SAE: Derive H2E PT in STA before connection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
146889e3ca
commit
05a2fb0d11
3 changed files with 52 additions and 1 deletions
|
@ -12,6 +12,7 @@
|
||||||
#include "utils/uuid.h"
|
#include "utils/uuid.h"
|
||||||
#include "utils/ip_addr.h"
|
#include "utils/ip_addr.h"
|
||||||
#include "common/ieee802_1x_defs.h"
|
#include "common/ieee802_1x_defs.h"
|
||||||
|
#include "common/sae.h"
|
||||||
#include "crypto/sha1.h"
|
#include "crypto/sha1.h"
|
||||||
#include "rsn_supp/wpa.h"
|
#include "rsn_supp/wpa.h"
|
||||||
#include "eap_peer/eap.h"
|
#include "eap_peer/eap.h"
|
||||||
|
@ -2765,6 +2766,9 @@ void wpa_config_free_ssid(struct wpa_ssid *ssid)
|
||||||
dl_list_del(&psk->list);
|
dl_list_del(&psk->list);
|
||||||
bin_clear_free(psk, sizeof(*psk));
|
bin_clear_free(psk, sizeof(*psk));
|
||||||
}
|
}
|
||||||
|
#ifdef CONFIG_SAE
|
||||||
|
sae_deinit_pt(ssid->pt);
|
||||||
|
#endif /* CONFIG_SAE */
|
||||||
bin_clear_free(ssid, sizeof(*ssid));
|
bin_clear_free(ssid, sizeof(*ssid));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -3104,6 +3108,15 @@ int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
|
||||||
}
|
}
|
||||||
ret = -1;
|
ret = -1;
|
||||||
}
|
}
|
||||||
|
#ifdef CONFIG_SAE
|
||||||
|
if (os_strcmp(var, "ssid") == 0 ||
|
||||||
|
os_strcmp(var, "psk") == 0 ||
|
||||||
|
os_strcmp(var, "sae_password") == 0 ||
|
||||||
|
os_strcmp(var, "sae_password_id") == 0) {
|
||||||
|
sae_deinit_pt(ssid->pt);
|
||||||
|
ssid->pt = NULL;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_SAE */
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (i == NUM_SSID_FIELDS) {
|
if (i == NUM_SSID_FIELDS) {
|
||||||
|
|
|
@ -213,6 +213,8 @@ struct wpa_ssid {
|
||||||
*/
|
*/
|
||||||
char *sae_password_id;
|
char *sae_password_id;
|
||||||
|
|
||||||
|
struct sae_pt *pt;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ext_psk - PSK/passphrase name in external storage
|
* ext_psk - PSK/passphrase name in external storage
|
||||||
*
|
*
|
||||||
|
|
|
@ -1932,6 +1932,36 @@ int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
|
||||||
|
{
|
||||||
|
#ifdef CONFIG_SAE
|
||||||
|
int *groups = conf->sae_groups;
|
||||||
|
int default_groups[] = { 19, 20, 21, 0 };
|
||||||
|
const char *password;
|
||||||
|
|
||||||
|
if (!groups || groups[0] <= 0)
|
||||||
|
groups = default_groups;
|
||||||
|
|
||||||
|
password = ssid->sae_password;
|
||||||
|
if (!password)
|
||||||
|
password = ssid->passphrase;
|
||||||
|
|
||||||
|
if (conf->sae_pwe == 0 || !password) {
|
||||||
|
/* PT derivation not needed */
|
||||||
|
sae_deinit_pt(ssid->pt);
|
||||||
|
ssid->pt = NULL;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ssid->pt)
|
||||||
|
return; /* PT already derived */
|
||||||
|
ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
|
||||||
|
(const u8 *) password, os_strlen(password),
|
||||||
|
ssid->sae_password_id);
|
||||||
|
#endif /* CONFIG_SAE */
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
|
static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -1978,6 +2008,10 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
|
||||||
} else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
|
} else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
|
||||||
os_get_reltime(&wpa_s->roam_start);
|
os_get_reltime(&wpa_s->roam_start);
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
#ifdef CONFIG_SAE
|
||||||
|
wpa_s_setup_sae_pt(wpa_s->conf, ssid);
|
||||||
|
#endif /* CONFIG_SAE */
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
|
if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
|
||||||
|
@ -3984,8 +4018,10 @@ void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
|
||||||
wpa_s->disconnected = 0;
|
wpa_s->disconnected = 0;
|
||||||
wpa_s->reassociate = 1;
|
wpa_s->reassociate = 1;
|
||||||
wpa_s->last_owe_group = 0;
|
wpa_s->last_owe_group = 0;
|
||||||
if (ssid)
|
if (ssid) {
|
||||||
ssid->owe_transition_bss_select_count = 0;
|
ssid->owe_transition_bss_select_count = 0;
|
||||||
|
wpa_s_setup_sae_pt(wpa_s->conf, ssid);
|
||||||
|
}
|
||||||
|
|
||||||
if (wpa_s->connect_without_scan ||
|
if (wpa_s->connect_without_scan ||
|
||||||
wpa_supplicant_fast_associate(wpa_s) != 1) {
|
wpa_supplicant_fast_associate(wpa_s) != 1) {
|
||||||
|
|
Loading…
Reference in a new issue