SAE: Move H2E and PK flags to main sae_data
This maintains knowledge of whether H2E or PK was used as part of the SAE authentication beyond the removal of temporary state needed during that authentication. This makes it easier to use information about which kind of SAE authentication was used at higher layer functionality. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
bc908daace
commit
cc22fb1b86
6 changed files with 30 additions and 33 deletions
|
@ -439,7 +439,7 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
|
||||||
#ifdef CONFIG_SAE
|
#ifdef CONFIG_SAE
|
||||||
if (hapd->conf->sae_pwe == 2 &&
|
if (hapd->conf->sae_pwe == 2 &&
|
||||||
sta->auth_alg == WLAN_AUTH_SAE &&
|
sta->auth_alg == WLAN_AUTH_SAE &&
|
||||||
sta->sae && sta->sae->tmp && !sta->sae->tmp->h2e &&
|
sta->sae && !sta->sae->h2e &&
|
||||||
elems.rsnxe && elems.rsnxe_len >= 1 &&
|
elems.rsnxe && elems.rsnxe_len >= 1 &&
|
||||||
(elems.rsnxe[0] & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
|
(elems.rsnxe[0] & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
|
||||||
wpa_printf(MSG_INFO, "SAE: " MACSTR
|
wpa_printf(MSG_INFO, "SAE: " MACSTR
|
||||||
|
|
|
@ -483,7 +483,7 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd,
|
||||||
|
|
||||||
if (sta->sae->tmp) {
|
if (sta->sae->tmp) {
|
||||||
rx_id = sta->sae->tmp->pw_id;
|
rx_id = sta->sae->tmp->pw_id;
|
||||||
use_pt = sta->sae->tmp->h2e;
|
use_pt = sta->sae->h2e;
|
||||||
#ifdef CONFIG_SAE_PK
|
#ifdef CONFIG_SAE_PK
|
||||||
os_memcpy(sta->sae->tmp->own_addr, hapd->own_addr, ETH_ALEN);
|
os_memcpy(sta->sae->tmp->own_addr, hapd->own_addr, ETH_ALEN);
|
||||||
os_memcpy(sta->sae->tmp->peer_addr, sta->addr, ETH_ALEN);
|
os_memcpy(sta->sae->tmp->peer_addr, sta->addr, ETH_ALEN);
|
||||||
|
@ -594,9 +594,9 @@ static int auth_sae_send_commit(struct hostapd_data *hapd,
|
||||||
if (data == NULL)
|
if (data == NULL)
|
||||||
return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
return WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||||
|
|
||||||
if (sta->sae->tmp && sta->sae->tmp->pk)
|
if (sta->sae->tmp && sta->sae->pk)
|
||||||
status = WLAN_STATUS_SAE_PK;
|
status = WLAN_STATUS_SAE_PK;
|
||||||
else if (sta->sae->tmp && sta->sae->tmp->h2e)
|
else if (sta->sae->tmp && sta->sae->h2e)
|
||||||
status = WLAN_STATUS_SAE_HASH_TO_ELEMENT;
|
status = WLAN_STATUS_SAE_HASH_TO_ELEMENT;
|
||||||
else
|
else
|
||||||
status = WLAN_STATUS_SUCCESS;
|
status = WLAN_STATUS_SUCCESS;
|
||||||
|
@ -921,11 +921,11 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
case SAE_NOTHING:
|
case SAE_NOTHING:
|
||||||
if (auth_transaction == 1) {
|
if (auth_transaction == 1) {
|
||||||
if (sta->sae->tmp) {
|
if (sta->sae->tmp) {
|
||||||
sta->sae->tmp->h2e =
|
sta->sae->h2e =
|
||||||
(status_code ==
|
(status_code ==
|
||||||
WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
|
WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
|
||||||
