Commit graph

2495 commits

Author SHA1 Message Date
Michal Kazior
d9d5e55c54 DPP: Respond to GAS on the same channel it was received on
When I was testing dpp_auth_init on an AP with Enrollee on a different
channel from the AP I was getting failures. This happened on hwsim in
UML with time-travel for me. I don't recall seeing this with real
devices, presumably because of lax offchan implementation.

The DPP authentication would succeed. However the station would then try
to get configuration through a GAS request and fail.

The AP reported the following logs (grepped):

> 1614762426.860212: RX_ACTION category 4 action 10 sa 02:00:00:00:01:00 da 02:00:00:00:00:00 len 227 freq 2412
> 1614762426.860212: wlan0: GAS: GAS Initial Request from 02:00:00:00:01:00 (dialog token 239)
> 1614762426.860233: DPP: Wait for Configuration Result
> 1614762426.860234: nl80211: Send Action frame (ifindex=5, freq=2462 MHz wait=0 ms no_cck=0 offchanok=0)
> 1614762428.861186: DPP: Timeout while waiting for Configuration Result
> 1614762428.861186: wlan0: DPP-CONF-FAILED

While the STA reported the following logs (grepped):

> 1614762426.860193: wlan1: DPP-AUTH-SUCCESS init=0
> 1614762426.860195: DPP: Stop listen on 2412 MHz
> 1614762426.860202: wlan1: GAS-QUERY-START addr=02:00:00:00:00:00 dialog_token=239 freq=2412
> 1614762428.861185: GAS: No response received for query to 02:00:00:00:00:00 dialog token 239
> 1614762428.861189: DPP: GAS query did not succeed
> 1614762428.861189: wlan1: DPP-CONF-FAILED

AP would still receive the GAS request on ch1 but would then try to
respond on ch11 while STA was waiting on ch1.

Signed-off-by: Michal Kazior <michal@plume.com>
2022-12-18 21:07:56 +02:00
Jouni Malinen
3a2d275522 Make MFPR value from an associated STA available as hostapdMFPR
This can be helpful for testing purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-12-18 21:07:56 +02:00
Jouni Malinen
f4096e7cd5 EHT: Update EHT Operation element to P802.11be/D2.3 in AP settings
IEEE P802.11be/D2.0 added a 4-octet Basic EHT-MCS And Nss Set field into
the EHT Operation element. cfg80211 is now verifying that the EHT
Operation element has large enough payload and that check is failing
with the previous version. This commit does not really set the correct
Basic EHT-MCS And Nss Set values, but the IE length check is now passing
to allow initial mac80211_hwsim testing to succeed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-12-17 20:32:15 +02:00
Andrei Otcheretianski
694a1c6873 SAE: Make sme_sae_auth() return IE offset
Authentication frames include several fixed body parts (see Table 9-68
(Authentication frame body) and Table 9-69 (Presence of fields and
elements in Authentication frames) in IEEE P802.11-REVme/D2.0).

To be able to parse the IE part, these fields need to be skipped. Since
SAE logic already implements this parsing, change SAE authentication
handling functions to return the offset to the IE part. This preparation
is needed for future MLD patches that need to parse out the ML related
elements in the Authentication frames.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-17 17:11:16 +02:00
Andrei Otcheretianski
3d798ff2a4 PASN: Align RSNXE with IEEE P802.11az/D7.0 definitions
RSNXE bits were modified, so update the relevant places accordingly.
Please note, WLAN_RSNX_CAPAB_PROT_RANGE_NEG was renamed to
WLAN_RSNX_CAPAB_URNM_MFPR and the bit position is changed to 15 instead
of 10, while BIT 10 is used for WLAN_RSNX_CAPAB_URNM_MFPR_X20 and is not
supported yet.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-16 22:35:19 +02:00
Johannes Berg
054fcfab6f hostapd: Add require_he configuration
Add the ability to require HE, advertising that via the
BSS membership selector as well as rejecting association
without HE.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-16 20:31:14 +02:00
Qiwei Cai
c46351d10e DFS: Clear cac_started when AP is disabled
When AP is started on a DFS channel and DFS is offloaded to the driver,
AP setup will be separated to two stages. In the first stage, hostapd
will set frequency and initialize BSS, then waits the driver CAC to
complete. Once CAC done, in the second stage,
hostapd_setup_interface_complete() will be called again from a callback
to continue AP/channel setup.

