SAE: Add sae_pwe configuration parameter for hostapd

This parameter can be used to specify which PWE derivation mechanism(s)
is enabled. This commit is only introducing the new parameter; actual
use of it will be address in separate commits.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-09-05 11:44:57 +03:00 committed by Jouni Malinen
parent af4487148a
commit a36e13a7cd
5 changed files with 13 additions and 0 deletions

View file

@ -4184,6 +4184,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
bss->sae_require_mfp = atoi(pos);
} else if (os_strcmp(buf, "sae_confirm_immediate") == 0) {
bss->sae_confirm_immediate = atoi(pos);
} else if (os_strcmp(buf, "sae_pwe") == 0) {
bss->sae_pwe = atoi(pos);
} else if (os_strcmp(buf, "local_pwr_constraint") == 0) {
int val = atoi(pos);
if (val < 0 || val > 255) {

View file

@ -1750,6 +1750,14 @@ own_ip_addr=127.0.0.1
# to send its SAE Confirm message first.
#sae_confirm_immediate=0
# SAE mechanism for PWE derivation
# 0 = hunting-and-pecking loop only (default)
# 1 = hash-to-element only
# 2 = both hunting-and-pecking loop and hash-to-element enabled
# Note: The default value is likely to change from 0 to 2 once the new
# hash-to-element mechanism has received more interoperability testing.
#sae_pwe=0
# FILS Cache Identifier (16-bit value in hexdump format)
#fils_cache_id=0011

View file

@ -650,6 +650,7 @@ struct hostapd_bss_config {
unsigned int sae_sync;
int sae_require_mfp;
int sae_confirm_immediate;
int sae_pwe;
int *sae_groups;
struct sae_password_entry *sae_passwords;

View file

@ -230,6 +230,7 @@ struct wpa_auth_config {
unsigned int fils_cache_id_set:1;
u8 fils_cache_id[FILS_CACHE_ID_LEN];
#endif /* CONFIG_FILS */
int sae_pwe;
};
typedef enum {

View file

@ -130,6 +130,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
os_memcpy(wconf->fils_cache_id, conf->fils_cache_id,
FILS_CACHE_ID_LEN);
#endif /* CONFIG_FILS */
wconf->sae_pwe = conf->sae_pwe;
}