FILS: Add FILS AEAD parameters for sta_auth() calls
This is used with partial AP SME in driver cases to enable FILS association (AES-SIV) processing. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
f46c154c59
commit
8acbf85fa2
3 changed files with 38 additions and 0 deletions
|
@ -19,6 +19,7 @@
|
||||||
#include "ap_config.h"
|
#include "ap_config.h"
|
||||||
#include "p2p_hostapd.h"
|
#include "p2p_hostapd.h"
|
||||||
#include "hs20.h"
|
#include "hs20.h"
|
||||||
|
#include "wpa_auth.h"
|
||||||
#include "ap_drv_ops.h"
|
#include "ap_drv_ops.h"
|
||||||
|
|
||||||
|
|
||||||
|
@ -348,12 +349,35 @@ int hostapd_sta_auth(struct hostapd_data *hapd, const u8 *addr,
|
||||||
u16 seq, u16 status, const u8 *ie, size_t len)
|
u16 seq, u16 status, const u8 *ie, size_t len)
|
||||||
{
|
{
|
||||||
struct wpa_driver_sta_auth_params params;
|
struct wpa_driver_sta_auth_params params;
|
||||||
|
#ifdef CONFIG_FILS
|
||||||
|
struct sta_info *sta;
|
||||||
|
#endif /* CONFIG_FILS */
|
||||||
|
|
||||||
if (hapd->driver == NULL || hapd->driver->sta_auth == NULL)
|
if (hapd->driver == NULL || hapd->driver->sta_auth == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
os_memset(¶ms, 0, sizeof(params));
|
os_memset(¶ms, 0, sizeof(params));
|
||||||
|
|
||||||
|
#ifdef CONFIG_FILS
|
||||||
|
sta = ap_get_sta(hapd, addr);
|
||||||
|
if (!sta) {
|
||||||
|
wpa_printf(MSG_DEBUG, "Station " MACSTR
|
||||||
|
" not found for sta_auth processing",
|
||||||
|
MAC2STR(addr));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (sta->auth_alg == WLAN_AUTH_FILS_SK ||
|
||||||
|
sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
|
||||||
|
sta->auth_alg == WLAN_AUTH_FILS_PK) {
|
||||||
|
params.fils_auth = 1;
|
||||||
|
wpa_auth_get_fils_aead_params(sta->wpa_sm, params.fils_anonce,
|
||||||
|
params.fils_snonce,
|
||||||
|
params.fils_kek,
|
||||||
|
¶ms.fils_kek_len);
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_FILS */
|
||||||
|
|
||||||
params.own_addr = hapd->own_addr;
|
params.own_addr = hapd->own_addr;
|
||||||
params.addr = addr;
|
params.addr = addr;
|
||||||
params.seq = seq;
|
params.seq = seq;
|
||||||
|
|
|
@ -4284,4 +4284,15 @@ int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len)
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_IEEE80211R_AP */
|
#endif /* CONFIG_IEEE80211R_AP */
|
||||||
|
|
||||||
|
|
||||||
|
void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
|
||||||
|
u8 *fils_anonce, u8 *fils_snonce,
|
||||||
|
u8 *fils_kek, size_t *fils_kek_len)
|
||||||
|
{
|
||||||
|
os_memcpy(fils_anonce, sm->ANonce, WPA_NONCE_LEN);
|
||||||
|
os_memcpy(fils_snonce, sm->SNonce, WPA_NONCE_LEN);
|
||||||
|
os_memcpy(fils_kek, sm->PTK.kek, WPA_KEK_MAX_LEN);
|
||||||
|
*fils_kek_len = sm->PTK.kek_len;
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* CONFIG_FILS */
|
#endif /* CONFIG_FILS */
|
||||||
|
|
|
@ -376,5 +376,8 @@ int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf,
|
||||||
int fils_set_tk(struct wpa_state_machine *sm);
|
int fils_set_tk(struct wpa_state_machine *sm);
|
||||||
|
|
||||||
int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len);
|
int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len);
|
||||||
|
void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
|
||||||
|
u8 *fils_anonce, u8 *fils_snonce,
|
||||||
|
u8 *fils_kek, size_t *fils_kek_len);
|
||||||
|
|
||||||
#endif /* WPA_AUTH_H */
|
#endif /* WPA_AUTH_H */
|
||||||
|
|
Loading…
Reference in a new issue