But the driver will fail to restart AP if it is disabled/reenabled
during a driver CAC procedure because some steps such as setting
freq/beacon in the first stage are skipped due to cac_started not
cleared when the AP is disabled.

Avoid this by clearing cac_started when the AP is disabled.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-15 18:43:43 +02:00
Aloka Dixit
3df42cf3c7 EHT: Use HE operating channel width in MCS length calculation
Channel width in HE Capabilities element added to management frames is
calculated in hostapd_eid_he_capab() by intersecting the driver
capabilities and the operating channel width. Kernel uses this value
from the Beacon frames to verify EHT capabilities length. However, EHT
MCS length calculation uses only the driver capabilities which results
in EHT AP bring up failure in some cases dues to different lengths.

Modify the EHT code to use the HE operating channel width as well to
determine matching length for the information.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-15 18:41:31 +02:00
David Ruth
ad4fa5dd3c Add more nl80211 info to struct wpa_signal_info
Facilitate emitting more station information over D-Bus for use by the
connection manager.

* Add storage for more NL80211_STA_INFO_* fields to data structures, and
  move them through the system.
* Reorder NL80211_STA_INFO_* fields in driver_nl80211.c to match the
  ordering in nl80211.h.
* Convert signal field to an integer to support holding WPA_INVALID_NOISE
  and avoid changing logging.

* Add fields to hostap_sta_driver_data to capture more information
	* fcs_error_count
	* beacon_loss_count
	* expected_throughput
	* rx_drop_misc
	* rx_mpdus
	* rx_hemcs
	* tx_hemcs
	* rx_he_nss
	* tx_he_nss
	* avg_signal
	* avg_beacon_signal
	* avg_ack_signal
* Add struct hostap_sta_driver_data to struct wpa_signal_info and remove
  redundant fields and redundant attribute parsing
	* Change logging when printing txrate to handle unsigned long
	  value

Signed-off-by: David Ruth <druth@chromium.org>
2022-12-03 10:42:16 +02:00
Jouni Malinen
090f0f8c70 mbssid: Indicate MBSSID information in RNR
Indicate whether the collocated BSS in the RNR is a part of a multiple
BSSID set and whether it is a transmited BSSID.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-02 23:06:32 +02:00
Aloka Dixit
54b1352efd mbssid: Make the AID space shared
As described in IEEE Std 802.11-2020, 11.1.3.8 Multiple BSSID procedure,
set the lowest AID value assigned to any client equal to 2^n, where n is
the maximum BSSID indicator of the MBSSID set.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 20:47:49 +02:00
Aloka Dixit
10749c3c48 mbssid: Process Known BSSID element
Process the Known BSSID elements if included by non-AP stations. The
format is described in IEEE Std 802.11ax-2021, 9.4.2.261.

Non-AP stations may include this element in directed Probe Request
frames to indicate which of the multiple BSSIDs they have already
discovered. AP should exclude these profiles from the Probe Response
frame.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 20:45:05 +02:00
Aloka Dixit
15690faada mbssid: Add MBSSID Configuration element
Add Multiple BSSID Configuration element data per IEEE Std
802.11ax-2021, 9.4.2.260 when enhanced multiple BSSID advertisement
(EMA) is enabled. This element informs the stations about the EMA
profile periodicity of the multiple BSSID set.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 20:37:33 +02:00
Aloka Dixit
fc2e4bac5a mbssid: Set extended capabilities
Set extended capabilities as described in IEEE Std 802.11ax-2021,
9.4.2.26. Reset the capability bits to 0 explicitly if MBSSID and/or EMA
is not enabled because otherwise some client devices fail to associate.

