Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

DPP: Add SAE credential support to Configurator

The new conf={sta,ap}-{sae,psk-sae} parameter values can now be used to
specify that the legacy configuration object is for SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 7 years ago
parent
5dd745b738
commit
e3a5882b3e
4 changed files with 43 additions and 15 deletions
Unified View Show Diff Stats
  1. 20 6
      src/ap/dpp_hostapd.c
  2. 2 2
      src/common/dpp.c
  3. 1 1
      src/common/dpp.h
  4. 20 6
      wpa_supplicant/dpp_supplicant.c

+ 20 - 6
src/ap/dpp_hostapd.c
View File 

@@ -377,8 +377,15 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 
 			goto fail;
 
 			goto fail;
 
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 
 		conf_sta->ssid_len = ssid_len;
 
 		conf_sta->ssid_len = ssid_len;
 
-		if (os_strstr(cmd, " conf=sta-psk")) {
 
-			conf_sta->dpp = 0;
 
+		if (os_strstr(cmd, " conf=sta-psk") ||
 
+		    os_strstr(cmd, " conf=sta-sae") ||
 
+		    os_strstr(cmd, " conf=sta-psk-sae")) {
 
+			if (os_strstr(cmd, " conf=sta-psk-sae"))
 
+				conf_sta->akm = DPP_AKM_PSK_SAE;
 
+			else if (os_strstr(cmd, " conf=sta-sae"))
 
+				conf_sta->akm = DPP_AKM_SAE;
 
+			else
 
+				conf_sta->akm = DPP_AKM_PSK;
 
 			if (psk_set) {
 
 			if (psk_set) {
 
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 
 			} else {
 
 			} else {
 
@@ -387,7 +394,7 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 
 					goto fail;
 
 					goto fail;
 
 			}
 
 			}
 
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
 
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
 
-			conf_sta->dpp = 1;
 
+			conf_sta->akm = DPP_AKM_DPP;
 
 		} else {
 
 		} else {
 
 			goto fail;
 
 			goto fail;
 
 		}
 
 		}
 
@@ -399,8 +406,15 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 
 			goto fail;
 
 			goto fail;
 
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 
 		conf_ap->ssid_len = ssid_len;
 
 		conf_ap->ssid_len = ssid_len;
 
-		if (os_strstr(cmd, " conf=ap-psk")) {
 
-			conf_ap->dpp = 0;
 
+		if (os_strstr(cmd, " conf=ap-psk") ||
 
+		    os_strstr(cmd, " conf=ap-sae") ||
 
+		    os_strstr(cmd, " conf=ap-psk-sae")) {
 
+			if (os_strstr(cmd, " conf=ap-psk-sae"))
 
+				conf_ap->akm = DPP_AKM_PSK_SAE;
 
+			else if (os_strstr(cmd, " conf=ap-sae"))
 
+				conf_ap->akm = DPP_AKM_SAE;
 
+			else
 
+				conf_ap->akm = DPP_AKM_PSK;
 
 			if (psk_set) {
 
 			if (psk_set) {
 
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 
 			} else {
 
 			} else {
 
@@ -409,7 +423,7 @@ static void hostapd_dpp_set_configurator(struct hostapd_data *hapd,
 
 					goto fail;
 
 					goto fail;
 
 			}
 
 			}
 
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
 
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
 
-			conf_ap->dpp = 1;
 
+			conf_ap->akm = DPP_AKM_DPP;
 
 		} else {
 
 		} else {
 
 			goto fail;
 
 			goto fail;
 
 		}
 
 		}

+ 2 - 2
src/common/dpp.c
View File 

@@ -4112,7 +4112,7 @@ dpp_build_conf_obj_legacy(struct dpp_authentication *auth, int ap,
 
 	if (!buf)
 
 	if (!buf)
 
 		return NULL;
 
 		return NULL;
 
 
 
-	wpabuf_put_str(buf, "\"cred\":{\"akm\":\"psk\",");
 
+	wpabuf_printf(buf, "\"cred\":{\"akm\":\"%s\",", dpp_akm_str(conf->akm));
 
 	if (conf->passphrase) {
 
 	if (conf->passphrase) {
 
 		char pass[63 * 6 + 1];
 
 		char pass[63 * 6 + 1];
 
 
 
@@ -4165,7 +4165,7 @@ dpp_build_conf_obj(struct dpp_authentication *auth, int ap)
 
 		return NULL;
 
 		return NULL;
 
