OCV: Include and verify OCI in the FT handshake

Include and verify the the OCI element in (Re)Association Request and
Response frames of the FT handshake. In case verification fails, the
handshake message is silently ignored.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>

src/rsn_supp/wpa_ft.c

@@ -14,6 +14,8 @@
 #include "crypto/random.h"
 #include "common/ieee802_11_defs.h"
 #include "common/ieee802_11_common.h"
+#include "common/ocv.h"
+#include "drivers/driver.h"
 #include "wpa.h"
 #include "wpa_i.h"
 
@@ -325,6 +327,26 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
 	*pos++ = sm->r0kh_id_len;
 	os_memcpy(pos, sm->r0kh_id, sm->r0kh_id_len);
 	pos += sm->r0kh_id_len;
+#ifdef CONFIG_OCV
+	if (kck && wpa_sm_ocv_enabled(sm)) {
+		/* OCI sub-element in the third FT message */
+		struct wpa_channel_info ci;
+
+		if (wpa_sm_channel_info(sm, &ci) != 0) {
+			wpa_printf(MSG_WARNING,
+				   "Failed to get channel info for OCI element in FTE");
+			os_free(buf);
+			return NULL;
+		}
+
+		*pos++ = FTIE_SUBELEM_OCI;
+		*pos++ = OCV_OCI_LEN;
+		if (ocv_insert_oci(&ci, &pos) < 0) {
+			os_free(buf);
+			return NULL;
+		}
+	}
+#endif /* CONFIG_OCV */
 	*ftie_len = pos - ftie_len - 1;
 
 	if (ric_ies) {
@@ -963,6 +985,25 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
 		return -1;
 	}
 
+#ifdef CONFIG_OCV
+	if (wpa_sm_ocv_enabled(sm)) {
+		struct wpa_channel_info ci;
+
+		if (wpa_sm_channel_info(sm, &ci) != 0) {
+			wpa_printf(MSG_WARNING,
+				   "Failed to get channel info to validate received OCI in (Re)Assoc Response");
+			return -1;
+		}
+
+		if (ocv_verify_tx_params(parse.oci, parse.oci_len, &ci,
+					 channel_width_to_int(ci.chanwidth),
+					 ci.seg1_idx) != 0) {
+			wpa_printf(MSG_WARNING, "%s", ocv_errorstr);
+			return -1;
+		}
+	}
+#endif /* CONFIG_OCV */
+
 	sm->ft_reassoc_completed = 1;
 
 	if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)