Bit 80 (complete list of non-tx profiles) is set for all Probe Response
frames, but for Beacon frames it is set only if EMA is disabled or if
EMA profile periodicity is 1.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 20:21:11 +02:00
Aloka Dixit
a004bf2cd0 mbssid: Configure parameters and element data
Add helper functions to retrieve the context for the transmitting
interfaces of the MBSSID set and the index of a given BSS.

Set device parameters: BSS index and the transmitting BSS.

Include Multiple BSSID elements in Beacon and Probe Response frames.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 19:53:15 +02:00
Aloka Dixit
c5a09b051a mbssid: Add Non-Inheritance element
Add data per IEEE Std 802.11-2020, 9.4.2.240. Current implementation is
added for the security and extended supported rates only.

For the Extended rates element, add a new member 'xrates_supported'
which is set to 1 only if hostapd_eid_ext_supp_rates() returns success.
Without this change, there are cases where this function returns before
adding the element for the transmitting interface resulting in incorrect
addition of this element inside the MBSSID Non-Inheritance element.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
Co-developed-by: Sowmiya Sree Elavalagan <quic_ssreeela@quicinc.com>
Signed-off-by: Sowmiya Sree Elavalagan <quic_ssreeela@quicinc.com>
2022-12-02 19:40:49 +02:00
Aloka Dixit
920b56322d mbssid: Functions for building Multiple BSSID elements
Add Multiple BSSID element data per IEEE Std 802.11ax-2021, 9.4.2.45.
Split the BSSes into multiple elements if the data does not fit in
the 255 bytes allowed for a single element.

Store the total count of elements created and the offset to the start
of each element in the provided buffer.

Set the DTIM periods of non-transmitted profiles equal to the EMA
profile periodicity if those are not a multiple of the latter already as
recommended in IEEE Std 802.11ax-2021, Annex AA (Multiple BSSID
configuration examples).

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 19:25:40 +02:00
Aloka Dixit
931e5d4f9e mbssid: Configure all BSSes before beacon setup
When multiple BSSID advertisement feature is enabled in IEEE 802.11ax
mode or later, Beacon frames are not transmitted per interface, instead
only one of the interfaces transmits Beacon frames that include one or
more Multiple BSSID elements with configuration for the remaining
interfaces on the same radio.

Change the existing logic such that all configuration details for all
the interfaces are available while building the Beacon frame template
for the transmitting interface itself.

Do not change the flow for the cases where multiple BSSID advertisement
is not enabled.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 19:05:11 +02:00
Aloka Dixit
78d0b98995 mbssid: Retrieve driver capabilities
Retrieve driver capabilities for the maximum number of interfaces for
MBSSID and the maximum allowed profile periodicity for enhanced MBSSID
advertisement.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 16:43:59 +02:00
Aloka Dixit
7452e54477 mbssid: Add new configuration option
Add configuration option 'mbssid' used to enable multiple BSSID (MBSSID)
and enhanced multiple BSSID advertisements (EMA) features.

Reject the configuration if any of the BSSes have hidden SSID enabled.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 16:36:19 +02:00
Daniel Gabay
bb67d5b52b AP: Add testing option to delay EAPOL Tx
Add a testing option to delay EAPOL-Key messages 1/4 and 3/4. By setting
delay_eapol_tx=1, the actual EAPOL Tx will occur on the last possible
attempt (wpa_pairwise_update_count) thus all previous attempts will fail
on timeout which is the wanted delay.

In addition, add an hwsim test that uses this testing option to verify
that non protected Robust Action frames are dropped prior to keys
installation in MFP.

