DPP2: Allow Configurator to use AKM suite selectors in Config Object
The new use_akm_selector=1 value to Configurator parameters can now be used to request a list of AKM suite selectors to be used in the Configuration Object if the Enrollee supports version 2 or newer. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
52d469de11
commit
68fea96038
2 changed files with 41 additions and 2 deletions
|
@ -4585,6 +4585,12 @@ int dpp_set_configurator(struct dpp_global *dpp, void *msg_ctx,
|
|||
auth->send_conn_status = atoi(pos);
|
||||
}
|
||||
|
||||
pos = os_strstr(cmd, " akm_use_selector=");
|
||||
if (pos) {
|
||||
pos += 18;
|
||||
auth->akm_use_selector = atoi(pos);
|
||||
}
|
||||
|
||||
if (dpp_configuration_parse(auth, cmd) < 0) {
|
||||
wpa_msg(msg_ctx, MSG_INFO,
|
||||
"DPP: Failed to set configurator parameters");
|
||||
|
@ -4761,6 +4767,7 @@ dpp_build_conf_obj_dpp(struct dpp_authentication *auth,
|
|||
size_t extra_len = 1000;
|
||||
int incl_legacy;
|
||||
enum dpp_akm akm;
|
||||
const char *akm_str;
|
||||
|
||||
if (!auth->conf) {
|
||||
wpa_printf(MSG_INFO,
|
||||
|
@ -4914,7 +4921,11 @@ skip_groups:
|
|||
if (!buf)
|
||||
goto fail;
|
||||
|
||||
wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", dpp_akm_str(akm));
|
||||
if (auth->akm_use_selector && dpp_akm_ver2(akm))
|
||||
akm_str = dpp_akm_selector_str(akm);
|
||||
else
|
||||
akm_str = dpp_akm_str(akm);
|
||||
wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", akm_str);
|
||||
if (incl_legacy) {
|
||||
dpp_build_legacy_cred_params(buf, conf);
|
||||
wpabuf_put_str(buf, ",");
|
||||
|
@ -4959,12 +4970,17 @@ dpp_build_conf_obj_legacy(struct dpp_authentication *auth,
|
|||
struct dpp_configuration *conf)
|
||||
{
|
||||
struct wpabuf *buf;
|
||||
const char *akm_str;
|
||||
|
||||
buf = dpp_build_conf_start(auth, conf, 1000);
|
||||
if (!buf)
|
||||
return NULL;
|
||||
|
||||
wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", dpp_akm_str(conf->akm));
|
||||
if (auth->akm_use_selector && dpp_akm_ver2(conf->akm))
|
||||
akm_str = dpp_akm_selector_str(conf->akm);
|
||||
else
|
||||
akm_str = dpp_akm_str(conf->akm);
|
||||
wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", akm_str);
|
||||
dpp_build_legacy_cred_params(buf, conf);
|
||||
wpabuf_put_str(buf, "}}");
|
||||
|
||||
|
@ -6024,6 +6040,27 @@ const char * dpp_akm_str(enum dpp_akm akm)
|
|||
}
|
||||
|
||||
|
||||
const char * dpp_akm_selector_str(enum dpp_akm akm)
|
||||
{
|
||||
switch (akm) {
|
||||
case DPP_AKM_DPP:
|
||||
return "506F9A02";
|
||||
case DPP_AKM_PSK:
|
||||
return "000FAC02+000FAC06";
|
||||
case DPP_AKM_SAE:
|
||||
return "000FAC08";
|
||||
case DPP_AKM_PSK_SAE:
|
||||
return "000FAC02+000FAC06+000FAC08";
|
||||
case DPP_AKM_SAE_DPP:
|
||||
return "506F9A02+000FAC08";
|
||||
case DPP_AKM_PSK_SAE_DPP:
|
||||
return "506F9A02+000FAC08+000FAC02+000FAC06";
|
||||
default:
|
||||
return "??";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static enum dpp_akm dpp_akm_from_str(const char *akm)
|
||||
{
|
||||
if (os_strcmp(akm, "psk") == 0)
|
||||
|
|
|
@ -258,6 +258,7 @@ struct dpp_authentication {
|
|||
os_time_t net_access_key_expiry;
|
||||
int send_conn_status;
|
||||
int conn_status_requested;
|
||||
int akm_use_selector;
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
char *config_obj_override;
|
||||
char *discovery_override;
|
||||
|
@ -478,6 +479,7 @@ const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len);
|
|||
int dpp_check_attrs(const u8 *buf, size_t len);
|
||||
int dpp_key_expired(const char *timestamp, os_time_t *expiry);
|
||||
const char * dpp_akm_str(enum dpp_akm akm);
|
||||
const char * dpp_akm_selector_str(enum dpp_akm akm);
|
||||
int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf,
|
||||
size_t buflen);
|
||||
void dpp_configurator_free(struct dpp_configurator *conf);
|
||||
|
|
Loading…
Reference in a new issue