DPP: Update AES-SIV AD for PKEX frames
The protocol design was updated to protect the six octets in the header before the attributes. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
dc4d271c6d
commit
4be5bc98a8
4 changed files with 50 additions and 31 deletions
|
@ -987,7 +987,8 @@ static void hostapd_dpp_rx_peer_disc_req(struct hostapd_data *hapd,
|
|||
|
||||
static void
|
||||
hostapd_dpp_rx_pkex_exchange_req(struct hostapd_data *hapd, const u8 *src,
|
||||
const u8 *buf, size_t len, unsigned int freq)
|
||||
const u8 *buf, size_t len,
|
||||
unsigned int freq)
|
||||
{
|
||||
struct wpabuf *msg;
|
||||
|
||||
|
@ -1063,7 +1064,7 @@ hostapd_dpp_rx_pkex_exchange_resp(struct hostapd_data *hapd, const u8 *src,
|
|||
|
||||
static void
|
||||
hostapd_dpp_rx_pkex_commit_reveal_req(struct hostapd_data *hapd, const u8 *src,
|
||||
const u8 *buf, size_t len,
|
||||
const u8 *hdr, const u8 *buf, size_t len,
|
||||
unsigned int freq)
|
||||
{
|
||||
struct wpabuf *msg;
|
||||
|
@ -1078,7 +1079,7 @@ hostapd_dpp_rx_pkex_commit_reveal_req(struct hostapd_data *hapd, const u8 *src,
|
|||
return;
|
||||
}
|
||||
|
||||
msg = dpp_pkex_rx_commit_reveal_req(pkex, buf, len);
|
||||
msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len);
|
||||
if (!msg) {
|
||||
wpa_printf(MSG_DEBUG, "DPP: Failed to process the request");
|
||||
return;
|
||||
|
@ -1114,7 +1115,7 @@ hostapd_dpp_rx_pkex_commit_reveal_req(struct hostapd_data *hapd, const u8 *src,
|
|||
|
||||
static void
|
||||
hostapd_dpp_rx_pkex_commit_reveal_resp(struct hostapd_data *hapd, const u8 *src,
|
||||
const u8 *buf, size_t len,
|
||||
const u8 *hdr, const u8 *buf, size_t len,
|
||||
unsigned int freq)
|
||||
{
|
||||
int res;
|
||||
|
@ -1130,7 +1131,7 @@ hostapd_dpp_rx_pkex_commit_reveal_resp(struct hostapd_data *hapd, const u8 *src,
|
|||
return;
|
||||
}
|
||||
|
||||
res = dpp_pkex_rx_commit_reveal_resp(pkex, buf, len);
|
||||
res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len);
|
||||
if (res < 0) {
|
||||
wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
|
||||
return;
|
||||
|
@ -1222,10 +1223,11 @@ void hostapd_dpp_rx_action(struct hostapd_data *hapd, const u8 *src,
|
|||
hostapd_dpp_rx_pkex_exchange_resp(hapd, src, buf, len, freq);
|
||||
break;
|
||||
case DPP_PA_PKEX_COMMIT_REVEAL_REQ:
|
||||
hostapd_dpp_rx_pkex_commit_reveal_req(hapd, src, buf, len, freq);
|
||||
hostapd_dpp_rx_pkex_commit_reveal_req(hapd, src, hdr, buf, len,
|
||||
freq);
|
||||
break;
|
||||
case DPP_PA_PKEX_COMMIT_REVEAL_RESP:
|
||||
hostapd_dpp_rx_pkex_commit_reveal_resp(hapd, src, buf, len,
|
||||
hostapd_dpp_rx_pkex_commit_reveal_resp(hapd, src, hdr, buf, len,
|
||||
freq);
|
||||
break;
|
||||
default:
|
||||
|
|
|
@ -5574,10 +5574,13 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
|
|||
wpabuf_put_le16(clear, curve->hash_len);
|
||||
wpabuf_put_data(clear, u, curve->hash_len);
|
||||
|
||||
addr[0] = wpabuf_head_u8(msg) + 2;
|
||||
len[0] = DPP_HDR_LEN;
|
||||
octet = 0;
|
||||
addr[0] = &octet;
|
||||
len[0] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
|
||||
addr[1] = &octet;
|
||||
len[1] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
|
||||
|
||||
wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
|
||||
wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
|
||||
|
@ -5586,7 +5589,7 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
|
|||
wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
|
||||
if (aes_siv_encrypt(pkex->z, curve->hash_len,
|
||||
wpabuf_head(clear), wpabuf_len(clear),
|
||||
1, addr, len, wrapped) < 0)
|
||||
2, addr, len, wrapped) < 0)
|
||||
goto fail;
|
||||
wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
|
||||
wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
|
||||
|
@ -5614,6 +5617,7 @@ fail:
|
|||
|
||||
|
||||
struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
|
||||
const u8 *hdr,
|
||||
const u8 *buf, size_t buflen)
|
||||
{
|
||||
const struct dpp_curve_params *curve = pkex->own_bi->curve;
|
||||
|
@ -5678,14 +5682,17 @@ struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
|
|||
if (!unwrapped)
|
||||
goto fail;
|
||||
|
||||
addr[0] = hdr;
|
||||
len[0] = DPP_HDR_LEN;
|
||||
octet = 0;
|
||||
addr[0] = &octet;
|
||||
len[0] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
|
||||
addr[1] = &octet;
|
||||
len[1] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
|
||||
|
||||
if (aes_siv_decrypt(pkex->z, curve->hash_len,
|
||||
wrapped_data, wrapped_data_len,
|
||||
1, addr, len, unwrapped) < 0) {
|
||||
2, addr, len, unwrapped) < 0) {
|
||||
wpa_printf(MSG_DEBUG, "DPP: AES-SIV decryption failed");
|
||||
goto fail;
|
||||
}
|
||||
|
