From e6f64a8e1daffbf96bdfe060648a32837109cc0b Mon Sep 17 00:00:00 2001
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Thu, 24 Aug 2023 17:58:25 +0300
Subject: [PATCH] FT: FTE MIC calculation for MLO Reassociation Request frame

Extend wpa_ft_mic() to take in an array of link addresses to allow the
FTE MIC to be calculated for Reassociation Request frame as described in
IEEE P802.11be/D4.0, 13.8.4. This commit does not change actual
behavior, i.e., this is just preparing wpa_ft_mic() and the existing
callers with a new argument.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---
 src/ap/wpa_auth_ft.c    |  2 ++
 src/common/wpa_common.c | 15 +++++++++++++--
 src/common/wpa_common.h |  4 ++--
 src/rsn_supp/wpa_ft.c   |  2 ++
 wlantest/rx_mgmt.c      |  2 ++
 5 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 8cd0cd231..70e73df16 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -2851,6 +2851,7 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
 		       rsnie, rsnie_len,
 		       ric_start, ric_start ? pos - ric_start : 0,
 		       rsnxe_len ? rsnxe : NULL, rsnxe_len,
+		       NULL,
 		       fte_mic) < 0) {
 		wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC");
 		return NULL;
@@ -3616,6 +3617,7 @@ int wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies,
 		       parse.ric, parse.ric_len,
 		       parse.rsnxe ? parse.rsnxe - 2 : NULL,
 		       parse.rsnxe ? parse.rsnxe_len + 2 : 0,
+		       NULL,
 		       mic) < 0) {
 		wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC");
 		return WLAN_STATUS_UNSPECIFIED_FAILURE;
diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index 88b6bbe15..4456e6a16 100644
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -890,10 +890,11 @@ int wpa_ft_mic(int key_mgmt, const u8 *kck, size_t kck_len, const u8 *sta_addr,
 	       const u8 *rsnie, size_t rsnie_len,
 	       const u8 *ric, size_t ric_len,
 	       const u8 *rsnxe, size_t rsnxe_len,
+	       const u8 link_addr[MAX_NUM_MLO_LINKS][ETH_ALEN],
 	       u8 *mic)
 {
-	const u8 *addr[10];
-	size_t len[10];
+	const u8 *addr[10 + MAX_NUM_MLO_LINKS];
+	size_t len[10 + MAX_NUM_MLO_LINKS];
 	size_t i, num_elem = 0;
 	u8 zero_mic[32];
 	size_t mic_len, fte_fixed_len;
@@ -971,6 +972,16 @@ int wpa_ft_mic(int key_mgmt, const u8 *kck, size_t kck_len, const u8 *sta_addr,
 		num_elem++;
 	}
 
+	if (link_addr) {
+		for (i = 0; i < MAX_NUM_MLO_LINKS; i++) {
+			if (is_zero_ether_addr(link_addr[i]))
+				continue;
+			addr[num_elem] = link_addr[i];
+			len[num_elem] = ETH_ALEN;
+			num_elem++;
+		}
+	}
+
 	for (i = 0; i < num_elem; i++)
 		wpa_hexdump(MSG_MSGDUMP, "FT: MIC data", addr[i], len[i]);
 	res = -1;
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index f503e9095..2a7c75224 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -452,6 +452,7 @@ struct rsn_rdie {
 #pragma pack(pop)
 #endif /* _MSC_VER */
 
+#define MAX_NUM_MLO_LINKS 15
 
 int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
 		      const u8 *buf, size_t len, u8 *mic);
@@ -485,6 +486,7 @@ int wpa_ft_mic(int key_mgmt, const u8 *kck, size_t kck_len, const u8 *sta_addr,
 	       const u8 *rsnie, size_t rsnie_len,
 	       const u8 *ric, size_t ric_len,
 	       const u8 *rsnxe, size_t rsnxe_len,
+	       const u8 link_addr[MAX_NUM_MLO_LINKS][ETH_ALEN],
 	       u8 *mic);
 int wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len,
 		      const u8 *ssid, size_t ssid_len,
@@ -556,8 +558,6 @@ int wpa_compare_rsn_ie(int ft_initial_assoc,
 		       const u8 *ie2, size_t ie2len);
 int wpa_insert_pmkid(u8 *ies, size_t *ies_len, const u8 *pmkid);
 
-#define MAX_NUM_MLO_LINKS 15
-
 struct wpa_ft_ies {
 	const u8 *mdie;
 	size_t mdie_len;
diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 35fad9f1d..b88f1d2c6 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -472,6 +472,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
 			       ftie_pos, 2 + *ftie_len,
 			       (u8 *) rsnie, 2 + rsnie->len, ric_ies,
 			       ric_ies_len, rsnxe_len ? rsnxe : NULL, rsnxe_len,
+			       NULL,
 			       fte_mic) < 0) {
 			wpa_printf(MSG_INFO, "FT: Failed to calculate MIC");
 			os_free(buf);
@@ -1146,6 +1147,7 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
 		       parse.ric, parse.ric_len,
 		       parse.rsnxe ? parse.rsnxe - 2 : NULL,
 		       parse.rsnxe ? parse.rsnxe_len + 2 : 0,
+		       NULL,
 		       mic) < 0) {
 		wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC");
 		return -1;
diff --git a/wlantest/rx_mgmt.c b/wlantest/rx_mgmt.c
index 74f520cc6..9e9480a12 100644
--- a/wlantest/rx_mgmt.c
+++ b/wlantest/rx_mgmt.c
@@ -1424,6 +1424,7 @@ static void rx_mgmt_reassoc_req(struct wlantest *wt, const u8 *data,
 			       parse.ric, parse.ric_len,
 			       parse.rsnxe ? parse.rsnxe - 2 : NULL,
 			       parse.rsnxe ? parse.rsnxe_len + 2 : 0,
+			       NULL,
 			       mic) < 0) {
 			add_note(wt, MSG_INFO, "FT: Failed to calculate MIC");
 			return;
@@ -1937,6 +1938,7 @@ static void rx_mgmt_reassoc_resp(struct wlantest *wt, const u8 *data,
 			       parse.ric, parse.ric_len,
 			       parse.rsnxe ? parse.rsnxe - 2 : NULL,
 			       parse.rsnxe ? parse.rsnxe_len + 2 : 0,
+			       NULL,
 			       mic) < 0) {
 			add_note(wt, MSG_INFO, "FT: Failed to calculate MIC");
 			return;