FILS: Add FILS AEAD parameters for sta_auth() calls

This is used with partial AP SME in driver cases to enable FILS
association (AES-SIV) processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jeffin Mammen 2017-04-21 20:43:57 +03:00 committed by Jouni Malinen
parent f46c154c59
commit 8acbf85fa2
3 changed files with 38 additions and 0 deletions

View file

@ -19,6 +19,7 @@
#include "ap_config.h" #include "ap_config.h"
#include "p2p_hostapd.h" #include "p2p_hostapd.h"
#include "hs20.h" #include "hs20.h"
#include "wpa_auth.h"
#include "ap_drv_ops.h" #include "ap_drv_ops.h"
@ -348,12 +349,35 @@ int hostapd_sta_auth(struct hostapd_data *hapd, const u8 *addr,
u16 seq, u16 status, const u8 *ie, size_t len) u16 seq, u16 status, const u8 *ie, size_t len)
{ {
struct wpa_driver_sta_auth_params params; struct wpa_driver_sta_auth_params params;
#ifdef CONFIG_FILS
struct sta_info *sta;
#endif /* CONFIG_FILS */
if (hapd->driver == NULL || hapd->driver->sta_auth == NULL) if (hapd->driver == NULL || hapd->driver->sta_auth == NULL)
return 0; return 0;
os_memset(&params, 0, sizeof(params)); os_memset(&params, 0, sizeof(params));
#ifdef CONFIG_FILS
sta = ap_get_sta(hapd, addr);
if (!sta) {
wpa_printf(MSG_DEBUG, "Station " MACSTR
" not found for sta_auth processing",
MAC2STR(addr));
return 0;
}
if (sta->auth_alg == WLAN_AUTH_FILS_SK ||
sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
sta->auth_alg == WLAN_AUTH_FILS_PK) {
params.fils_auth = 1;
wpa_auth_get_fils_aead_params(sta->wpa_sm, params.fils_anonce,
params.fils_snonce,
params.fils_kek,
&params.fils_kek_len);
}
#endif /* CONFIG_FILS */
params.own_addr = hapd->own_addr; params.own_addr = hapd->own_addr;
params.addr = addr; params.addr = addr;
params.seq = seq; params.seq = seq;

View file

@ -4284,4 +4284,15 @@ int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len)
} }
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
u8 *fils_anonce, u8 *fils_snonce,
u8 *fils_kek, size_t *fils_kek_len)
{
os_memcpy(fils_anonce, sm->ANonce, WPA_NONCE_LEN);
os_memcpy(fils_snonce, sm->SNonce, WPA_NONCE_LEN);
os_memcpy(fils_kek, sm->PTK.kek, WPA_KEK_MAX_LEN);
*fils_kek_len = sm->PTK.kek_len;
}
#endif /* CONFIG_FILS */ #endif /* CONFIG_FILS */

View file

@ -376,5 +376,8 @@ int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf,
int fils_set_tk(struct wpa_state_machine *sm); int fils_set_tk(struct wpa_state_machine *sm);
int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len); int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len);
void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
u8 *fils_anonce, u8 *fils_snonce,
u8 *fils_kek, size_t *fils_kek_len);
#endif /* WPA_AUTH_H */ #endif /* WPA_AUTH_H */