status_code == WLAN_STATUS_SAE_PK);
|
status_code == WLAN_STATUS_SAE_PK);
|
||||||
sta->sae->tmp->pk =
|
sta->sae->pk =
|
||||||
status_code == WLAN_STATUS_SAE_PK;
|
status_code == WLAN_STATUS_SAE_PK;
|
||||||
}
|
}
|
||||||
ret = auth_sae_send_commit(hapd, sta, bssid,
|
ret = auth_sae_send_commit(hapd, sta, bssid,
|
||||||
|
@ -1440,7 +1440,7 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
"SAE: Request anti-clogging token from "
|
"SAE: Request anti-clogging token from "
|
||||||
MACSTR, MAC2STR(sta->addr));
|
MACSTR, MAC2STR(sta->addr));
|
||||||
if (sta->sae->tmp)
|
if (sta->sae->tmp)
|
||||||
h2e = sta->sae->tmp->h2e;
|
h2e = sta->sae->h2e;
|
||||||
if (status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
|
if (status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
|
||||||
status_code == WLAN_STATUS_SAE_PK)
|
status_code == WLAN_STATUS_SAE_PK)
|
||||||
h2e = 1;
|
h2e = 1;
|
||||||
|
@ -3405,7 +3405,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
|
|
||||||
if (hapd->conf->sae_pwe == 2 &&
|
if (hapd->conf->sae_pwe == 2 &&
|
||||||
sta->auth_alg == WLAN_AUTH_SAE &&
|
sta->auth_alg == WLAN_AUTH_SAE &&
|
||||||
sta->sae && sta->sae->tmp && !sta->sae->tmp->h2e &&
|
sta->sae && !sta->sae->h2e &&
|
||||||
elems.rsnxe && elems.rsnxe_len >= 1 &&
|
elems.rsnxe && elems.rsnxe_len >= 1 &&
|
||||||
(elems.rsnxe[0] & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
|
(elems.rsnxe[0] & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
|
||||||
wpa_printf(MSG_INFO, "SAE: " MACSTR
|
wpa_printf(MSG_INFO, "SAE: " MACSTR
|
||||||
|
|
|
@ -1364,8 +1364,8 @@ int sae_prepare_commit(const u8 *addr1, const u8 *addr2,
|
||||||
identifier) < 0))
|
identifier) < 0))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
sae->tmp->h2e = 0;
|
sae->h2e = 0;
|
||||||
sae->tmp->pk = 0;
|
sae->pk = 0;
|
||||||
return sae_derive_commit(sae);
|
return sae_derive_commit(sae);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1434,7 +1434,7 @@ int sae_prepare_commit_pt(struct sae_data *sae, const struct sae_pt *pt,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
sae->tmp->h2e = 1;
|
sae->h2e = 1;
|
||||||
return sae_derive_commit(sae);
|
return sae_derive_commit(sae);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1559,14 +1559,14 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
|
||||||
* When SAE-PK is used,
|
* When SAE-PK is used,
|
||||||
* KCK || PMK || KEK = KDF-Hash-Length(keyseed, "SAE-PK keys", context)
|
* KCK || PMK || KEK = KDF-Hash-Length(keyseed, "SAE-PK keys", context)
|
||||||
*/
|
*/
|
||||||
if (!sae->tmp->h2e)
|
if (!sae->h2e)
|
||||||
hash_len = SHA256_MAC_LEN;
|
hash_len = SHA256_MAC_LEN;
|
||||||
else if (sae->tmp->dh)
|
else if (sae->tmp->dh)
|
||||||
hash_len = sae_ffc_prime_len_2_hash_len(prime_len);
|
hash_len = sae_ffc_prime_len_2_hash_len(prime_len);
|
||||||
else
|
else
|
||||||
hash_len = sae_ecc_prime_len_2_hash_len(prime_len);
|
