FILS: Add elements to FILS Association Request frame
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
ac56c39532
commit
86cd6928e0
4 changed files with 87 additions and 1 deletions
|
@ -3422,4 +3422,53 @@ int fils_process_auth(struct wpa_sm *sm, const u8 *data, size_t len)
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek,
|
||||||
|
size_t *kek_len, const u8 **snonce,
|
||||||
|
const u8 **anonce)
|
||||||
|
{
|
||||||
|
struct wpabuf *buf;
|
||||||
|
|
||||||
|
buf = wpabuf_alloc(1000);
|
||||||
|
if (!buf)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
/* FILS Session */
|
||||||
|
wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */
|
||||||
|
wpabuf_put_u8(buf, 1 + FILS_SESSION_LEN); /* Length */
|
||||||
|
/* Element ID Extension */
|
||||||
|
wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_SESSION);
|
||||||
|
wpabuf_put_data(buf, sm->fils_session, FILS_SESSION_LEN);
|
||||||
|
|
||||||
|
/* Everything after FILS Session element gets encrypted in the driver
|
||||||
|
* with KEK. The buffer returned from here is the plaintext version. */
|
||||||
|
|
||||||
|
/* TODO: FILS Public Key */
|
||||||
|
|
||||||
|
/* FILS Key Confirm */
|
||||||
|
wpabuf_put_u8(buf, WLAN_EID_EXTENSION); /* Element ID */
|
||||||
|
wpabuf_put_u8(buf, 1 + sm->fils_key_auth_len); /* Length */
|
||||||
|
/* Element ID Extension */
|
||||||
|
wpabuf_put_u8(buf, WLAN_EID_EXT_FILS_KEY_CONFIRM);
|
||||||
|
wpabuf_put_data(buf, sm->fils_key_auth_sta, sm->fils_key_auth_len);
|
||||||
|
|
||||||
|
/* TODO: FILS HLP Container */
|
||||||
|
|
||||||
|
/* TODO: FILS IP Address Assignment */
|
||||||
|
|
||||||
|
wpa_hexdump_buf(MSG_DEBUG, "FILS: Association Request plaintext", buf);
|
||||||
|
|
||||||
|
*kek = sm->ptk.kek;
|
||||||
|
*kek_len = sm->ptk.kek_len;
|
||||||
|
wpa_hexdump_key(MSG_DEBUG, "FILS: KEK for AEAD", *kek, *kek_len);
|
||||||
|
*snonce = sm->fils_nonce;
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FILS: SNonce for AEAD AAD",
|
||||||
|
*snonce, FILS_NONCE_LEN);
|
||||||
|
*anonce = sm->fils_anonce;
|
||||||
|
wpa_hexdump(MSG_DEBUG, "FILS: ANonce for AEAD AAD",
|
||||||
|
*anonce, FILS_NONCE_LEN);
|
||||||
|
|
||||||
|
return buf;
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* CONFIG_FILS */
|
#endif /* CONFIG_FILS */
|
||||||
|
|
|
@ -428,5 +428,8 @@ void wpa_sm_set_test_assoc_ie(struct wpa_sm *sm, struct wpabuf *buf);
|
||||||
|
|
||||||
struct wpabuf * fils_build_auth(struct wpa_sm *sm);
|
struct wpabuf * fils_build_auth(struct wpa_sm *sm);
|
||||||
int fils_process_auth(struct wpa_sm *sm, const u8 *data, size_t len);
|
int fils_process_auth(struct wpa_sm *sm, const u8 *data, size_t len);
|
||||||
|
struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek,
|
||||||
|
size_t *kek_len, const u8 **snonce,
