DPP: Support retrieving of configurator's private key
To retain configurator information across hostapd/wpa_supplicant restart, private key need to be maintained to generate a valid pair of authentication keys (connector, netaccess_key, csign) for new enrollees in the network. Add a DPP_CONFIGURATOR_GET_KEY control interface API through which the private key of an existing configurator can be fetched. Command format: DPP_CONFIGURATOR_GET_KEY <configurator_id> The output from this command can then be used with "DPP_CONFIGURATOR_ADD key=<hexdump>" to create the same key again. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Purushottam Kushwaha
Jouni Malinen
parent
4bc801ab42
commit
8179ae3a2a
10 changed files with 83 additions and 0 deletions
|
|
@ -5510,6 +5510,30 @@ void dpp_configurator_free(struct dpp_configurator *conf)
|
|||
}
|
||||
|
||||
|
||||
int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf,
|
||||
size_t buflen)
|
||||
{
|
||||
EC_KEY *eckey;
|
||||
int key_len, ret = -1;
|
||||
unsigned char *key = NULL;
|
||||
|
||||
if (!conf->csign)
|
||||
return -1;
|
||||
|
||||
eckey = EVP_PKEY_get1_EC_KEY(conf->csign);
|
||||
if (!eckey)
|
||||
return -1;
|
||||
|
||||
key_len = i2d_ECPrivateKey(eckey, &key);
|
||||
if (key_len > 0)
|
||||
ret = wpa_snprintf_hex(buf, buflen, key, key_len);
|
||||
|
||||
EC_KEY_free(eckey);
|
||||
OPENSSL_free(key);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
struct dpp_configurator *
|
||||
dpp_keygen_configurator(const char *curve, const u8 *privkey,
|
||||
size_t privkey_len)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue