Commit graph

19144 commits

Author SHA1 Message Date
Chaitanya Tata
3e1fb2dec7 dragonfly: Fix legendre symbol calculation failure handling
In case of low-memory conditions, the computation for legendre symbol
can fail and return -2 as per documentation, but the check for that
was missed here. And this can can cause an infinite loop searching for
qr and qnr if the error repeats for each attempt.

Break the loop if calculation fails, we can leave retry to the callers
or user. This is similar to the way allocation and generation of a new
random number was handled in this loop.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
2023-11-06 20:07:05 +02:00
Mohan Prabu
76ae985b0a Remove QCA_WLAN_VENDOR_ATTR_CONFIG_MLO_LINK_ID constraint
Currently the documentation for QCA_WLAN_VENDOR_ATTR_CONFIG_MLO_LINK_ID
indicates it is only for use inside nest attribute
QCA_WLAN_VENDOR_ATTR_CONFIG_MLO_LINKS.  Update the documentation to
allow it to be used outside that nest as well.

Signed-off-by: Mohan Prabu <quic_mprabub@quicinc.com>
2023-11-06 20:02:46 +02:00
Jouni Malinen
cc1867f5ca MLD STA: Use MLD MAC address as destination for EAPOL-Key request
Also this EAPOL frame uses the MLD MAC address of the AP MLD when sent
during an MLO association.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-06 20:02:09 +02:00
Rohan Dutta
c92311fed7 MLD STA: Fix destination address for Group Key handshake msg 2/2
For MLO association, specify destination address as the MLD MAC address
for sending Group Key msg 2/2.

Signed-off-by: Rohan Dutta <quic_drohan@quicinc.com>
2023-11-06 19:58:22 +02:00
Jouni Malinen
1af364e3ce tests: AP MLD and GTK rekeying with MLD client connection using two links
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-06 19:56:41 +02:00
Gokul Sivakumar
4f20dd52ff wpa_cli/hostapd_cli: Add driver_flags2 command
Leverage the already available control socket cmd "DRIVER_FLAGS2" and
dump the driver capab "flags2" bitmask on triggering the new CLI CMD
"driver_flags2", similar to the already existing CLI CMD "driver_flags".

$ hostapd_cli -i wlan0 driver_flags2
(OR)
$ wpa_cli -i wlan0 driver_flags2
0000000000000020:
BEACON_RATE_HE

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:16:18 +02:00
Gokul Sivakumar
c0da381a31 nl80211: Add capa.flags2 to STATUS-DRIVER
This adds the newer driver capability "flags2" bitmask to the
hostapd_cli/wpa_cli "status driver" result.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:15:59 +02:00
Gokul Sivakumar
d193726aa1 nl80211: Dump driver_flags2 in debug prints
This was already done for driver_flags, but the newer driver_flags2 was
not covered here.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:15:41 +02:00
Gokul Sivakumar
ed1ae82a39 Update the driver_flags2 to string conversion
Populate the switch case in the driver_flag2_to_string() function with
the full list of feature MACROs represented with the "flags2" bitmask.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:14:32 +02:00
Gokul Sivakumar
bbc7ffe852 Rename driver capability for radar background detection
Use the WPA_DRIVER_FLAGS2_ prefer for this to be more consistent.

Signed-off-by: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
2023-11-06 15:07:01 +02:00
krishna T
5025047ac3 Fix use after free warning introduced by gcc 12.1
gcc 12.1 complains about using pointer after realloc as it could
potentially be moved/freed, causing any uses after UB.

Fix this by doing checks before realloc and use those statuses and
update with new BSS.

Signed-off-by: Krishna T <krishna.t@nordicsemi.no>
2023-11-06 10:57:34 +02:00
Chung-Hsien Hsu
236c0cfbcd SAE: Pass SAE password on connect for SAE authentication offload support
Pass SAE password on connect if driver advertises SAE authentication
offload support.

Signed-off-by: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Signed-off-by: Daisuke Mizobuchi <mizo@atmark-techno.com>
2023-11-05 20:35:10 +02:00
Chung-Hsien Hsu
6cc78b3945 nl80211: Set NL80211_WPA_VERSION_2 vs. _3 based on AKM
Signed-off-by: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Signed-off-by: Daisuke Mizobuchi <mizo@atmark-techno.com>
2023-11-05 20:35:10 +02:00
Chung-Hsien Hsu
c3b8452e0e nl80211: SAE authentication offload support
Set WPA_DRIVER_FLAGS2_SAE_OFFLOAD flag if the driver indicates SAE
authentication offload support for STA mode. Allow SAE password to be
provided to the driver in such cases when using the CONNECT command.