Signed-off-by: Daniel Gabay <daniel.gabay@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-02 13:07:03 +02:00
Jouni Malinen
1a800a9400 EAP-TEAP server: Allow tunneled EAP method sequence to be optimized
Include the start of the next EAP method in an EAP Payload TLV in the
same message with the Crypto-Binding TLV for the previous EAP method to
get rid of one roundtrip when using more than a single EAP
authentication method within the tunnel. The previous, not optimized,
sequence can still be used with eap_teap_method_sequence=1 for more
complete testing coverage.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-01 17:53:05 +02:00
Jouni Malinen
bbd5a4689b SAE: Add an enum for defining sae_pwe parameter values
Make this more readable by replacing magic numbers with enum values.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-29 20:37:23 +02:00
Nicolas Escande
20bfd4feb3 AP: Enable H2E on 6 GHz when SAE is used
Even if the use of H2E isn't strictly mandatory when using SAE on 6 GHz,
WPA3-Personal pushes it on 6 GHz. So lets automatically enable it by
setting sae_pwe=2. This will allow both the hunting-and-pecking and
hash-to-element to work (and be backward compatible).

Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
2022-11-29 18:56:47 +02:00
Michal Kazior
043dedee83 DPP: Expose enrollee pubkey hash for identification
Just like with WPA-PSK and keyids it may be desired to identify
connecting clients to provide additional network filtering.

This does:

 - extend DPP_EVENT_AUTH_SUCCESS to expose public
   key hash of the peer so the system can pick it
   up and use for identification later

 - store public key hash in PMKSA from DPP Network
   Intro for later use

 - extend sta mib to print out the dpp_pkhash
   from PMKSA if present

 - extend AP_STA_CONNECTED to include the
   dpp_pkhash from PMKSA if present

Signed-off-by: Michal Kazior <michal@plume.com>
2022-11-29 13:55:53 +02:00
Michal Kazior
2d8974e314 DPP: Move DPP_EVENT_AUTH_SUCCESS to a helper
This event is generated in a couple of places. It'll be easier to extend
the event with additional metadata if it's generated in a single place.

Signed-off-by: Michal Kazior <michal@plume.com>
2022-11-29 13:55:36 +02:00
Nicolas Escande
4cb23b66d6 ACS: Allow selecting a better channel when using 40/80/160 MHz
When considering a channel for a bandwidth of 40/80/160 MHZ on the 5 GHz
or 6 GHz band, allow selecting one of the other channels in the segment
instead of the first one. This is done only if the other channel's
interference_factor is lower than the first one's.

Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
2022-11-28 23:31:33 +02:00
Nicolas Escande
472101684b ACS: introduce acs_adjust_secondary
When using 40/80/160 MHz bandwidth on the 5 GHz or 6 GHz band, enforce
the secondary channel to be the other channel of the corresponding 40
MHz segment.

Even if this is useless for now, this is preparatory work to allow ACS
to select a primary channel which is not the first of its segment.

Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
2022-11-28 23:23:13 +02:00
Nicolas Escande
60e2934cbf ACS: Introduce acs_get_bw_center_chan()
When using 40/80/160 MHz bandwidth, instead of computing the index of
the segment center freq based on the selected channel, lets look it up
in the bw_desc[] table.

This is preparative work to allow selecting a primary channel which is
not the first of the segment.

Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
2022-11-28 23:22:35 +02:00
Nicolas Escande
ed8e13decc ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan()
This extracts the 3 lists of allowed channels for 40/80/160 MHz
bandwidth out of their respective functions. It also adds for each
segment the frequency of the segment's last channel and the index of the
segment's "center" channel.

This is preparative work to allow selecting a channel which is not the
first of its segment for 40/80/160 MHz. In addition, this adds the 5 GHz
160 MHz channel defined for 5735-5895 MHz (channels 149-177).

Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
2022-11-28 23:22:30 +02:00
Raphaël Mélotte
af1528a128 hostapd: Add RELOAD_BSS
When using multiple BSSes on a single radio, it is sometimes desirable
to reconfigure one BSS, without disconnecting the stations already
connected to other BSSes on the same radio.

When a BSS is reconfigured using the SET command, there is no "old"
configuration we can compare to (so we cannot compare a hash of the
configuration for example).

One possible solution would be to make the current RELOAD command
reload only the current BSS. However, that could break the workflow of
existing users. Instead, introduce a new RELOAD_BSS command, which
reloads only the current BSS.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
2022-11-27 15:49:48 +02:00
Raphaël Mélotte
b37c3fbad4 hostapd: Add config_id parameter
Add a new configuration parameter: config_id.