|
||||||
|
const u8 **anonce);
|
||||||
|
|
||||||
#endif /* WPA_H */
|
#endif /* WPA_H */
|
||||||
|
|
|
@ -986,6 +986,9 @@ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
|
||||||
{
|
{
|
||||||
struct wpa_driver_associate_params params;
|
struct wpa_driver_associate_params params;
|
||||||
struct ieee802_11_elems elems;
|
struct ieee802_11_elems elems;
|
||||||
|
#ifdef CONFIG_FILS
|
||||||
|
u8 nonces[2 * FILS_NONCE_LEN];
|
||||||
|
#endif /* CONFIG_FILS */
|
||||||
#ifdef CONFIG_HT_OVERRIDES
|
#ifdef CONFIG_HT_OVERRIDES
|
||||||
struct ieee80211_ht_capabilities htcaps;
|
struct ieee80211_ht_capabilities htcaps;
|
||||||
struct ieee80211_ht_capabilities htcaps_mask;
|
struct ieee80211_ht_capabilities htcaps_mask;
|
||||||
|
@ -996,6 +999,37 @@ void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
|
||||||
#endif /* CONFIG_VHT_OVERRIDES */
|
#endif /* CONFIG_VHT_OVERRIDES */
|
||||||
|
|
||||||
os_memset(¶ms, 0, sizeof(params));
|
os_memset(¶ms, 0, sizeof(params));
|
||||||
|
|
||||||
|
#ifdef CONFIG_FILS
|
||||||
|
if (auth_type == WLAN_AUTH_FILS_SK) {
|
||||||
|
struct wpabuf *buf;
|
||||||
|
const u8 *snonce, *anonce;
|
||||||
|
|
||||||
|
buf = fils_build_assoc_req(wpa_s->wpa, ¶ms.fils_kek,
|
||||||
|
¶ms.fils_kek_len, &snonce,
|
||||||
|
&anonce);
|
||||||
|
if (!buf)
|
||||||
|
return;
|
||||||
|
/* TODO: Make wpa_s->sme.assoc_req_ie use dynamic allocation */
|
||||||
|
if (wpa_s->sme.assoc_req_ie_len + wpabuf_len(buf) >
|
||||||
|
sizeof(wpa_s->sme.assoc_req_ie)) {
|
||||||
|
wpa_printf(MSG_ERROR,
|
||||||
|
"FILS: Not enough buffer room for own AssocReq elements");
|
||||||
|
wpabuf_free(buf);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len,
|
||||||
|
wpabuf_head(buf), wpabuf_len(buf));
|
||||||
|
wpa_s->sme.assoc_req_ie_len += wpabuf_len(buf);
|
||||||
|
wpabuf_free(buf);
|
||||||
|
|
||||||
|
os_memcpy(nonces, snonce, FILS_NONCE_LEN);
|
||||||
|
os_memcpy(nonces + FILS_NONCE_LEN, anonce, FILS_NONCE_LEN);
|
||||||
|
params.fils_nonces = nonces;
|
||||||
|
params.fils_nonces_len = sizeof(nonces);
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_FILS */
|
||||||
|
|
||||||
params.bssid = bssid;
|
params.bssid = bssid;
|
||||||
params.ssid = wpa_s->sme.ssid;
|
params.ssid = wpa_s->sme.ssid;
|
||||||
params.ssid_len = wpa_s->sme.ssid_len;
|
params.ssid_len = wpa_s->sme.ssid_len;
|
||||||
|
|
|
@ -721,7 +721,7 @@ struct wpa_supplicant {
|
||||||
u8 ssid[SSID_MAX_LEN];
|
u8 ssid[SSID_MAX_LEN];
|
||||||
size_t ssid_len;
|
size_t ssid_len;
|
||||||
int freq;
|
int freq;
|
||||||
u8 assoc_req_ie[200];
|
u8 assoc_req_ie[300];
|
||||||
size_t assoc_req_ie_len;
|
size_t assoc_req_ie_len;
|
||||||
int mfp;
|
int mfp;
|
||||||
int ft_used;
|
int ft_used;
|
||||||
|
|
Loading…
Reference in a new issue