hash_len = sae_ecc_prime_len_2_hash_len(prime_len);
|
||||||
if (sae->tmp->h2e && (sae->tmp->own_rejected_groups ||
|
if (sae->h2e && (sae->tmp->own_rejected_groups ||
|
||||||
sae->tmp->peer_rejected_groups)) {
|
sae->tmp->peer_rejected_groups)) {
|
||||||
struct wpabuf *own, *peer;
|
struct wpabuf *own, *peer;
|
||||||
|
|
||||||
own = sae->tmp->own_rejected_groups;
|
own = sae->tmp->own_rejected_groups;
|
||||||
|
@ -1617,13 +1617,13 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
|
||||||
* octets). */
|
* octets). */
|
||||||
crypto_bignum_to_bin(tmp, val, sizeof(val), sae->tmp->order_len);
|
crypto_bignum_to_bin(tmp, val, sizeof(val), sae->tmp->order_len);
|
||||||
wpa_hexdump(MSG_DEBUG, "SAE: PMKID", val, SAE_PMKID_LEN);
|
wpa_hexdump(MSG_DEBUG, "SAE: PMKID", val, SAE_PMKID_LEN);
|
||||||
if (!sae->tmp->pk &&
|
if (!sae->pk &&
|
||||||
sae_kdf_hash(hash_len, keyseed, "SAE KCK and PMK",
|
sae_kdf_hash(hash_len, keyseed, "SAE KCK and PMK",
|
||||||
val, sae->tmp->order_len,
|
val, sae->tmp->order_len,
|
||||||
keys, hash_len + SAE_PMK_LEN) < 0)
|
keys, hash_len + SAE_PMK_LEN) < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
#ifdef CONFIG_SAE_PK
|
#ifdef CONFIG_SAE_PK
|
||||||
if (sae->tmp->pk &&
|
if (sae->pk &&
|
||||||
sae_kdf_hash(hash_len, keyseed, "SAE-PK keys",
|
sae_kdf_hash(hash_len, keyseed, "SAE-PK keys",
|
||||||
val, sae->tmp->order_len,
|
val, sae->tmp->order_len,
|
||||||
keys, 2 * hash_len + SAE_PMK_LEN) < 0)
|
keys, 2 * hash_len + SAE_PMK_LEN) < 0)
|
||||||
|
@ -1635,7 +1635,7 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
|
||||||
os_memcpy(sae->pmk, keys + hash_len, SAE_PMK_LEN);
|
os_memcpy(sae->pmk, keys + hash_len, SAE_PMK_LEN);
|
||||||
os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
|
os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
|
||||||
#ifdef CONFIG_SAE_PK
|
#ifdef CONFIG_SAE_PK
|
||||||
if (sae->tmp->pk) {
|
if (sae->pk) {
|
||||||
os_memcpy(sae->tmp->kek, keys + hash_len + SAE_PMK_LEN,
|
os_memcpy(sae->tmp->kek, keys + hash_len + SAE_PMK_LEN,
|
||||||
hash_len);
|
hash_len);
|
||||||
sae->tmp->kek_len = hash_len;
|
sae->tmp->kek_len = hash_len;
|
||||||
|
@ -1677,7 +1677,7 @@ int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
wpabuf_put_le16(buf, sae->group); /* Finite Cyclic Group */
|
wpabuf_put_le16(buf, sae->group); /* Finite Cyclic Group */
|
||||||
if (!sae->tmp->h2e && token) {
|
if (!sae->h2e && token) {
|
||||||
wpabuf_put_buf(buf, token);
|
wpabuf_put_buf(buf, token);
|
||||||
wpa_hexdump(MSG_DEBUG, "SAE: Anti-clogging token",
|
wpa_hexdump(MSG_DEBUG, "SAE: Anti-clogging token",
|
||||||
wpabuf_head(token), wpabuf_len(token));
|
wpabuf_head(token), wpabuf_len(token));
|
||||||
|
@ -1718,7 +1718,7 @@ int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
|
||||||
identifier);
|
identifier);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sae->tmp->h2e && sae->tmp->own_rejected_groups) {
|
