jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OWE: PMKSA caching in station mode

Browse source 
This extends OWE support in wpa_supplicant to allow PMKSA caching to be
used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-10-09 12:08:57 +03:00 committed by Jouni Malinen
parent d90f10fa41
commit 5a78c36194
3 changed files with 29 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
src/rsn_supp/wpa.c
View file

@ -4215,8 +4215,8 @@ fail:
} }
int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *resp_ies, int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid,
size_t resp_ies_len) const u8 *resp_ies, size_t resp_ies_len)
{ {
struct ieee802_11_elems elems; struct ieee802_11_elems elems;
u16 group; u16 group;
@ -4227,11 +4227,27 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *resp_ies,
const u8 *addr[2]; const u8 *addr[2];
size_t len[2]; size_t len[2];
size_t hash_len, prime_len; size_t hash_len, prime_len;
struct wpa_ie_data data;
if (!resp_ies || if (!resp_ies ||
ieee802_11_parse_elems(resp_ies, resp_ies_len, &elems, 1) == ieee802_11_parse_elems(resp_ies, resp_ies_len, &elems, 1) ==
ParseFailed || ParseFailed) {
!elems.owe_dh) { wpa_printf(MSG_INFO,
"OWE: Could not parse Association Response frame elements");
return -1;
}
if (sm->cur_pmksa && elems.rsn_ie &&
wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, 2 + elems.rsn_ie_len,
&data) == 0 &&
data.num_pmkid == 1 && data.pmkid &&
os_memcmp(sm->cur_pmksa->pmkid, data.pmkid, PMKID_LEN) == 0) {
wpa_printf(MSG_DEBUG, "OWE: Use PMKSA caching");
wpa_sm_set_pmk_from_pmksa(sm);
return 0;
}
if (!elems.owe_dh) {
wpa_printf(MSG_INFO, wpa_printf(MSG_INFO,
"OWE: No Diffie-Hellman Parameter element found in Association Response frame"); "OWE: No Diffie-Hellman Parameter element found in Association Response frame");
return -1; return -1;
@ -4347,7 +4363,9 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *resp_ies,
wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len); wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, sm->pmk_len);
wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN); wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN);
/* TODO: Add PMKSA cache entry */ pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, pmkid, NULL, 0,
bssid, sm->own_addr, sm->network_ctx, sm->key_mgmt,
NULL);
return 0; return 0;
} }

4
src/rsn_supp/wpa.h
View file

@ -458,8 +458,8 @@ struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek,
int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len); int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len);
struct wpabuf * owe_build_assoc_req(struct wpa_sm *sm, u16 group); struct wpabuf * owe_build_assoc_req(struct wpa_sm *sm, u16 group);
int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *resp_ies, int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid,
size_t resp_ies_len); const u8 *resp_ies, size_t resp_ies_len);
void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set); void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set);
void wpa_sm_set_fils_cache_id(struct wpa_sm *sm, const u8 *fils_cache_id); void wpa_sm_set_fils_cache_id(struct wpa_sm *sm, const u8 *fils_cache_id);

5
wpa_supplicant/events.c
View file

@ -2336,9 +2336,10 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
#ifdef CONFIG_OWE #ifdef CONFIG_OWE
if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE && if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE &&
owe_process_assoc_resp(wpa_s->wpa, (wpa_drv_get_bssid(wpa_s, bssid) < 0 ||
owe_process_assoc_resp(wpa_s->wpa, bssid,
data->assoc_info.resp_ies, data->assoc_info.resp_ies,
data->assoc_info.resp_ies_len) < 0) { data->assoc_info.resp_ies_len) < 0)) {
wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
return -1; return -1;
} }