Signed-off-by: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Signed-off-by: Daisuke Mizobuchi <mizo@atmark-techno.com>
2023-11-05 20:35:07 +02:00
Ze Gan
750403f3ad mka: Fix re-establishment by resetting MI
The key server may be removed due to the ingress packets delay. In this
situation, the endpoint of the key server may not be aware of this
participant who has removed the key server from the peer list. Because
the egress traffic is normal, the key server will not remove this
participant from the peer list of the key server. So in the next MKA
message, the key server will not dispatch a new SAK to this participant.
And this participant cannot be aware of that that is a new round of
communication so that it will not update its MI at re-adding the key
server to its peer list. So we need to update MI to avoid the failure of
re-establishment MKA session.

Signed-off-by: Ze Gan <ganze718@gmail.com>
2023-11-05 19:25:27 +02:00
Ze Gan
61f0e19b86 mka: Fix unexpected cleanup on missing MKA_LIFE_TIME while installing SC/SA
The key server may not include dist sak and use sak in one packet.
Meanwhile, after dist sak, the current participant (non-key server) will
install SC or SA(s) after decoding the dist sak which may take few
seconds in real physical platforms. Meanwhile, the peer expire time is
always initialized at adding the key server to peer list. The gap
between adding the key server to peer list and processing next use sak
packet may exceed the threshold of MKA_LIFE_TIME (6 s). It will cause an
unexpected cleanup (delete SC and SA(s)), so update the expire timeout
at dist sak also.

Signed-off-by: Ze Gan <ganze718@gmail.com>
2023-11-05 19:13:07 +02:00
David Ruth
c84388ee4c Compile-time config for dynamically loading libraries in wpa_supplicant
Prevent loading arbitrary executable code based on config at runtime,
while allowing libraries to be specified at compile time when they are
known in advance.

Add the ability to configure libraries to load at compile time.
	* CONFIG_PKCS11_ENGINE_PATH - pkcs11_engine library location.
	* CONFIG_PKCS11_MODULE_PATH - pkcs11_module library location.
	* CONFIG_OPENSC_ENGINE_PATH - opensc_engine library location.

Add flags with the ability to set each of the libraries to NULL and
prevent loading them at runtime.
	* CONFIG_NO_PKCS11_ENGINE_PATH - prevents loading pkcs11_engine
	  library.
	* CONFIG_NO_PKCS11_MODULE_PATH - prevents loading pkcs11_module
	  library.
	* CONFIG_NO_OPENSC_ENGINE_PATH - prevents loading opensc_engine
	  library.
	* CONFIG_NO_LOAD_DYNAMIC_EAP - prevents loading EAP libraries at
	  runtime.

Signed-off-by: David Ruth <druth@chromium.org>
2023-11-05 10:23:29 +02:00
Juliusz Sosinowicz
890953a32c wolfSSL: Old FIPS APIs have void return
Fix the calls to wc_AesEncryptDirect(). Old versions of wolfCrypt FIPS
had wc_AesEncryptDirect() return void instead of int. Fix this build
issue.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:41:26 +02:00
Juliusz Sosinowicz
ec7f064fa7 wolfSSL: Implement DPP backend functions
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:41:26 +02:00
Juliusz Sosinowicz
b37238d3ac wolfSSL: Set up generator manually in FIPS build
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:41:26 +02:00
Juliusz Sosinowicz
8dabc1fede wolfSSL: Get EC generator for DPP
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:41:26 +02:00
Juliusz Sosinowicz
732ed5abe1 wolfSSL: Add crypto_ecdh_init2()
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:41:26 +02:00
Juliusz Sosinowicz
15a7c9b9e3 wolfSSL: Refactor crypto ECC section
Use heap allocated objects and improve error checking.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:41:26 +02:00
Juliusz Sosinowicz
41b5c9d8dc wolfSSL: Use wc_ecc_get_curve_size_from_id()
Avoid use of direct member access.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
378bef3697 wolfSSL: Use wc_ecc_forcezero_point() in non-FIPS builds
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
de38571b86 wolfSSL: More complete crypto_ec_key_group()
Add more curves and check if brainpool support is built.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
d48f6b9138 wolfSSL: EC group-to-id conversion into a helper function
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
a16916b749 wolfSSL: Improve logging
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
7ebb5469b3 wolfSSL: Improve error checking and logging in AES functions
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
10fd91d8fb wolfSSL: Better error message in pbkdf2_sha1() for FIPS password failure
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
aa4c4d079b wolfSSL: Always clean up resources and log errors in wolfssl_hmac_vector()
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
644d87c34a wolfSSL: Improve error checking in vector hashing functions
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
5e20b924da wolfSSL: Add crypto logging macros
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
a0e8d9ae71 wolfSSL: Add FIPS warning
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
48a65d47cd wolfSSL: Put wolfSSL headers in alphabetical order
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
a2eeb7f6dd wolfSSL: Add more precise logging in wolfssl_handshake()
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Juliusz Sosinowicz
83f144bf6a wolfSSL: Debug print ciphersuites
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2023-11-04 18:18:25 +02:00
Jouni Malinen
effe5bbff7 tests: Fix DPP test case skipping without CONFIG_DPP
dpp_config_legacy_gen_two_conf_psk and dpp_config_legacy_gen_two_conf
tried to set a DPP parameter before having verified that CONFIG_DPP was
used in the build.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 18:18:25 +02:00
Jouni Malinen
568a5a8159 EHT: Include crypto.h to avoid implicit function definition
crypto_ec_*() were not defined in some build configuration cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 15:05:15 +02:00
Jouni Malinen
004f618613 tests: Wait before initiating DPP from thread in sigma_dut testing
Starting a thread to initiate DPP before starting the responder through
sigma_dut can result in unexpected testing behavior since there may not
be enough time to get the responder enabled before timing out som
initiator actions. Wait a second at the beginning of the initiator
thread in dpp_init_conf() similarly to how this was handled in other
initiator-from-thread cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 12:41:02 +02:00
Jouni Malinen
cefd959566 tests: Terminate sigma_dut more forcefully if needed
Wait for stdout/stderr in a more robust manner to avoid blocking the
pipes and kill the sigma_dut process if it fails to terminate cleanly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 12:31:23 +02:00
Jouni Malinen
0776c51ed7 DPP: Handle wpas_dpp_connected() processing in eloop callback
wpas_dpp_connected() is called from wpa_supplicant_set_state(), i.e.,
from the middle of processing of the post 4-way handshake steps. Sending
a DPP Public Action frame at that point can delay other operations, so
allow those steps to be completed first before sending out the DPP
connection status result.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 11:58:14 +02:00
Jouni Malinen
8dd272fded tests: Avoid race condition in DPP GAS protocol testing
Responder receives Authentication Request and Config Request in a
sequence and it is possible for the Config Request to be received before
MGMT_RX_PROCESS has been processed for Authentication Request in the
cases where the test script is in the middle of RX processing. This can
result in DPP-AUTH-SUCCESS being delivered only after the MGMT-RX event
for Config Reques which means that wait_auth_success() would lose that
MGMT-RX event.

