SAE: Tell sae_parse_commit() whether H2E is used
This will be needed to help parsing the received SAE commit. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
316156739c
commit
86f6084862
5 changed files with 9 additions and 5 deletions
|
@ -1139,7 +1139,8 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
resp = sae_parse_commit(sta->sae, mgmt->u.auth.variable,
|
resp = sae_parse_commit(sta->sae, mgmt->u.auth.variable,
|
||||||
((const u8 *) mgmt) + len -
|
((const u8 *) mgmt) + len -
|
||||||
mgmt->u.auth.variable, &token,
|
mgmt->u.auth.variable, &token,
|
||||||
&token_len, groups);
|
&token_len, groups, status_code ==
|
||||||
|
WLAN_STATUS_SAE_HASH_TO_ELEMENT);
|
||||||
if (resp == SAE_SILENTLY_DISCARD) {
|
if (resp == SAE_SILENTLY_DISCARD) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"SAE: Drop commit message from " MACSTR " due to reflection attack",
|
"SAE: Drop commit message from " MACSTR " due to reflection attack",
|
||||||
|
|
|
@ -377,7 +377,7 @@ static int sae_tests(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sae_parse_commit(&sae, peer_commit, sizeof(peer_commit), NULL, NULL,
|
if (sae_parse_commit(&sae, peer_commit, sizeof(peer_commit), NULL, NULL,
|
||||||
NULL) != 0 ||
|
NULL, 0) != 0 ||
|
||||||
sae_process_commit(&sae) < 0)
|
sae_process_commit(&sae) < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
|
|
|
@ -1099,7 +1099,8 @@ static int sae_parse_password_identifier(struct sae_data *sae,
|
||||||
|
|
||||||
|
|
||||||
u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
|
u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
|
||||||
const u8 **token, size_t *token_len, int *allowed_groups)
|
const u8 **token, size_t *token_len, int *allowed_groups,
|
||||||
|
int h2e)
|
||||||
{
|
{
|
||||||
const u8 *pos = data, *end = data + len;
|
const u8 *pos = data, *end = data + len;
|
||||||
u16 res;
|
u16 res;
|
||||||
|
|
|
@ -72,7 +72,8 @@ int sae_process_commit(struct sae_data *sae);
|
||||||
void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
|
void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
|
||||||
const struct wpabuf *token, const char *identifier);
|
const struct wpabuf *token, const char *identifier);
|
||||||
u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
|
u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
|
||||||
const u8 **token, size_t *token_len, int *allowed_groups);
|
const u8 **token, size_t *token_len, int *allowed_groups,
|
||||||
|
int h2e);
|
||||||
void sae_write_confirm(struct sae_data *sae, struct wpabuf *buf);
|
void sae_write_confirm(struct sae_data *sae, struct wpabuf *buf);
|
||||||
int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len);
|
int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len);
|
||||||
u16 sae_group_allowed(struct sae_data *sae, int *allowed_groups, u16 group);
|
u16 sae_group_allowed(struct sae_data *sae, int *allowed_groups, u16 group);
|
||||||
|
|
|
@ -1150,7 +1150,8 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
|
||||||
if (groups && groups[0] <= 0)
|
if (groups && groups[0] <= 0)
|
||||||
groups = NULL;
|
groups = NULL;
|
||||||
res = sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL,
|
res = sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL,
|
||||||
groups);
|
groups, status_code ==
|
||||||
|
WLAN_STATUS_SAE_HASH_TO_ELEMENT);
|
||||||
if (res == SAE_SILENTLY_DISCARD) {
|
if (res == SAE_SILENTLY_DISCARD) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"SAE: Drop commit message due to reflection attack");
|
"SAE: Drop commit message due to reflection attack");
|
||||||
|
|
Loading…
Reference in a new issue