PASN: Set keys from PTKSA cache for a valid PTKSA entry
Set secure ranging context to the driver for a valid PTKSA entry in the PTKSA cache, if available. When the driver requests for PASN keys, wpa_supplicant configures the keys from its cache if the keys for the peer derived with the same own MAC address are available in the cache instead of doing the full PASN handshake again. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
e2c3cdf2ca
commit
edd89d6dbb
1 changed files with 44 additions and 0 deletions
|
@ -446,6 +446,38 @@ static int wpas_pasn_get_params_from_bss(struct wpa_supplicant *wpa_s,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int wpas_pasn_set_keys_from_cache(struct wpa_supplicant *wpa_s,
|
||||||
|
const u8 *own_addr, const u8 *bssid,
|
||||||
|
int cipher, int akmp)
|
||||||
|
{
|
||||||
|
struct ptksa_cache_entry *entry;
|
||||||
|
|
||||||
|
entry = ptksa_cache_get(wpa_s->ptksa, bssid, cipher);
|
||||||
|
if (!entry) {
|
||||||
|
wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR
|
||||||
|
" not present in PTKSA cache", MAC2STR(bssid));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (os_memcmp(entry->own_addr, own_addr, ETH_ALEN) != 0) {
|
||||||
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"PASN: own addr " MACSTR " and PTKSA entry own addr "
|
||||||
|
MACSTR " differ",
|
||||||
|
MAC2STR(own_addr), MAC2STR(entry->own_addr));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache",
|
||||||
|
MAC2STR(bssid));
|
||||||
|
wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, bssid, cipher,
|
||||||
|
entry->ptk.tk_len,
|
||||||
|
entry->ptk.tk,
|
||||||
|
entry->ptk.ltf_keyseed_len,
|
||||||
|
entry->ptk.ltf_keyseed, 0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s,
|
static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s,
|
||||||
struct pasn_auth *pasn_params)
|
struct pasn_auth *pasn_params)
|
||||||
{
|
{
|
||||||
|
@ -467,6 +499,15 @@ static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s,
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (wpas_pasn_set_keys_from_cache(wpa_s, peer->own_addr,
|
||||||
|
peer->peer_addr,
|
||||||
|
peer->cipher,
|
||||||
|
peer->akmp) == 0) {
|
||||||
|
peer->status = PASN_STATUS_SUCCESS;
|
||||||
|
wpa_s->pasn_count++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
if (wpas_pasn_get_params_from_bss(wpa_s, peer)) {
|
if (wpas_pasn_get_params_from_bss(wpa_s, peer)) {
|
||||||
peer->status = PASN_STATUS_FAILURE;
|
peer->status = PASN_STATUS_FAILURE;
|
||||||
wpa_s->pasn_count++;
|
wpa_s->pasn_count++;
|
||||||
|
@ -1980,6 +2021,9 @@ int wpas_pasn_auth_tx_status(struct wpa_supplicant *wpa_s,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr,
|
||||||
|
pasn->bssid, pasn->cipher,
|
||||||
|
pasn->akmp);
|
||||||
wpas_pasn_auth_stop(wpa_s);
|
wpas_pasn_auth_stop(wpa_s);
|
||||||
|
|
||||||
wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS);
|
wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS);
|
||||||
|
|
Loading…
Reference in a new issue