If set, only do hostapd_clear_old() for the BSSes for which the
config_id changed.

This makes it possible to reconfigure specific BSSes on a radio,
without disconnecting clients connected to other, unchanged BSSes of
the same radio.

This patch adapted from a patch authored by John Crispin in the
OpenWrt repository:
https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/network/services/hostapd/patches/700-wifi-reload.patch;h=c5ba631a0fc02f70714cb081b42fcf6cb9694450;hb=60fb4c92b6b0d1582d31e02167b90b424185f3a2

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
2022-11-27 15:41:19 +02:00
Raphaël Mélotte
46f6a32775 Split BSS-specific hostapd_clear_old_bss() from hostapd_clear_old()
In hostapd_clear_old() multiple steps are needed to clear a BSS.
There are some places where it would be desirable to clear only some
BSSes and not all.

To make it easier to clear only some BSSes, split hostapd_clear_old()
with hostapd_clear_old_bss(), which does the same actions but on a
single BSS.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
2022-11-27 15:35:26 +02:00
Jouni Malinen
1d42dafce6 RSN: Do not include RC4 use in FIPS builds
CONFIG_NO_RC4=y could have been used to remove this functionality, but
it might as well be done automatically based on CONFIG_FIPS=y as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-11-26 11:34:30 +02:00
Mert Ekren
c823197bde SAE: Use Challenge Failure status code in confirm message failure cases
IEEE Std 802.11-2020, 12.4.7.6 says that status code CHALLENGE_FAILURE,
needs to be sent in case the verification action fails for SAE Confirm
message frame from a STA: "An SAE Confirm message, with a status code
not equal to SUCCESS, shall indicate that a peer rejects a previously
sent SAE Confirm message. An SAE Confirm message that was not
successfully verified is indicated with a status code of
CHALLENGE_FAILURE."

hostapd, however, did not use this status code for this case. In
ieee802_11.c the function sae_check_confirm() is called and in case of
verification failure (-1 is returned), the response is set to
WLAN_STATUS_UNSPECIFIED_FAILURE (status code = 1). Fix this to use
CHALLENGE_FAILURE.

Signed-off-by: Koen Van Oost <koen.vanoost@airties.com>
Signed-off-by: Mert Ekren <mert.ekren@airties.com>
2022-11-24 12:09:38 +02:00
Jouni Malinen
e91ac53d53 DFS: Do not allow channel checks to go beyond the channel list
Explicitly check for invalid cases where the configured channel and
bandwidth might result in the full channel number range going beyond the
list of supported channels to avoid reading beyond the end of the
channel buffer.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-23 22:51:50 +02:00
Qiwei Cai
b6c38cee93 Skip CAC if the driver switches channel to non-DFS
If an AP is started on a DFS channel (or any channels within its
bandwidth require DFS) and DFS is offloaded to the driver, hostapd needs
to wait for CAC to complete. But the driver may not do CAC and just
switches to a non-DFS channel instead. This would result in a failure to
start the AP because hostapd fails to receive a CAC complete event and
cannot finish interface setup.

Skip CAC and complete AP setup in the channel switch event handler for
this case.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-23 18:32:46 +02:00
Jouni Malinen
34d93b0c9d HS 2.0: Deauthenticate STA on deauth-imminent more quickly if no URL
When the RADIUS server requests a STA to be deauthenticated imminently
without providing a reason URL, there is no need to allow the STA spend
any additional time associated. Deauthenticate the STA immediately after
it has ACK'ed the WNM-Notification frame indicating imminent
deauthentication or at latest two seconds after having processes the
Access-Accept message.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-21 22:57:38 +02:00
Jouni Malinen
40a42613e6 FT: Simplify FTE parsing for FT-SAE-EXT-KEY using MIC Length subfield
Commit 25b52e5f83 ("FT: Extend FTE parsing for FT-SAE-EXT-KEY") used
possible MIC length iteration to try to figure out the length of the MIC
field in FTE. That was the only option available at the time, but FTE is
now being extended in IEEE 802.11-REVme to explicitly indicate the
length of the MIC field for the new FT-SAE-EXT-KEY AKM to make this
easier.

