DPP2: Protocol version indication
Send out the new Protocol Version attribute in Authentication Request/Response messages and determine the peer version based on this attribute. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
ce7effd08f
commit
0b4a906de1
2 changed files with 65 additions and 0 deletions
|
@ -1,6 +1,7 @@
|
|||
/*
|
||||
* DPP functionality shared between hostapd and wpa_supplicant
|
||||
* Copyright (c) 2017, Qualcomm Atheros, Inc.
|
||||
* Copyright (c) 2018-2019, The Linux Foundation
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -1537,6 +1538,9 @@ static struct wpabuf * dpp_auth_build_req(struct dpp_authentication *auth,
|
|||
4 + sizeof(wrapped_data);
|
||||
if (neg_freq > 0)
|
||||
attr_len += 4 + 2;
|
||||
#ifdef CONFIG_DPP2
|
||||
attr_len += 5;
|
||||
#endif /* CONFIG_DPP2 */
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_REQ)
|
||||
attr_len += 5;
|
||||
|
@ -1579,6 +1583,13 @@ static struct wpabuf * dpp_auth_build_req(struct dpp_authentication *auth,
|
|||
wpabuf_put_u8(msg, channel);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_DPP2
|
||||
/* Protocol Version */
|
||||
wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
|
||||
wpabuf_put_le16(msg, 1);
|
||||
wpabuf_put_u8(msg, 2);
|
||||
#endif /* CONFIG_DPP2 */
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_AUTH_REQ) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
|
||||
|
@ -1705,6 +1716,9 @@ static struct wpabuf * dpp_auth_build_resp(struct dpp_authentication *auth,
|
|||
/* Build DPP Authentication Response frame attributes */
|
||||
attr_len = 4 + 1 + 2 * (4 + SHA256_MAC_LEN) +
|
||||
4 + (pr ? wpabuf_len(pr) : 0) + 4 + sizeof(wrapped_data);
|
||||
#ifdef CONFIG_DPP2
|
||||
attr_len += 5;
|
||||
#endif /* CONFIG_DPP2 */
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_AUTH_RESP)
|
||||
attr_len += 5;
|
||||
|
@ -1732,6 +1746,13 @@ static struct wpabuf * dpp_auth_build_resp(struct dpp_authentication *auth,
|
|||
wpabuf_put_buf(msg, pr);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_DPP2
|
||||
/* Protocol Version */
|
||||
wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
|
||||
wpabuf_put_le16(msg, 1);
|
||||
wpabuf_put_u8(msg, 2);
|
||||
#endif /* CONFIG_DPP2 */
|
||||
|
||||
attr_end = wpabuf_put(msg, 0);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
|
@ -2893,6 +2914,10 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
|
|||
u16 wrapped_data_len, i_proto_len, i_nonce_len, i_capab_len,
|
||||
i_bootstrap_len, channel_len;
|
||||
struct dpp_authentication *auth = NULL;
|
||||
#ifdef CONFIG_DPP2
|
||||
const u8 *version;
|
||||
u16 version_len;
|
||||
#endif /* CONFIG_DPP2 */
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_STOP_AT_AUTH_REQ) {
|
||||
|
@ -2922,6 +2947,22 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
|
|||
auth->curve = own_bi->curve;
|
||||
auth->curr_freq = freq;
|
||||
|
||||
auth->peer_version = 1; /* default to the first version */
|
||||
#ifdef CONFIG_DPP2
|
||||
version = dpp_get_attr(attr_start, attr_len, DPP_ATTR_PROTOCOL_VERSION,
|
||||
&version_len);
|
||||
if (version) {
|
||||
if (version_len < 1 || version[0] == 0) {
|
||||
dpp_auth_fail(auth,
|
||||
"Invalid Protocol Version attribute");
|
||||
goto fail;
|
||||
}
|
||||
auth->peer_version = version[0];
|
||||
wpa_printf(MSG_DEBUG, "DPP: Peer protocol version %u",
|
||||
auth->peer_version);
|
||||
}
|
||||
#endif /* CONFIG_DPP2 */
|
||||
|
||||
channel = dpp_get_attr(attr_start, attr_len, DPP_ATTR_CHANNEL,
|
||||
&channel_len);
|
||||
if (channel) {
|
||||
|
@ -3450,6 +3491,10 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
|
|||
wrapped2_len, r_auth_len;
|
||||
u8 r_auth2[DPP_MAX_HASH_LEN];
|
||||
u8 role;
|
||||
#ifdef CONFIG_DPP2
|
||||
const u8 *version;
|
||||
u16 version_len;
|
||||
#endif /* CONFIG_DPP2 */
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_STOP_AT_AUTH_RESP) {
|
||||
|
@ -3524,6 +3569,22 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
|
|||
return NULL;
|
||||
}
|
||||
|
||||
auth->peer_version = 1; /* default to the first version */
|
||||
#ifdef CONFIG_DPP2
|
||||
version = dpp_get_attr(attr_start, attr_len, DPP_ATTR_PROTOCOL_VERSION,
|
||||
&version_len);
|
||||
if (version) {
|
||||
if (version_len < 1 || version[0] == 0) {
|
||||
dpp_auth_fail(auth,
|
||||
"Invalid Protocol Version attribute");
|
||||
return NULL;
|
||||
}
|
||||
auth->peer_version = version[0];
|
||||
wpa_printf(MSG_DEBUG, "DPP: Peer protocol version %u",
|
||||
auth->peer_version);
|
||||
}
|
||||
#endif /* CONFIG_DPP2 */
|
||||
|
||||
status = dpp_get_attr(attr_start, attr_len, DPP_ATTR_STATUS,
|
||||
&status_len);
|
||||
if (!status || status_len < 1) {
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
/*
|
||||
* DPP functionality shared between hostapd and wpa_supplicant
|
||||
* Copyright (c) 2017, Qualcomm Atheros, Inc.
|
||||
* Copyright (c) 2018-2019, The Linux Foundation
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -54,6 +55,8 @@ enum dpp_attribute_id {
|
|||
DPP_ATTR_TRANSACTION_ID = 0x1016,
|
||||
DPP_ATTR_BOOTSTRAP_INFO = 0x1017,
|
||||
DPP_ATTR_CHANNEL = 0x1018,
|
||||
DPP_ATTR_PROTOCOL_VERSION = 0x1019,
|
||||
DPP_ATTR_ENVELOPED_DATA = 0x101A,
|
||||
};
|
||||
|
||||
enum dpp_status_error {
|
||||
|
@ -162,6 +165,7 @@ struct dpp_configuration {
|
|||
|
||||
struct dpp_authentication {
|
||||
void *msg_ctx;
|
||||
u8 peer_version;
|
||||
const struct dpp_curve_params *curve;
|
||||
struct dpp_bootstrap_info *peer_bi;
|
||||
struct dpp_bootstrap_info *own_bi;
|
||||
|
|
Loading…
Reference in a new issue