if (sae->h2e && sae->tmp->own_rejected_groups) {
|
||||||
wpa_hexdump_buf(MSG_DEBUG, "SAE: own Rejected Groups",
|
wpa_hexdump_buf(MSG_DEBUG, "SAE: own Rejected Groups",
|
||||||
sae->tmp->own_rejected_groups);
|
sae->tmp->own_rejected_groups);
|
||||||
wpabuf_put_u8(buf, WLAN_EID_EXTENSION);
|
wpabuf_put_u8(buf, WLAN_EID_EXTENSION);
|
||||||
|
@ -1728,7 +1728,7 @@ int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
|
||||||
wpabuf_put_buf(buf, sae->tmp->own_rejected_groups);
|
wpabuf_put_buf(buf, sae->tmp->own_rejected_groups);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sae->tmp->h2e && token) {
|
if (sae->h2e && token) {
|
||||||
wpabuf_put_u8(buf, WLAN_EID_EXTENSION);
|
wpabuf_put_u8(buf, WLAN_EID_EXTENSION);
|
||||||
wpabuf_put_u8(buf, 1 + wpabuf_len(token));
|
wpabuf_put_u8(buf, 1 + wpabuf_len(token));
|
||||||
wpabuf_put_u8(buf, WLAN_EID_EXT_ANTI_CLOGGING_TOKEN);
|
wpabuf_put_u8(buf, WLAN_EID_EXT_ANTI_CLOGGING_TOKEN);
|
||||||
|
|
|
@ -59,8 +59,6 @@ struct sae_temporary_data {
|
||||||
u8 bssid[ETH_ALEN];
|
u8 bssid[ETH_ALEN];
|
||||||
struct wpabuf *own_rejected_groups;
|
struct wpabuf *own_rejected_groups;
|
||||||
struct wpabuf *peer_rejected_groups;
|
struct wpabuf *peer_rejected_groups;
|
||||||
unsigned int h2e:1;
|
|
||||||
unsigned int pk:1;
|
|
||||||
unsigned int own_addr_higher:1;
|
unsigned int own_addr_higher:1;
|
||||||
|
|
||||||
#ifdef CONFIG_SAE_PK
|
#ifdef CONFIG_SAE_PK
|
||||||
|
@ -106,6 +104,8 @@ struct sae_data {
|
||||||
int group;
|
int group;
|
||||||
unsigned int sync; /* protocol instance variable: Sync */
|
unsigned int sync; /* protocol instance variable: Sync */
|
||||||
u16 rc; /* protocol instance variable: Rc (received send-confirm) */
|
u16 rc; /* protocol instance variable: Rc (received send-confirm) */
|
||||||
|
unsigned int h2e:1;
|
||||||
|
unsigned int pk:1;
|
||||||
struct sae_temporary_data *tmp;
|
struct sae_temporary_data *tmp;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -528,7 +528,7 @@ int sae_check_confirm_pk(struct sae_data *sae, const u8 *ies, size_t ies_len)
|
||||||
|
|
||||||
if (!tmp)
|
if (!tmp)
|
||||||
return -1;
|
return -1;
|
||||||
if (!tmp->pk || tmp->ap_pk)
|
if (!sae->pk || tmp->ap_pk)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (tmp->kek_len != 32 && tmp->kek_len != 48 && tmp->kek_len != 64) {
|
if (tmp->kek_len != 32 && tmp->kek_len != 48 && tmp->kek_len != 64) {
|
||||||
|
|
|
@ -128,8 +128,8 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
|
||||||
os_memcmp(bssid, wpa_s->sme.sae.tmp->bssid, ETH_ALEN) == 0) {
|
os_memcmp(bssid, wpa_s->sme.sae.tmp->bssid, ETH_ALEN) == 0) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"SAE: Reuse previously generated PWE on a retry with the same AP");
|
"SAE: Reuse previously generated PWE on a retry with the same AP");
|
||||||
use_pt = wpa_s->sme.sae.tmp->h2e;
|
use_pt = wpa_s->sme.sae.h2e;
|
||||||
use_pk = wpa_s->sme.sae.tmp->pk;
|
use_pk = wpa_s->sme.sae.pk;
