Browse Source

DPP: Add SAE credential support to Configurator

The new conf={sta,ap}-{sae,psk-sae} parameter values can now be used to
specify that the legacy configuration object is for SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 7 years ago
parent
commit
e3a5882b3e
4 changed files with 43 additions and 15 deletions
  1. 20 6
      src/ap/dpp_hostapd.c
  2. 2 2
      src/common/dpp.c
  3. 1 1
      src/common/dpp.h
  4. 20 6
      wpa_supplicant/dpp_supplicant.c

+ 20 - 6
src/ap/dpp_hostapd.c

@@ -377,8 +377,15 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 			goto fail;
 			goto fail;
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 		conf_sta->ssid_len = ssid_len;
 		conf_sta->ssid_len = ssid_len;
-		if (os_strstr(cmd, " conf=sta-psk")) {
-			conf_sta->dpp = 0;
+		if (os_strstr(cmd, " conf=sta-psk") ||
+		    os_strstr(cmd, " conf=sta-sae") ||
+		    os_strstr(cmd, " conf=sta-psk-sae")) {
+			if (os_strstr(cmd, " conf=sta-psk-sae"))
+				conf_sta->akm = DPP_AKM_PSK_SAE;
+			else if (os_strstr(cmd, " conf=sta-sae"))
+				conf_sta->akm = DPP_AKM_SAE;
+			else
+				conf_sta->akm = DPP_AKM_PSK;
 			if (psk_set) {
 			if (psk_set) {
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 			} else {
 			} else {
@@ -387,7 +394,7 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 					goto fail;
 					goto fail;
 			}
 			}
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
-			conf_sta->dpp = 1;
+			conf_sta->akm = DPP_AKM_DPP;
 		} else {
 		} else {
 			goto fail;
 			goto fail;
 		}
 		}
@@ -399,8 +406,15 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 			goto fail;
 			goto fail;
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 		conf_ap->ssid_len = ssid_len;
 		conf_ap->ssid_len = ssid_len;
-		if (os_strstr(cmd, " conf=ap-psk")) {
-			conf_ap->dpp = 0;
+		if (os_strstr(cmd, " conf=ap-psk") ||
+		    os_strstr(cmd, " conf=ap-sae") ||
+		    os_strstr(cmd, " conf=ap-psk-sae")) {
+			if (os_strstr(cmd, " conf=ap-psk-sae"))
+				conf_ap->akm = DPP_AKM_PSK_SAE;
+			else if (os_strstr(cmd, " conf=ap-sae"))
+				conf_ap->akm = DPP_AKM_SAE;
+			else
+				conf_ap->akm = DPP_AKM_PSK;
 			if (psk_set) {
 			if (psk_set) {
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 			} else {
 			} else {
@@ -409,7 +423,7 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 					goto fail;
 					goto fail;
 			}
 			}
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
-			conf_ap->dpp = 1;
+			conf_ap->akm = DPP_AKM_DPP;
 		} else {
 		} else {
 			goto fail;
 			goto fail;
 		}
 		}

+ 2 - 2
src/common/dpp.c

@@ -4112,7 +4112,7 @@ dpp_build_conf_obj_legacy(struct dpp_authentication *auth, int ap,
 	if (!buf)
 	if (!buf)
 		return NULL;
 		return NULL;
 
 
-	wpabuf_put_str(buf, "\"cred\":{\"akm\":\"psk\",");
+	wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", dpp_akm_str(conf->akm));
 	if (conf->passphrase) {
 	if (conf->passphrase) {
 		char pass[63 * 6 + 1];
 		char pass[63 * 6 + 1];
 
 
@@ -4165,7 +4165,7 @@ dpp_build_conf_obj(struct dpp_authentication *auth, int ap)
 		return NULL;
 		return NULL;
 	}
 	}
 
 
-	if (conf->dpp)
+	if (conf->akm == DPP_AKM_DPP)
 		return dpp_build_conf_obj_dpp(auth, ap, conf);
 		return dpp_build_conf_obj_dpp(auth, ap, conf);
 	return dpp_build_conf_obj_legacy(auth, ap, conf);
 	return dpp_build_conf_obj_legacy(auth, ap, conf);
 }
 }

+ 1 - 1
src/common/dpp.h

@@ -147,7 +147,7 @@ enum dpp_akm {
 struct dpp_configuration {
 struct dpp_configuration {
 	u8 ssid[32];
 	u8 ssid[32];
 	size_t ssid_len;
 	size_t ssid_len;
-	int dpp; /* whether to use DPP or legacy configuration */
+	enum dpp_akm akm;
 
 
 	/* For DPP configuration (connector) */
 	/* For DPP configuration (connector) */
 	os_time_t netaccesskey_expiry;
 	os_time_t netaccesskey_expiry;

+ 20 - 6
wpa_supplicant/dpp_supplicant.c

@@ -536,8 +536,15 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 			goto fail;
 			goto fail;
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 		conf_sta->ssid_len = ssid_len;
 		conf_sta->ssid_len = ssid_len;
-		if (os_strstr(cmd, " conf=sta-psk")) {
-			conf_sta->dpp = 0;
+		if (os_strstr(cmd, " conf=sta-psk") ||
+		    os_strstr(cmd, " conf=sta-sae") ||
+		    os_strstr(cmd, " conf=sta-psk-sae")) {
+			if (os_strstr(cmd, " conf=sta-psk-sae"))
+				conf_sta->akm = DPP_AKM_PSK_SAE;
+			else if (os_strstr(cmd, " conf=sta-sae"))
+				conf_sta->akm = DPP_AKM_SAE;
+			else
+				conf_sta->akm = DPP_AKM_PSK;
 			if (psk_set) {
 			if (psk_set) {
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 			} else {
 			} else {
@@ -546,7 +553,7 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 					goto fail;
 					goto fail;
 			}
 			}
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
-			conf_sta->dpp = 1;
+			conf_sta->akm = DPP_AKM_DPP;
 		} else {
 		} else {
 			goto fail;
 			goto fail;
 		}
 		}
@@ -558,8 +565,15 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 			goto fail;
 			goto fail;
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 		conf_ap->ssid_len = ssid_len;
 		conf_ap->ssid_len = ssid_len;
-		if (os_strstr(cmd, " conf=ap-psk")) {
-			conf_ap->dpp = 0;
+		if (os_strstr(cmd, " conf=ap-psk") ||
+		    os_strstr(cmd, " conf=ap-sae") ||
+		    os_strstr(cmd, " conf=ap-psk-sae")) {
+			if (os_strstr(cmd, " conf=ap-psk-sae"))
+				conf_ap->akm = DPP_AKM_PSK_SAE;
+			else if (os_strstr(cmd, " conf=ap-sae"))
+				conf_ap->akm = DPP_AKM_SAE;
+			else
+				conf_ap->akm = DPP_AKM_PSK;
 			if (psk_set) {
 			if (psk_set) {
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 			} else {
 			} else {
@@ -568,7 +582,7 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 					goto fail;
 					goto fail;
 			}
 			}
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
-			conf_ap->dpp = 1;
+			conf_ap->akm = DPP_AKM_DPP;
 		} else {
 		} else {
 			goto fail;
 			goto fail;
 		}
 		}