Use "cipher out of policy" value instead of invalid group cipher (which
is for the group data frame cipher) and management frame policy
violation (which is used for MFPC/MFPR mismatch).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit introduces a QCA vendor command that provides the current
information of WLAN hardware MAC and its associated WLAN netdev
interfaces.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
PMF is supposed to be enabled automatically in sigma_dut, so remove
the explicit argument to do so from the commands.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This extends hostapd with previoiusly implemented wpa_supplicant
functionality to retry DPP Authentication Request/Response and to
iterate over possible negotiation channels.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Not all code paths for management frame RX reporting delivered the
correct frequency for offchannel RX cases. This is needed mainly for
Public Action frame processing in some special cases where AP is
operating, but an exchange is done on a non-operational channel. For
example, DPP Initiator role may need to do this.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
All SAE and OWE associations are expected to require PMF to be
negotiated, so enable or require PMF in AP and STA configurations
accordingly to match the new sigma_dut behavior.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
GnuTLS-based builds can now be done using either libnettle or libgcrypt
for crypto functionality:
CONFIG_TLS=gnutls
CONFIG_CRYPTO=nettle
CONFIG_TLS=gnutls
CONFIG_CRYPTO=gnutls
Signed-off-by: Jouni Malinen <j@w1.fi>
GnuTLS seems to require the intermediate CA certificate to be included
both in the ca_cert and client_cert file for the cases of server and
client certificates using different intermediate CA certificates. Use
the user_and_ica.pem file with GnuTLS builds and reorder the
certificates in that file to make this work with GnuTLS.
Signed-off-by: Jouni Malinen <j@w1.fi>
Check for unexpected connection to avoid timeout on TLS alert event if
the implementation does not check DH key size at all.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows OpenSSL-style configuration of Suite B parameters to be used
in the wpa_supplicant network profile. 128-bit and 192-bit level
requirements for ECDHE-ECDSA cases are supported. RSA >=3K case is
enforced using GnuTLS %PROFILE_HIGH special priority string keyword.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends GnuTLS support for tls_disable_v1_{0,1,2}=1 flags in the
phase1 network profile parameter in wpa_supplicant.
Signed-off-by: Jouni Malinen <j@w1.fi>
Indicate more clearly when the parsing succeeds to avoid ending the
debug prints with various internal GnuTLS internal error messages even
when the parsing actually succeeded in the end.
Signed-off-by: Jouni Malinen <j@w1.fi>
Need to ignore missing RX-ANQP event for the FILS Realm Info if
wpa_supplicant build does not include FILS support.
Signed-off-by: Jouni Malinen <j@w1.fi>
Replace the internal HMAC MD5, SHA-1, and SHA256 implementations with
the ones from libgcrypt and also add the SHA384 and SHA512 versions.
Signed-off-by: Jouni Malinen <j@w1.fi>
Replace the internal SHA256 implementation with the one from libgcrypt
and also add the SHA384 and SHA512 versions.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use a shared helper function instead of implementing practically same
sequence separately for each hash function.
Signed-off-by: Jouni Malinen <j@w1.fi>
If a specific DH group for OWE is not set with the owe_group parameter,
try all supported DH groups (currently 19, 20, 21) one by one if the AP
keeps rejecting groups with the status code 77.
Signed-off-by: Jouni Malinen <j@w1.fi>
The test against use of TKIP was done only in MFP-required
(ieee80211w=2) configuration. Fix this to check the pairwise cipher for
MFP-enabled (ieee80211w=1) case as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new hostapd.conf parameter sae_require_pmf=<0/1> can now be used to
enforce negotiation of MFP for all associations that negotiate use of
SAE. This is used in cases where SAE-capable devices are known to be
MFP-capable and the BSS is configured with optional MFP (ieee80211w=1)
for legacy support. The non-SAE stations can connect without MFP while
SAE stations are required to negotiate MFP if sae_require_mfp=1.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit b488a12948 ('Clear PMK length and
check for this when deriving PTK') started rejecting PTK derivation
based on PMK length. This reduced coverage from the eapol-fuzzer, so set
the default length when initializing the state machine in the fuzzer to
reach the previously used code paths.
Signed-off-by: Jouni Malinen <j@w1.fi>
Set Sc to 2^16-1 when moving to Accepted state per IEEE Std 802.11-2016,
12.4.8.6.5 (Protocol instance behavior - Confirmed state). This allows
the peer in Accepted state to silently ignore unnecessary
retransmissions of the Confirm message.
Signed-off-by: Jouni Malinen <j@w1.fi>
This implements the behavior described in IEEE Std 802.11-2016,
12.4.8.6.6 (Protocol instance behavior - Accepted state) to silently
discard received Confirm message in the Accepted state if the new
message does not use an incremented send-confirm value or if the special
2^16-1 value is used. This avoids unnecessary processing of
retransmitted Confirm messages.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new hostapd.conf parameter sae_sync (default: 5) can now be used to
configure the dot11RSNASAESync value to specify the maximum number of
synchronization errors that are allowed to happen prior to
disassociation of the offending SAE peer.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for test/allocation failure for longer than the wait_fail_trigger()
default two seconds to allow DPP (in particular, PKEX) retransmission to
occur. This removes some issues where the previous wait was more or less
exactly the same duration as the retransmission interval and the first
Listen operation not always starting quickly enough to receive the first
frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
When executing ./start.sh with OpenSSL 1.1.0f, an OCSP operation fails.
Put "-sha256" ahead of "-serial" to fix this.
~# openssl version
OpenSSL 1.1.0f 25 May 2017
~# openssl ocsp -reqout /lkp/benchmarks/hwsim/tests/hwsim/logs/current/ocsp-req.der -issuer /lkp/benchmarks/hwsim/tests/hwsim/auth_serv/ca.pem -serial 0xD8D3E3A6CBE3CD12 -no_nonce -sha256
ocsp: Digest must be before -cert or -serial
ocsp: Use -help for summary.
~# openssl ocsp -reqout /lkp/benchmarks/hwsim/tests/hwsim/logs/current/ocsp-req.der -issuer /lkp/benchmarks/hwsim/tests/hwsim/auth_serv/ca.pem -sha256 -serial 0xD8D3E3A6CBE3CD12 -no_nonce
Signed-off-by: leishaoting <leist.fnst@cn.fujitsu.com>
Instead of requiring OpenSSL headers to be available just for the
SSL3_RANDOM_SIZE definition, replace that macro with a fixed length (32)
to simplify dependencies.
Signed-off-by: Jouni Malinen <j@w1.fi>
The patch offers alternate implementations of some functions using the
abstract cryptographic API.
This work was done in preparation for the changes to allow hostap to be
compiled with the wolfSSL cryptography and TLS library.
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
This implements crypto_dh_init() and crypto_dh_derive_secret() using
os_get_random() and crypto_mod_exp() for all crypto_*.c wrappers that
include crypto_mod_exp() implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>