jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
4532 commits 3 branches 0 tags 31 MiB
Commit graph

16 commits

Author SHA1 Message Date
Jouni Malinen
a55f2eef71 SAE: Use EC group context to get the group prime 
Do not use the hardcoded group19_prime buffer for this to allow group
negotiation.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
09200a1166 SAE: Use EC group context for peer-commit-scalar validation 
Do not use the hardcoded group19_order/group19_prime buffers for this to
allow group negotiation.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
c5eb5b1999 SAE: Use EC group context for random number generation 
Do not use the hardcoded group19_order/group19_prime buffers for this to
allow group negotiation.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
ce46ec8df0 SAE: Store the group order in EC context data 
This makes the SAE implementation a bit simpler by not having to build
the bignum for group order during execution.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
4925b303db SAE: Use defines for key lengths 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
7babd2539c SAE: Add a define for maximum supported prime length 
This can be used to increase buffer sizes when adding support for new
groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
12e06dc228 SAE: Use sae->prime_len instead of hardcoded 32 
This is needed to allow multiple groups to be supported.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
19a5bd0a25 SAE: Use the EC context from struct sae_data 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:53 +02:00
Jouni Malinen
a46d72d7d7 SAE: Maintain EC group context in struct sae_data 
This can be used to share same EC group context through the SAE
exchange.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
aadabe7045 SAE: Use crypto wrappers instead of direct OpenSSL calls 
This makes the SAE implementation independent of the crypto/bignum
library.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
d136c376f2 SAE: Add support for Anti-Clogging mechanism 
hostapd can now be configured to use anti-clogging mechanism based on
the new sae_anti_clogging_threshold parameter (which is
dot11RSNASAEAntiCloggingThreshold in the standard). The token is
generated using a temporary key and the peer station's MAC address.
wpa_supplicant will re-try SAE authentication with the token included if
commit message is rejected with a token request.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
4838ff3ef4 SAE: Do not allow re-use of peer-scalar in a new protocol instance 
IEEE Std 802.11-2012, 11.3.8.6.1: If there is a protocol instance for
the peer and it is in Authenticated state, the new Commit Message
shall be dropped if the peer-scalar is identical to the one used in
the existing protocol instance.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
f2e9818f73 SAE: Add processing of the confirm message 
This adds validation of the received confirm messages for SAE.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
fb8fcc2950 SAE: Add generation of the confirm message fields 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
146f6c9a00 SAE: Add processing of the commit message 
This adds validation of the received commit messages and key derivation
for SAE.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00
Jouni Malinen
8e31e9550a SAE: Add generation of the commit message fields 
This adds derivation of PWE and the needed commit values so that the
full SAE commit message can be built.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2013-01-12 17:51:52 +02:00