Use the new design from the approved comment resolution (*) in
REVme/D2.0 ballot CID 3135 to simplify implementation. This gets rid of
the need to pass in key length and the somewhat strange need_{r0kh,r1kh}
parameters to wpa_ft_parse_ies().

(*)
https://mentor.ieee.org/802.11/dcn/22/11-22-1991-02-000m-proposed-resolutions-to-some-lb270-comments.docx

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-11-20 11:43:53 +02:00
Vinay Gannevaram
309765eb66 PASN: Use separate variables for BSSID and peer address
Using separate variables for BSSID and peer address is needed to support
Wi-Fi Aware (NAN) use cases where the group address is used as the BSSID
and that could be different from any other peer address. The
infrastructure BSS cases will continue to use the AP's BSSID as both the
peer address and BSSID for the PASN exchanges.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-10 21:12:50 +02:00
Veerendranath Jakkam
08512e5f35 MLD STA: Extend key configuration functions to support Link ID
Add support to specify a Link ID for set key operation for MLO
connection. This does not change the existing uses and only provides the
mechanism for extension in following commits.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-11-06 23:36:49 +02:00
Jouni Malinen
1ca5c2ec2a PASN: Fix spelling of RSNE in debug messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-11-06 17:11:47 +02:00
Jouni Malinen
a43536a72b PASN: Verify explicitly that elements are present before parsing
Make sure the elements were present before trying to parse them. This
was already done for most cases, but be consistent and check each item
explicitly before use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-11-06 17:10:45 +02:00
Vinay Gannevaram
ea241cbe9d PASN: Rename struct wpas_pasn to pasn_data
struct wpas_pasn is common to both initiator and responder, so rename it
to pasn_data to avoid the "wpas_" prefix that could be seen as a
reference to wpa_supplicant (PASN initiator).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 12:59:29 +02:00
Vinay Gannevaram
78c5bb7f50 PASN: Move responder functionality into a separate file
PASN responder validates auth 1 frame and sends auth 2 frame to the
initiator. It analyses the auth 3 frame and verifies successful
authentication. Wi-Fi Aware modules can reuse this functionality through
a shared library libpasn.so generated from this code. Move the PASN
functionality that is now decoupled from the hapd context into a
separate file in a common directory to make it easier to build such a
library.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
975b7a02cb Move SAE comeback token functionality into a separate file
This is helpful in being able to get the functionality needed for SAE
into a separate library (libpasn.so) without needing all of the
ieee802_11.c functionality.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
1711fe9121 PASN: Compute MIC from RSNE and RSNXE of the frame for Wi-Fi Aware
Wi-Fi Aware R4 specification defines Beacon RSNE/RSNXE to be same as
RSNE/RSNXE present in Auth2 frame. So, MIC validation should be done
with the RSNE and RSNXE received in Auth2 frame.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
6f80014b10 PASN: Allow custom PMKID in Authentication frames for Wi-Fi Aware
Wi-Fi Aware R4 specification introduces a custom PMKID derived from
Nonce and TAG. This custom PMKID is included in PASN Authentication
frames during pairing verification. So, allow use of a custom PMKID in
PASN frames and validate it using a function handler. Wi-Fi Aware
component that uses libpasn.so should take care of validating the custom
PMKID.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
e99047da2b PASN: Add a handler func to send mgmt frames to the driver from AP
Introduce a function handler to transmit PASN Authentication frames to
the driver. This removes the hapd dependency for sending the frames.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00
Vinay Gannevaram
4022ffc5db PASN: Store AKMP in the PTKSA cache
PTK is stored in the PTKSA cache following a successful PASN handshake,
however AKMP is removed upon a WPA PASN reset. The PASN handshake is
used in the Wi-Fi Aware R4 specification to define the pairing setup
process. KDK is used to generate a new set of keys, while AKMP is
required for key derivation for pairing. So, keep AKMP in the PTKSA
cache.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-04 00:52:17 +02:00