $id == 17) && ($_SESSION["loginuser"] == "mso"));
diff --git a/source/Styles/xb6/jst/wireless_network_configuration_edit_onewifi.jst b/source/Styles/xb6/jst/wireless_network_configuration_edit_onewifi.jst
index accbbfd..63bd461 100644
--- a/source/Styles/xb6/jst/wireless_network_configuration_edit_onewifi.jst
+++ b/source/Styles/xb6/jst/wireless_network_configuration_edit_onewifi.jst
@@ -198,27 +198,7 @@ $supported_mode         = getStr("Device.WiFi.Radio."+$rf+".SupportedStandards")
 
 if ("1-11"==$possible_channels)
 $possible_channels = "1,2,3,4,5,6,7,8,9,10,11";
-$security = "None";
-if ("WPA2-Personal" == $encrypt_mode){
-	if ("TKIP" == $encrypt_method){
-		$security = "WPA2_PSK_TKIP";
-	}
-	else if ("AES" == $encrypt_method){
-		$security = "WPA2_PSK_AES";
-	}
-}else if ("WPA3-Personal" == $encrypt_mode){
-    if ("AES" == $encrypt_method)
-        	$security = "WPA3-Personal Only";
-}else if ("WPA3-Personal-Transition" == $encrypt_mode){
-    if ("AES" == $encrypt_method)
-        $security = "WPA3-Personal Transition";
-}else if ("WPA3-Personal-Compatibility" == $encrypt_mode){
-    if ("AES" == $encrypt_method)
-        $security = "WPA3-Personal Compatibility";
-}
-else{
-                $security = "None";
-}
+$security = encrypt_map($encrypt_mode, $encrypt_method);
 
 //for SSID 1 and 2 don't show password for mso user
 $password_mso_user = !(($id == 1 || $id == 2 || $id == 17) && ($_SESSION["loginuser"] == "mso"));

From 193b1ca6a6fb11063f99bb9ccec43a6daf774104 Mon Sep 17 00:00:00 2001
From: Pavan Kumar Reddy B <PavanKumarReddy_Balireddy@comcast.com>
Date: Mon, 25 May 2026 14:43:09 +0530
Subject: [PATCH 2/2] Syntax error in utility.jst

---
 source/Styles/xb3/jst/includes/utility.jst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/Styles/xb3/jst/includes/utility.jst b/source/Styles/xb3/jst/includes/utility.jst
index 2abaefe..64dd41f 100644
--- a/source/Styles/xb3/jst/includes/utility.jst
+++ b/source/Styles/xb3/jst/includes/utility.jst
@@ -93,7 +93,7 @@ function encrypt_map($mode, $method)
 {
 	if ($method == "AES+TKIP") {
 		$method = "TKIP/AES";
-	} elseif ($method == "AES+GCMP") {
+	} else if ($method == "AES+GCMP") {
 		$method = "GCMP/AES";
 	}
 	switch ($mode)