Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								d5f5fa86e4 
								
							 
						 
						
							
							
								
								SAE: Set pwd-value length based on prime length  
							
							... 
							
							
							
							The buffer is set based on maximum group prime length, but pwd-value
needs to be correct length for the negotiated group.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								a55f2eef71 
								
							 
						 
						
							
							
								
								SAE: Use EC group context to get the group prime  
							
							... 
							
							
							
							Do not use the hardcoded group19_prime buffer for this to allow group
negotiation.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								09200a1166 
								
							 
						 
						
							
							
								
								SAE: Use EC group context for peer-commit-scalar validation  
							
							... 
							
							
							
							Do not use the hardcoded group19_order/group19_prime buffers for this to
allow group negotiation.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								c5eb5b1999 
								
							 
						 
						
							
							
								
								SAE: Use EC group context for random number generation  
							
							... 
							
							
							
							Do not use the hardcoded group19_order/group19_prime buffers for this to
allow group negotiation.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								ce46ec8df0 
								
							 
						 
						
							
							
								
								SAE: Store the group order in EC context data  
							
							... 
							
							
							
							This makes the SAE implementation a bit simpler by not having to build
the bignum for group order during execution.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								4925b303db 
								
							 
						 
						
							
							
								
								SAE: Use defines for key lengths  
							
							... 
							
							
							
							Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								7babd2539c 
								
							 
						 
						
							
							
								
								SAE: Add a define for maximum supported prime length  
							
							... 
							
							
							
							This can be used to increase buffer sizes when adding support for new
groups.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								12e06dc228 
								
							 
						 
						
							
							
								
								SAE: Use sae->prime_len instead of hardcoded 32  
							
							... 
							
							
							
							This is needed to allow multiple groups to be supported.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								19a5bd0a25 
								
							 
						 
						
							
							
								
								SAE: Use the EC context from struct sae_data  
							
							... 
							
							
							
							Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								a46d72d7d7 
								
							 
						 
						
							
							
								
								SAE: Maintain EC group context in struct sae_data  
							
							... 
							
							
							
							This can be used to share same EC group context through the SAE
exchange.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								aadabe7045 
								
							 
						 
						
							
							
								
								SAE: Use crypto wrappers instead of direct OpenSSL calls  
							
							... 
							
							
							
							This makes the SAE implementation independent of the crypto/bignum
library.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								d136c376f2 
								
							 
						 
						
							
							
								
								SAE: Add support for Anti-Clogging mechanism  
							
							... 
							
							
							
							hostapd can now be configured to use anti-clogging mechanism based on
the new sae_anti_clogging_threshold parameter (which is
dot11RSNASAEAntiCloggingThreshold in the standard). The token is
generated using a temporary key and the peer station's MAC address.
wpa_supplicant will re-try SAE authentication with the token included if
commit message is rejected with a token request.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								4838ff3ef4 
								
							 
						 
						
							
							
								
								SAE: Do not allow re-use of peer-scalar in a new protocol instance  
							
							... 
							
							
							
							IEEE Std 802.11-2012, 11.3.8.6.1: If there is a protocol instance for
the peer and it is in Authenticated state, the new Commit Message
shall be dropped if the peer-scalar is identical to the one used in
the existing protocol instance.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								f2e9818f73 
								
							 
						 
						
							
							
								
								SAE: Add processing of the confirm message  
							
							... 
							
							
							
							This adds validation of the received confirm messages for SAE.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								fb8fcc2950 
								
							 
						 
						
							
							
								
								SAE: Add generation of the confirm message fields  
							
							... 
							
							
							
							Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								146f6c9a00 
								
							 
						 
						
							
							
								
								SAE: Add processing of the commit message  
							
							... 
							
							
							
							This adds validation of the received commit messages and key derivation
for SAE.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jouni Malinen 
								
							 
						 
						
							
							
							
							
								
							
							
								8e31e9550a 
								
							 
						 
						
							
							
								
								SAE: Add generation of the commit message fields  
							
							... 
							
							
							
							This adds derivation of PWE and the needed commit values so that the
full SAE commit message can be built.
Signed-hostap: Jouni Malinen <j@w1.fi> 
							
						 
						
							2013-01-12 17:51:52 +02:00