From 9c1fbff074046362360e5206006da9c74f340835 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Tue, 13 Oct 2020 19:59:29 +0300
Subject: [PATCH] DPP2: Generate a privacy protection key for Configurator

Generate a new key for Configurator. This is either generated
automatically for the specified curve or provided from external source
with the new ppkey=<val> argument similarly to the way c-sign-key was
previously generated.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 src/common/dpp.c | 30 ++++++++++++++++++++++++------
 src/common/dpp.h |  1 +
 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/src/common/dpp.c b/src/common/dpp.c
index d83c1a2d0..b3bbbf855 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -3355,6 +3355,7 @@ void dpp_configurator_free(struct dpp_configurator *conf)
 	os_free(conf->kid);
 	os_free(conf->connector);
 	EVP_PKEY_free(conf->connector_key);
+	EVP_PKEY_free(conf->pp_key);
 	os_free(conf);
 }
 
@@ -3415,7 +3416,7 @@ static int dpp_configurator_gen_kid(struct dpp_configurator *conf)
 
 static struct dpp_configurator *
 dpp_keygen_configurator(const char *curve, const u8 *privkey,
-			size_t privkey_len)
+			size_t privkey_len, const u8 *pp_key, size_t pp_key_len)
 {
 	struct dpp_configurator *conf;
 
@@ -3435,7 +3436,12 @@ dpp_keygen_configurator(const char *curve, const u8 *privkey,
 					      privkey_len);
 	else
 		conf->csign = dpp_gen_keypair(conf->curve);
-	if (!conf->csign)
+	if (pp_key)
+		conf->pp_key = dpp_set_keypair(&conf->curve, pp_key,
+					       pp_key_len);
+	else
+		conf->pp_key = dpp_gen_keypair(conf->curve);
+	if (!conf->csign || !conf->pp_key)
 		goto fail;
 	conf->own = 1;
 
@@ -4122,14 +4128,15 @@ static unsigned int dpp_next_configurator_id(struct dpp_global *dpp)
 int dpp_configurator_add(struct dpp_global *dpp, const char *cmd)
 {
 	char *curve = NULL;
-	char *key = NULL;
-	u8 *privkey = NULL;
-	size_t privkey_len = 0;
+	char *key = NULL, *ppkey = NULL;
+	u8 *privkey = NULL, *pp_key = NULL;
+	size_t privkey_len = 0, pp_key_len = 0;
 	int ret = -1;
 	struct dpp_configurator *conf = NULL;
 
 	curve = get_param(cmd, " curve=");
 	key = get_param(cmd, " key=");
+	ppkey = get_param(cmd, " ppkey=");
 
 	if (key) {
 		privkey_len = os_strlen(key) / 2;
@@ -4139,7 +4146,16 @@ int dpp_configurator_add(struct dpp_global *dpp, const char *cmd)
 			goto fail;
 	}
 
-	conf = dpp_keygen_configurator(curve, privkey, privkey_len);
+	if (ppkey) {
+		pp_key_len = os_strlen(key) / 2;
+		pp_key = os_malloc(pp_key_len);
+		if (!pp_key ||
+		    hexstr2bin(ppkey, pp_key, pp_key_len) < 0)
+			goto fail;
+	}
+
+	conf = dpp_keygen_configurator(curve, privkey, privkey_len,
+				       pp_key, pp_key_len);
 	if (!conf)
 		goto fail;
 
@@ -4150,7 +4166,9 @@ int dpp_configurator_add(struct dpp_global *dpp, const char *cmd)
 fail:
 	os_free(curve);
 	str_clear_free(key);
+	str_clear_free(ppkey);
 	bin_clear_free(privkey, privkey_len);
+	bin_clear_free(pp_key, pp_key_len);
 	dpp_configurator_free(conf);
 	return ret;
 }
diff --git a/src/common/dpp.h b/src/common/dpp.h
index 7a0443471..f6216522d 100644
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -364,6 +364,7 @@ struct dpp_configurator {
 	const struct dpp_curve_params *curve;
 	char *connector; /* own Connector for reconfiguration */
 	EVP_PKEY *connector_key;
+	EVP_PKEY *pp_key;
 };
 
 struct dpp_introduction {