SAE: Add sae_pwe configuration parameter for wpa_supplicant

This parameter can be used to specify which PWE derivation mechanism(s)
is enabled. This commit is only introducing the new parameter; actual
use of it will be address in separate commits.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-09-05 12:38:32 +03:00 committed by Jouni Malinen
parent a36e13a7cd
commit 85e64e634d
5 changed files with 22 additions and 0 deletions

View file

@ -434,6 +434,8 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
pw->next = bss->sae_passwords; pw->next = bss->sae_passwords;
bss->sae_passwords = pw; bss->sae_passwords = pw;
} }
bss->sae_pwe = wpa_s->conf->sae_pwe;
#endif /* CONFIG_SAE */ #endif /* CONFIG_SAE */
if (wpa_s->conf->go_interworking) { if (wpa_s->conf->go_interworking) {

View file

@ -4984,6 +4984,7 @@ static const struct global_parse_data global_fields[] = {
{ INT(okc), 0 }, { INT(okc), 0 },
{ INT(pmf), 0 }, { INT(pmf), 0 },
{ FUNC(sae_groups), 0 }, { FUNC(sae_groups), 0 },
{ INT_RANGE(sae_pwe, 0, 2), 0 },
{ INT_RANGE(sae_pmkid_in_assoc, 0, 1), 0 }, { INT_RANGE(sae_pmkid_in_assoc, 0, 1), 0 },
{ INT(dtim_period), 0 }, { INT(dtim_period), 0 },
{ INT(beacon_int), 0 }, { INT(beacon_int), 0 },

View file

@ -1164,6 +1164,14 @@ struct wpa_config {
*/ */
int *sae_groups; int *sae_groups;
/**
* sae_pwe - SAE mechanism for PWE derivation
* 0 = hunting-and-pecking loop only
* 1 = hash-to-element only
* 2 = both hunting-and-pecking loop and hash-to-element enabled
*/
int sae_pwe;
/** /**
* sae_pmkid_in_assoc - Whether to include PMKID in SAE Assoc Req * sae_pmkid_in_assoc - Whether to include PMKID in SAE Assoc Req
*/ */

View file

@ -1407,6 +1407,9 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
fprintf(f, "\n"); fprintf(f, "\n");
} }
if (config->sae_pwe)
fprintf(f, "sae_pwe=%d\n", config->sae_pwe);
if (config->sae_pmkid_in_assoc) if (config->sae_pmkid_in_assoc)
fprintf(f, "sae_pmkid_in_assoc=%d\n", fprintf(f, "sae_pmkid_in_assoc=%d\n",
config->sae_pmkid_in_assoc); config->sae_pmkid_in_assoc);

View file

@ -425,6 +425,14 @@ fast_reauth=1
# since all implementations are required to support group 19. # since all implementations are required to support group 19.
#sae_groups=19 20 21 #sae_groups=19 20 21
# SAE mechanism for PWE derivation
# 0 = hunting-and-pecking loop only (default)
# 1 = hash-to-element only
# 2 = both hunting-and-pecking loop and hash-to-element enabled
# Note: The default value is likely to change from 0 to 2 once the new
# hash-to-element mechanism has received more interoperability testing.
#sae_pwe=0
# Default value for DTIM period (if not overridden in network block) # Default value for DTIM period (if not overridden in network block)
#dtim_period=2 #dtim_period=2