Share common SAE and EAP-pwd functionality: suitable groups

Start sharing common SAE and EAP-pwd functionality by adding a new
source code file that can be included into both. This first step is
bringing in a shared function to check whether a group is suitable.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-04-25 19:45:27 +03:00 committed by Jouni Malinen
parent ff229da309
commit 2b84ca4dd9
8 changed files with 74 additions and 29 deletions

View file

@ -269,6 +269,7 @@ L_CFLAGS += -DCONFIG_SAE
OBJS += src/common/sae.c OBJS += src/common/sae.c
NEED_ECC=y NEED_ECC=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_OWE ifdef CONFIG_OWE
@ -462,6 +463,7 @@ L_CFLAGS += -DEAP_SERVER_PWD
OBJS += src/eap_server/eap_server_pwd.c src/eap_common/eap_pwd_common.c OBJS += src/eap_server/eap_server_pwd.c src/eap_common/eap_pwd_common.c
NEED_SHA256=y NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_EAP_EKE ifdef CONFIG_EAP_EKE
@ -595,6 +597,10 @@ ifdef CONFIG_PKCS12
L_CFLAGS += -DPKCS12_FUNCS L_CFLAGS += -DPKCS12_FUNCS
endif endif
ifdef NEED_DRAGONFLY
OBJS += src/common/dragonfly.c
endif
ifdef MS_FUNCS ifdef MS_FUNCS
OBJS += src/crypto/ms_funcs.c OBJS += src/crypto/ms_funcs.c
NEED_DES=y NEED_DES=y

View file

@ -313,6 +313,7 @@ OBJS += ../src/common/sae.o
NEED_ECC=y NEED_ECC=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_AP_MLME=y NEED_AP_MLME=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_OWE ifdef CONFIG_OWE
@ -496,6 +497,7 @@ CFLAGS += -DEAP_SERVER_PWD
OBJS += ../src/eap_server/eap_server_pwd.o ../src/eap_common/eap_pwd_common.o OBJS += ../src/eap_server/eap_server_pwd.o ../src/eap_common/eap_pwd_common.o
NEED_SHA256=y NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_EAP_EKE ifdef CONFIG_EAP_EKE
@ -629,6 +631,10 @@ ifdef CONFIG_PKCS12
CFLAGS += -DPKCS12_FUNCS CFLAGS += -DPKCS12_FUNCS
endif endif
ifdef NEED_DRAGONFLY
OBJS += ../src/common/dragonfly.o
endif
ifdef MS_FUNCS ifdef MS_FUNCS
OBJS += ../src/crypto/ms_funcs.o OBJS += ../src/crypto/ms_funcs.o
NEED_DES=y NEED_DES=y

27
src/common/dragonfly.c Normal file
View file

@ -0,0 +1,27 @@
/*
* Shared Dragonfly functionality
* Copyright (c) 2012-2016, Jouni Malinen <j@w1.fi>
* Copyright (c) 2019, The Linux Foundation
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#include "utils/includes.h"
#include "utils/common.h"
#include "dragonfly.h"
int dragonfly_suitable_group(int group, int ecc_only)
{
/* Enforce REVmd rules on which SAE groups are suitable for production
* purposes: FFC groups whose prime is >= 3072 bits and ECC groups
* defined over a prime field whose prime is >= 256 bits. Furthermore,
* ECC groups defined over a characteristic 2 finite field and ECC
* groups with a co-factor greater than 1 are not suitable. */
return group == 19 || group == 20 || group == 21 ||
group == 28 || group == 29 || group == 30 ||
(!ecc_only &&
(group == 15 || group == 16 || group == 17 || group == 18));
}

15
src/common/dragonfly.h Normal file
View file

@ -0,0 +1,15 @@
/*
* Shared Dragonfly functionality
* Copyright (c) 2012-2016, Jouni Malinen <j@w1.fi>
* Copyright (c) 2019, The Linux Foundation
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef DRAGONFLY_H
#define DRAGONFLY_H
int dragonfly_suitable_group(int group, int ecc_only);
#endif /* DRAGONFLY_H */