Avoid this issue by caching the "extra" MGMT-RX event within
wait_auth_success() and having the caller verify if the Config Request
(GAS Initial Request) has already been received before waiting to
receive it.

This makes dpp_gas, dpp_gas_comeback_after_failure, and
dpp_gas_timeout_handling more robust.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 11:33:15 +02:00
Jouni Malinen
5c5f86900b DPP: Start next auth init from driver event to avoid race condition
It looks like mac80211 ROC handling can end up postponing offchannel TX
operation by the previously started and already canceled wait time if
the new NL80211_CMD_FRAME is issued immediately after
NL80211_CMD_FRAME_WAIT_CANCEL. Make this more robust by waiting for the
driver event that indicates completion of the cancel operation (i.e.,
NL80211_CMD_FRAME_WAIT_CANCEL as an event) before issuing
NL80211_CMD_FRAME for another channel. If the driver event is not
received within 10 ms, start the operation anyway to avoid unexpected
behavior if there are drivers that do not end up notifying end of the
wait.

This fixes some issues with authentication initiation for cases where
multiple channels are iterated. This can also significantly speed up
that process.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 11:11:46 +02:00
Jouni Malinen
7e9efc3cdf tests: Handle race condition in eap_proto_md5_server
UML time travel allows the deauthentication event to be processed more
quickly than the delivery of EAP-Success to the client through the test
script, so accept either sequence here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-11-04 09:53:58 +02:00
Jouni Malinen
69be335a5d tests: Do not dump pending monitor events after connection
connect_network() tried to make test log more readable with a
dump_monitor() call at the end of the function. However, this could end
up practically dropping an event that arrives more or less immediately
after CTRL-EVENT-CONNECTED. This could happen with UML time travel,
e.g., in suite_b_192_pmksa_caching_roam.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-03 22:59:33 +02:00
Jouni Malinen
7fbd391138 tests: ap_hs20_remediation_required_ctrl with UML time travel
Wait for hostapd connection event before issue HS20_WNM_NOTIF to avoid a
race condition with UML time travel.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-03 22:28:22 +02:00
Jouni Malinen
f9965a6505 Use os_reltime_initialized() for Michael MIC failure event
The first event could have theoretically been received with reltime
sec=0, so use the helper function to check whether the reltime value is
actually set so that the usec part is checked as well. This is not going
to have a difference in practice, but it was possible to hit this corner
case with mac80211_hwsim testing (ap_cipher_tkip_countermeasures_sta)
using UML and time travel.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-11-03 22:02:18 +02:00
Ilan Peer
f321705e31 tests: Add basic test for 802.1X-SHA384 with EAP-PSK
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-03 17:08:36 +02:00
Ilan Peer
a8517c132c Add support for AKM suite 00-0F-AC:23
Add support for Authentication negotiated over IEEE Std 802.1X
with key derivation function using SHA-384.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2023-11-03 17:08:36 +02:00