@ -5811,10 +5818,13 @@ struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
|
|||
wpabuf_put_le16(clear, curve->hash_len);
|
||||
wpabuf_put_data(clear, v, curve->hash_len);
|
||||
|
||||
addr[0] = wpabuf_head_u8(msg) + 2;
|
||||
len[0] = DPP_HDR_LEN;
|
||||
octet = 1;
|
||||
addr[0] = &octet;
|
||||
len[0] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
|
||||
addr[1] = &octet;
|
||||
len[1] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
|
||||
|
||||
wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
|
||||
wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
|
||||
|
@ -5823,7 +5833,7 @@ struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
|
|||
wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
|
||||
if (aes_siv_encrypt(pkex->z, curve->hash_len,
|
||||
wpabuf_head(clear), wpabuf_len(clear),
|
||||
1, addr, len, wrapped) < 0)
|
||||
2, addr, len, wrapped) < 0)
|
||||
goto fail;
|
||||
wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
|
||||
wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
|
||||
|
@ -5843,7 +5853,7 @@ fail:
|
|||
}
|
||||
|
||||
|
||||
int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex,
|
||||
int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr,
|
||||
const u8 *buf, size_t buflen)
|
||||
{
|
||||
const struct dpp_curve_params *curve = pkex->own_bi->curve;
|
||||
|
@ -5876,14 +5886,17 @@ int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex,
|
|||
if (!unwrapped)
|
||||
goto fail;
|
||||
|
||||
addr[0] = hdr;
|
||||
len[0] = DPP_HDR_LEN;
|
||||
octet = 1;
|
||||
addr[0] = &octet;
|
||||
len[0] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
|
||||
addr[1] = &octet;
|
||||
len[1] = sizeof(octet);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
|
||||
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
|
||||
|
||||
if (aes_siv_decrypt(pkex->z, curve->hash_len,
|
||||
wrapped_data, wrapped_data_len,
|
||||
1, addr, len, unwrapped) < 0) {
|
||||
2, addr, len, unwrapped) < 0) {
|
||||
wpa_printf(MSG_DEBUG, "DPP: AES-SIV decryption failed");
|
||||
goto fail;
|
||||
}
|
||||
|
|
|
@ -268,8 +268,9 @@ struct dpp_pkex * dpp_pkex_rx_exchange_req(struct dpp_bootstrap_info *bi,
|
|||
struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
|
||||
const u8 *buf, size_t len);
|
||||
struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
|
||||
const u8 *hdr,
|
||||
const u8 *buf, size_t len);
|
||||
int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex,
|
||||
int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr,
|
||||
const u8 *buf, size_t len);
|
||||
void dpp_pkex_free(struct dpp_pkex *pkex);
|
||||
|
||||
|
|
|
@ -1441,7 +1441,8 @@ wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src,
|
|||
|
||||
static void
|
||||
wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
|
||||
const u8 *buf, size_t len, unsigned int freq)
|
||||
const u8 *hdr, const u8 *buf, size_t len,
|
||||
unsigned int freq)
|
||||
{
|
||||
struct wpabuf *msg;
|
||||
unsigned int wait_time;
|
||||
|
@ -1456,7 +1457,7 @@ wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
|
|||
return;
|
||||
}
|
||||
|
||||
msg = dpp_pkex_rx_commit_reveal_req(pkex, buf, len);
|
||||
msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len);
|
||||
if (!msg) {
|
||||
wpa_printf(MSG_DEBUG, "DPP: Failed to process the request");
|
||||
return;
|
||||
|
@ -1497,7 +1498,7 @@ wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
|
|||
|
||||
static void
|
||||
wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
|
||||
const u8 *buf, size_t len,
|
||||
const u8 *hdr, const u8 *buf, size_t len,
|
||||
unsigned int freq)
|
||||
{
|
||||
int res;
|
||||
|
@ -1513,7 +1514,7 @@ wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
|
|||
return;
|
||||
}
|
||||
|
||||
res = dpp_pkex_rx_commit_reveal_resp(pkex, buf, len);
|
||||
res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len);
|
||||
if (res < 0) {
|
||||
wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
|
||||
return;
|
||||
|
@ -1605,10 +1606,12 @@ void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src,
|
|||
wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq);
|
||||
break;
|
||||
case DPP_PA_PKEX_COMMIT_REVEAL_REQ:
|
||||
wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, buf, len, freq);
|
||||
wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len,
|
||||
freq);
|
||||
break;
|
||||
case DPP_PA_PKEX_COMMIT_REVEAL_RESP:
|
||||
wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, buf, len, freq);
|
||||
wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len,
|
||||
freq);
|
||||
break;
|
||||
default:
|
||||
wpa_printf(MSG_DEBUG,
|
||||
|
|
Loading…
Reference in a new issue