|
||||||
goto reuse_data;
|
goto reuse_data;
|
||||||
}
|
}
|
||||||
if (sme_set_sae_group(wpa_s) < 0) {
|
if (sme_set_sae_group(wpa_s) < 0) {
|
||||||
|
@ -190,7 +190,7 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
|
||||||
if (wpa_s->sme.sae.tmp) {
|
if (wpa_s->sme.sae.tmp) {
|
||||||
os_memcpy(wpa_s->sme.sae.tmp->bssid, bssid, ETH_ALEN);
|
os_memcpy(wpa_s->sme.sae.tmp->bssid, bssid, ETH_ALEN);
|
||||||
if (use_pt && use_pk)
|
if (use_pt && use_pk)
|
||||||
wpa_s->sme.sae.tmp->pk = 1;
|
wpa_s->sme.sae.pk = 1;
|
||||||
#ifdef CONFIG_SAE_PK
|
#ifdef CONFIG_SAE_PK
|
||||||
os_memcpy(wpa_s->sme.sae.tmp->own_addr, wpa_s->own_addr,
|
os_memcpy(wpa_s->sme.sae.tmp->own_addr, wpa_s->own_addr,
|
||||||
ETH_ALEN);
|
ETH_ALEN);
|
||||||
|
@ -1266,8 +1266,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
|
||||||
wpabuf_free(wpa_s->sme.sae_token);
|
wpabuf_free(wpa_s->sme.sae_token);
|
||||||
token_pos = data + sizeof(le16);
|
token_pos = data + sizeof(le16);
|
||||||
token_len = len - sizeof(le16);
|
token_len = len - sizeof(le16);
|
||||||
if (wpa_s->sme.sae.tmp)
|
h2e = wpa_s->sme.sae.h2e;
|
||||||
h2e = wpa_s->sme.sae.tmp->h2e;
|
|
||||||
if (h2e) {
|
if (h2e) {
|
||||||
if (token_len < 3) {
|
if (token_len < 3) {
|
||||||
wpa_dbg(wpa_s, MSG_DEBUG,
|
wpa_dbg(wpa_s, MSG_DEBUG,
|
||||||
|
@ -1348,20 +1347,18 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
|
||||||
"SAE: Ignore commit message while waiting for confirm");
|
"SAE: Ignore commit message while waiting for confirm");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (wpa_s->sme.sae.tmp && wpa_s->sme.sae.tmp->h2e &&
|
if (wpa_s->sme.sae.h2e && status_code == WLAN_STATUS_SUCCESS) {
|
||||||
status_code == WLAN_STATUS_SUCCESS) {
|
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"SAE: Unexpected use of status code 0 in SAE commit when H2E was expected");
|
"SAE: Unexpected use of status code 0 in SAE commit when H2E was expected");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (wpa_s->sme.sae.tmp &&
|
if ((!wpa_s->sme.sae.h2e || wpa_s->sme.sae.pk) &&
|
||||||
(!wpa_s->sme.sae.tmp->h2e || wpa_s->sme.sae.tmp->pk) &&
|
|
||||||
status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT) {
|
status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"SAE: Unexpected use of status code for H2E in SAE commit when H2E was not expected");
|
"SAE: Unexpected use of status code for H2E in SAE commit when H2E was not expected");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (wpa_s->sme.sae.tmp && !wpa_s->sme.sae.tmp->pk &&
|
if (!wpa_s->sme.sae.pk &&
|
||||||
status_code == WLAN_STATUS_SAE_PK) {
|
status_code == WLAN_STATUS_SAE_PK) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"SAE: Unexpected use of status code for PK in SAE commit when PK was not expected");
|
"SAE: Unexpected use of status code for PK in SAE commit when PK was not expected");
|
||||||
|
|
Loading…
Reference in a new issue