From f705f41b7fbf914a3e4b076ad1c73555ef89707c Mon Sep 17 00:00:00 2001 From: Vidyullatha Kanchanapally Date: Wed, 22 Mar 2017 16:10:05 +0530 Subject: [PATCH] FILS: Update PMKSA cache with FILS shared key offload Add a new PMKSA cache entry within wpa_supplicant if a driver event from offloaded FILS shared key authentication indicates a new PMKSA entry was created. Signed-off-by: Jouni Malinen --- src/rsn_supp/wpa.c | 10 ++++++++++ src/rsn_supp/wpa.h | 3 +++ wpa_supplicant/events.c | 17 +++++++++++++++++ 3 files changed, 30 insertions(+) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index c863ce41b..67ec80c2f 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -3079,6 +3079,16 @@ wpa_sm_pmksa_cache_add_entry(struct wpa_sm *sm, } +void wpa_sm_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, + const u8 *pmkid, const u8 *bssid, + const u8 *fils_cache_id) +{ + sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, NULL, 0, + bssid, sm->own_addr, sm->network_ctx, + sm->key_mgmt, fils_cache_id); +} + + void wpa_sm_drop_sa(struct wpa_sm *sm) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK"); diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 2f41c230c..3368d9365 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -157,6 +157,9 @@ struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_head(struct wpa_sm *sm); struct rsn_pmksa_cache_entry * wpa_sm_pmksa_cache_add_entry(struct wpa_sm *sm, struct rsn_pmksa_cache_entry * entry); +void wpa_sm_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len, + const u8 *pmkid, const u8 *bssid, + const u8 *fils_cache_id); void wpa_sm_drop_sa(struct wpa_sm *sm); int wpa_sm_has_ptk(struct wpa_sm *sm); diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index bb13d54ac..fcfd3bcd6 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -3629,9 +3629,26 @@ static void wpa_supplicant_event_assoc_auth(struct wpa_supplicant *wpa_s, data->assoc_info.ptk_kek_len); #ifdef CONFIG_FILS if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS) { + struct wpa_bss *bss = wpa_bss_get_bssid(wpa_s, wpa_s->bssid); + const u8 *fils_cache_id = wpa_bss_get_fils_cache_id(bss); + /* Update ERP next sequence number */ eapol_sm_update_erp_next_seq_num( wpa_s->eapol, data->assoc_info.fils_erp_next_seq_num); + + if (data->assoc_info.fils_pmk && data->assoc_info.fils_pmkid) { + /* Add the new PMK and PMKID to the PMKSA cache */ + wpa_sm_pmksa_cache_add(wpa_s->wpa, + data->assoc_info.fils_pmk, + data->assoc_info.fils_pmk_len, + data->assoc_info.fils_pmkid, + wpa_s->bssid, fils_cache_id); + } else if (data->assoc_info.fils_pmkid) { + /* Update the current PMKSA used for this connection */ + pmksa_cache_set_current(wpa_s->wpa, + data->assoc_info.fils_pmkid, + NULL, NULL, 0, NULL); + } } else { wpa_sm_set_rx_replay_ctr(wpa_s->wpa, data->assoc_info.key_replay_ctr);