View file

@ -15,35 +15,22 @@
#include "crypto/random.h" #include "crypto/random.h"
#include "crypto/dh_groups.h" #include "crypto/dh_groups.h"
#include "ieee802_11_defs.h" #include "ieee802_11_defs.h"
#include "dragonfly.h"
#include "sae.h" #include "sae.h"
static int sae_suitable_group(int group)
{
#ifdef CONFIG_TESTING_OPTIONS
/* Allow all groups for testing purposes in non-production builds. */
return 1;
#else /* CONFIG_TESTING_OPTIONS */
/* Enforce REVmd rules on which SAE groups are suitable for production
* purposes: FFC groups whose prime is >= 3072 bits and ECC groups
* defined over a prime field whose prime is >= 256 bits. Furthermore,
* ECC groups defined over a characteristic 2 finite field and ECC
* groups with a co-factor greater than 1 are not suitable. */
return group == 19 || group == 20 || group == 21 ||
group == 28 || group == 29 || group == 30 ||
group == 15 || group == 16 || group == 17 || group == 18;
#endif /* CONFIG_TESTING_OPTIONS */
}
int sae_set_group(struct sae_data *sae, int group) int sae_set_group(struct sae_data *sae, int group)
{ {
struct sae_temporary_data *tmp; struct sae_temporary_data *tmp;
if (!sae_suitable_group(group)) { #ifdef CONFIG_TESTING_OPTIONS
/* Allow all groups for testing purposes in non-production builds. */
#else /* CONFIG_TESTING_OPTIONS */
if (!dragonfly_suitable_group(group, 0)) {
wpa_printf(MSG_DEBUG, "SAE: Reject unsuitable group %d", group); wpa_printf(MSG_DEBUG, "SAE: Reject unsuitable group %d", group);
return -1; return -1;
} }
#endif /* CONFIG_TESTING_OPTIONS */
sae_clear_data(sae); sae_clear_data(sae);
tmp = sae->tmp = os_zalloc(sizeof(*tmp)); tmp = sae->tmp = os_zalloc(sizeof(*tmp));

View file

@ -9,6 +9,7 @@
#include "includes.h" #include "includes.h"
#include "common.h" #include "common.h"
#include "utils/const_time.h" #include "utils/const_time.h"
#include "common/dragonfly.h"
#include "crypto/sha256.h" #include "crypto/sha256.h"
#include "crypto/crypto.h" #include "crypto/crypto.h"
#include "eap_defs.h" #include "eap_defs.h"
@ -85,20 +86,11 @@ static int eap_pwd_kdf(const u8 *key, size_t keylen, const u8 *label,
} }
static int eap_pwd_suitable_group(u16 num)
{
/* Do not allow ECC groups with prime under 256 bits based on guidance
* for the similar design in SAE. */
return num == 19 || num == 20 || num == 21 ||
num == 28 || num == 29 || num == 30;
}
EAP_PWD_group * get_eap_pwd_group(u16 num) EAP_PWD_group * get_eap_pwd_group(u16 num)
{ {
EAP_PWD_group *grp; EAP_PWD_group *grp;
if (!eap_pwd_suitable_group(num)) { if (!dragonfly_suitable_group(num, 1)) {
wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num); wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num);
return NULL; return NULL;
} }

View file

@ -243,6 +243,7 @@ L_CFLAGS += -DCONFIG_SAE
OBJS += src/common/sae.c OBJS += src/common/sae.c
NEED_ECC=y NEED_ECC=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_DPP ifdef CONFIG_DPP
@ -690,6 +691,7 @@ OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_SHA256=y NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_EAP_EKE ifdef CONFIG_EAP_EKE
@ -979,6 +981,10 @@ ifdef CONFIG_SMARTCARD
L_CFLAGS += -DCONFIG_SMARTCARD L_CFLAGS += -DCONFIG_SMARTCARD
endif endif
ifdef NEED_DRAGONFLY
OBJS += src/common/dragonfly.c
endif
ifdef MS_FUNCS ifdef MS_FUNCS
OBJS += src/crypto/ms_funcs.c OBJS += src/crypto/ms_funcs.c
NEED_DES=y NEED_DES=y

View file

@ -275,6 +275,7 @@ CFLAGS += -DCONFIG_SAE
OBJS += ../src/common/sae.o OBJS += ../src/common/sae.o
NEED_ECC=y NEED_ECC=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_DPP ifdef CONFIG_DPP
@ -720,6 +721,7 @@ OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_SHA256=y NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y
endif endif
ifdef CONFIG_EAP_EKE ifdef CONFIG_EAP_EKE
@ -1023,6 +1025,10 @@ ifdef CONFIG_SMARTCARD
CFLAGS += -DCONFIG_SMARTCARD CFLAGS += -DCONFIG_SMARTCARD
endif endif
ifdef NEED_DRAGONFLY
OBJS += ../src/common/dragonfly.o
endif
ifdef MS_FUNCS ifdef MS_FUNCS
OBJS += ../src/crypto/ms_funcs.o OBJS += ../src/crypto/ms_funcs.o
NEED_DES=y NEED_DES=y