This procedure will be used for PB discovery as well, so move the
frequency array generation into a helper function.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
EVP_PKEY_derive() might report a larger maximum size of the output than
HPKE_MAX_SHARED_SECRET_LEN under some conditions. That should be allowed
as long as the real final length is within the maximum limit.
Furthermore, since we are using a fixed length buffer for this, there is
no need to call EVP_PKEY_derive() twice to first learn the maximum
length. Use a bit longer buffer and allow OpenSSL to take care of the
update to the final length internally with than single call.
This showed up using the following test case sequence:
dbus_pkcs11 dpp_private_peer_introduction
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
dpp_discard_public_action=1 was not supposed to prevent network
introduction, i.e., it was only for frames that could go through the
DPP-over-TCP path. Fix this not to prevent network introduction when
using DPP-over-TCP to configure a DPP AKM profile.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
For now, do not include 6 GHz channels since finding a Configurator from
a large number of channels would take excessive amount of time.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This can be helpful for upper layers to be able to determine whether the
configuration was rejected.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Enhance QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event for the
driver to indicate the information of the associated links of MLO
roaming.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Configurator station seems to be unable to get the first Authentication
Request frame transmitted through mac80211_hwsim for some reason. It is
not really clear why this happens and why it started happening now, but
as a temporary workaround, wait a second here since that seems to avoid
this for some unknown reason.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
sae.c depends on wpa_common.c now and as such, this test build needs to
pull in whatever is needed there and that happens to include sha1-prf.c.
Add that to the fuzzer to fix the build.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This test case assumed that the p2p_pref_chan 128:44 parameter would
have resulted in channel 44 (5220 MHz) being selected. That does not
work anymore since that channel was marked to require DFS/radar
detection in regdb. Fix the text case by changing to use another country
with rules that match the test case expectations.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It looks like some test cases could fail due to timeouts since the 10
second wait may not be sufficient to cover some cases where 6 GHz
channels get scanned. Increase the timeouts to avoid hitting such cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The initial timeout of 10 seconds for the first scan before knowing
whether the driver reports scan completion events may not be sufficient
in cases where the driver ends up scanning a large number of channels.
In particular, this could be hit with 6 GHz support. Increase this
timeout when the driver indicates support for 6 GHz channels.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It looks like the host update of regulatory information can still get
through somehow, so add alternative expected values for the supported
operating classes for cases where 6 GHz frequencies were added recently.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The <openssl/buf.h> include is relevant in both OpenSSL and BoringSSL
because the file uses BUF_MEM (include what you use). OpenSSL just
happened to include it via another file. OpenSSL also spells it
<openssl/buffer.h>, not matching the type, so use the compatible
spelling.
Additionally all the CHECKED_CAST and manual STACK_OF(T) definitions
call into BoringSSL internals. The correct, public APIs are simply to
just use the same code as OpenSSL and call the DEFINE_STACK_OF macros.
Signed-off-by: David Benjamin <davidben@google.com>
Commit 74818ca63f ("Process
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH after NL80211_CMD_ROAM")
added workaround to hold the pending
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event data for up to 100 ms
in case NL80211_CMD_ROAM is not received first. The 100 ms wait period
was sufficient for most of the cases but it's observed that some times
kernel is taking more than 100 ms to process and send NL80211_CMD_ROAM
to userspace.
If NL80211_CMD_ROAM takes more than 100 ms
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event data getting ignored
though wpa_supplicant has it. To avoid this remove timeout for
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event data since driver
always indicates NL80211_CMD_ROAM along with
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH.
In addition, clear the pending event data when marking the interface
disconnected since the roaming information is supposed to be used only
when reassociating without a disconnection.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
ipv4_params/ip6_params in type4_params maintains separate classifier
mask while type4_params already has a common classifier_mask. Lets
use the common classifier mask for both ipv4/ipv6 params and remove
the redundant params_mask in ipv4_params/ip6_params.
Signed-off-by: Purushottam Kushwaha <quic_pkushwah@quicinc.com>
Previously when chains of BT and WLAN 2.4 GHz are separated,
hybrid mode will be used for BTC. Now adding fixed FDD mode
to fulfill different BTC scenarios.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The Enrollee may report its supported curves in the bootstrapping URI.
If it does that, the Configurator may stop generating the Config Object
that would depend on the Enrollee using a curve that it did not indicate
as being supported. Check for this case while proessing the Config
Request and stop Configurator from building a configuration that is
known not to work.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The DPP_CONTROLLER_START control interface command can be used without
any arguments, so do not force at least a single argument to be included
in wpa_cli and hostapd_cli.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
CRYPTO_RSA_OAEP_SHA256 is not sufficient here since ssid->eap does not
exist without IEEE8021X_EAPOL.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Select the PMK length based on the used group (prime length) when using
the new AKM suites for SAE.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
SAE authentication needs to known which AKM suite is being used to be
able to determine the correct PMK length for the new AKM suite selectors
that use variable length keys.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The new SAE AKM suites are defined to use H2E, so ignore the sae_pwe
value when these AKM suites are used similarly to the way H2E gets
enabled when SAE Password Identifiers are used.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Update the AKM suite specific mapping of various EAPOL-Key key lengths
and algorithms to include the new SAE AKM suites with variable length
keys.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Define new WPA_KEY_MGMT_* values for the new SAE AKM suite selectors
with variable length keys. This includes updates to various mapping and
checking of the SAE key_mgmt values.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use the existing helper function instead of maintaining multiple copies
of lists of SAE key management suites.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This was already done in hostapd and same is needed for wpa_supplicant
to avoid testing issues due to session overlap detection from previous
test cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The new DPP-RELAY-NEEDS-CONTROLLER control interface event can be used
to trigger mDNS discovery of a Controller to see if such a connection
can be established automatically at the time an Enrollee is trying to
initiate an operation.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The new control interface commands "DPP_RELAY_ADD_CONTROLLER <IP addr>
<PK hash>" and "DPP_RELAY_REMOVE_CONTROLLER <IP addr>" can now be used
to dynamically add and remove connections to Controllers for the cases
where the connection is initialized through a DPP Public Action frame
(i.e., Controller as the Responder).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Instead of requiring explicit configuration through
dpp_configurator_connectivity=1, advertise Configurator connectivity
automatically if a Relay is configured with a Controller that can
operate as a Responder.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Accept an incoming TCP connection from a Controller in a Relay that is
configured with dpp_relay_port even if that Controller is not configured
with a dpp_controller parameter. This allows more dynamic Controller
initiated operations, e.g., when using mDNS to discover a Relay.
This type of a dynamic Controller entry will not be used for exchanges
that are initiated by an Enrollee (i.e., based on a DPP Public Action
frame received by the Relay).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Verify that the peer does not change its bootstrapping key between the
PKEX exchange and the authentication exchange.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When PKEX was started through the push button mechanism, the own
bootstrapping key was not bound correctly to the Authentication phase
information and that ended up in incorrectly generating a new
bootstrapping key for the Authentication exchange. Fix this by added the
needed own=<id> parameter into the cached parameters when using push
button.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The peer=<id> information about the specific boostrapping key provided
through PKEX was added for Public Action frame cases, but the TCP
variant did not do same. Add the same information there to maintain
knowledge of the specific peer bootstrapping key from PKEX to
Authentication exchange.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Extend DPP push button support in wpa_supplicant to allow the role of
the Configurator to be used. This provides similar functionality to the
way the DPP_PUSH_BUTTON command in hostapd worked when providing the
configuration parameters with that command (instead of building the
config object based on current AP configuration).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>