From 88d3f43bd33723e47339df25b8d3a80e87e39fa9 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 7 Oct 2020 01:04:48 +0300 Subject: [PATCH] DPP2: Replace OneAsymmetricKey version number (v2 to v1) DPP tech spec was modified to use v1(0) instead of v2(1) for the OneAsymmetricKey in the Configurator backup structure to match the description in RFC 5958 Section 2 which indicates v2 to be used when any items tagged as version 2 are included. No such items are actually included in this case, so v1 should be used instead. Change OneAsymmetricKey generation to use v1(0) instead of v2(1) and parsing to accept either version to be used. This is not backwards compatible with the earlier implementation which requires v2(1) when parsing the received value. Signed-off-by: Jouni Malinen --- src/common/dpp_backup.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/dpp_backup.c b/src/common/dpp_backup.c index e12bc6d7c..67ca1a5d2 100644 --- a/src/common/dpp_backup.c +++ b/src/common/dpp_backup.c @@ -189,7 +189,7 @@ static struct wpabuf * dpp_build_key_pkg(struct dpp_authentication *auth) if (!key) goto fail; - asn1_put_integer(key, 1); /* version = v2(1) */ + asn1_put_integer(key, 0); /* version = v1(0) */ /* PrivateKeyAlgorithmIdentifier */ wpabuf_put_buf(key, alg); @@ -908,7 +908,7 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len) /* Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2) */ if (asn1_get_integer(pos, end - pos, &val, &pos) < 0) goto fail; - if (val != 1) { + if (val != 0 && val != 1) { wpa_printf(MSG_DEBUG, "DPP: Unsupported DPPAsymmetricKeyPackage version %d", val);