From f46c154c59e7398006ed278ffb49f31347fdad3c Mon Sep 17 00:00:00 2001 From: Jeffin Mammen Date: Fri, 21 Apr 2017 19:39:55 +0300 Subject: [PATCH] atheros: Add FILS AAD parameters in sta_auth() handler This is needed to allow the driver SME to perform the needed AES-SIV operations during FILS association. Signed-off-by: Jouni Malinen --- src/drivers/driver.h | 26 ++++++++++++++++++++++++++ src/drivers/driver_atheros.c | 29 +++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 3a3a3dff1..6098329c5 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -21,6 +21,7 @@ #include "common/defs.h" #include "common/ieee802_11_defs.h" +#include "common/wpa_common.h" #ifdef CONFIG_MACSEC #include "pae/ieee802_1x_kay.h" #endif /* CONFIG_MACSEC */ @@ -719,6 +720,31 @@ struct wpa_driver_sta_auth_params { * len - ie buffer length */ size_t len; + + /** + * fils_auth - Indicates whether FILS authentication is being performed + */ + int fils_auth; + + /** + * fils_anonce - ANonce (required for FILS) + */ + u8 fils_anonce[WPA_NONCE_LEN]; + + /** + * fils_snonce - SNonce (required for FILS) + */ + u8 fils_snonce[WPA_NONCE_LEN]; + + /** + * fils_kek - key for encryption (required for FILS) + */ + u8 fils_kek[WPA_KEK_MAX_LEN]; + + /** + * fils_kek_len - Length of the fils_kek in octets (required for FILS) + */ + size_t fils_kek_len; }; /** diff --git a/src/drivers/driver_atheros.c b/src/drivers/driver_atheros.c index c64183ccc..ca8d2276d 100644 --- a/src/drivers/driver_atheros.c +++ b/src/drivers/driver_atheros.c @@ -36,6 +36,10 @@ #include "ieee80211_external.h" +/* Avoid conflicting definition from the driver header files with + * common/wpa_common.h */ +#undef WPA_OUI_TYPE + #ifdef CONFIG_WPS #include @@ -1065,7 +1069,32 @@ atheros_sta_auth(void *priv, struct wpa_driver_sta_auth_params *params) wpa_printf(MSG_DEBUG, "%s: addr=%s status_code=%d", __func__, ether_sprintf(params->addr), params->status); +#ifdef CONFIG_FILS + /* Copy FILS AAD parameters if the driver supports FILS */ + if (params->fils_auth && drv->fils_en) { + wpa_printf(MSG_DEBUG, "%s: im_op IEEE80211_MLME_AUTH_FILS", + __func__); + os_memcpy(mlme.fils_aad.ANonce, params->fils_anonce, + IEEE80211_FILS_NONCE_LEN); + os_memcpy(mlme.fils_aad.SNonce, params->fils_snonce, + IEEE80211_FILS_NONCE_LEN); + os_memcpy(mlme.fils_aad.kek, params->fils_kek, + IEEE80211_MAX_WPA_KEK_LEN); + mlme.fils_aad.kek_len = params->fils_kek_len; + mlme.im_op = IEEE80211_MLME_AUTH_FILS; + wpa_hexdump(MSG_DEBUG, "FILS: ANonce", + mlme.fils_aad.ANonce, FILS_NONCE_LEN); + wpa_hexdump(MSG_DEBUG, "FILS: SNonce", + mlme.fils_aad.SNonce, FILS_NONCE_LEN); + wpa_hexdump_key(MSG_DEBUG, "FILS: KEK", + mlme.fils_aad.kek, mlme.fils_aad.kek_len); + } else { + mlme.im_op = IEEE80211_MLME_AUTH; + } +#else /* CONFIG_FILS */ mlme.im_op = IEEE80211_MLME_AUTH; +#endif /* CONFIG_FILS */ + mlme.im_reason = params->status; mlme.im_seq = params->seq; os_memcpy(mlme.im_macaddr, params->addr, IEEE80211_ADDR_LEN);