 	}
 
 	}
 
 
 
-	if (conf->dpp)
 
+	if (conf->akm == DPP_AKM_DPP)
 
 		return dpp_build_conf_obj_dpp(auth, ap, conf);
 
 		return dpp_build_conf_obj_dpp(auth, ap, conf);
 
 	return dpp_build_conf_obj_legacy(auth, ap, conf);
 
 	return dpp_build_conf_obj_legacy(auth, ap, conf);
 
 }
 
 }

+ 1 - 1
src/common/dpp.h
View File 

@@ -147,7 +147,7 @@ enum dpp_akm {
 
 struct dpp_configuration {
 
 struct dpp_configuration {
 
 	u8 ssid[32];
 
 	u8 ssid[32];
 
 	size_t ssid_len;
 
 	size_t ssid_len;
 
-	int dpp; /* whether to use DPP or legacy configuration */
 
+	enum dpp_akm akm;
 
 
 
 	/* For DPP configuration (connector) */
 
 	/* For DPP configuration (connector) */
 
 	os_time_t netaccesskey_expiry;
 
 	os_time_t netaccesskey_expiry;

+ 20 - 6
wpa_supplicant/dpp_supplicant.c
View File 

@@ -536,8 +536,15 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 
 			goto fail;
 
 			goto fail;
 
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 
 		os_memcpy(conf_sta->ssid, ssid, ssid_len);
 
 		conf_sta->ssid_len = ssid_len;
 
 		conf_sta->ssid_len = ssid_len;
 
-		if (os_strstr(cmd, " conf=sta-psk")) {
 
-			conf_sta->dpp = 0;
 
+		if (os_strstr(cmd, " conf=sta-psk") ||
 
+		    os_strstr(cmd, " conf=sta-sae") ||
 
+		    os_strstr(cmd, " conf=sta-psk-sae")) {
 
+			if (os_strstr(cmd, " conf=sta-psk-sae"))
 
+				conf_sta->akm = DPP_AKM_PSK_SAE;
 
+			else if (os_strstr(cmd, " conf=sta-sae"))
 
+				conf_sta->akm = DPP_AKM_SAE;
 
+			else
 
+				conf_sta->akm = DPP_AKM_PSK;
 
 			if (psk_set) {
 
 			if (psk_set) {
 
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 
 				os_memcpy(conf_sta->psk, psk, PMK_LEN);
 
 			} else {
 
 			} else {
 
@@ -546,7 +553,7 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 
 					goto fail;
 
 					goto fail;
 
 			}
 
 			}
 
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
 
 		} else if (os_strstr(cmd, " conf=sta-dpp")) {
 
-			conf_sta->dpp = 1;
 
+			conf_sta->akm = DPP_AKM_DPP;
 
 		} else {
 
 		} else {
 
 			goto fail;
 
 			goto fail;
 
 		}
 
 		}
 
@@ -558,8 +565,15 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 
 			goto fail;
 
 			goto fail;
 
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 
 		os_memcpy(conf_ap->ssid, ssid, ssid_len);
 
 		conf_ap->ssid_len = ssid_len;
 
 		conf_ap->ssid_len = ssid_len;
 
-		if (os_strstr(cmd, " conf=ap-psk")) {
 
-			conf_ap->dpp = 0;
 
+		if (os_strstr(cmd, " conf=ap-psk") ||
 
+		    os_strstr(cmd, " conf=ap-sae") ||
 
+		    os_strstr(cmd, " conf=ap-psk-sae")) {
 
+			if (os_strstr(cmd, " conf=ap-psk-sae"))
 
+				conf_ap->akm = DPP_AKM_PSK_SAE;
 
+			else if (os_strstr(cmd, " conf=ap-sae"))
 
+				conf_ap->akm = DPP_AKM_SAE;
 
+			else
 
+				conf_ap->akm = DPP_AKM_PSK;
 
 			if (psk_set) {
 
 			if (psk_set) {
 
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 
 				os_memcpy(conf_ap->psk, psk, PMK_LEN);
 
 			} else {
 
 			} else {
 
@@ -568,7 +582,7 @@ static void wpas_dpp_set_configurator(struct wpa_supplicant *wpa_s,
 
 					goto fail;
 
 					goto fail;
 
 			}
 
 			}
 
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
 
 		} else if (os_strstr(cmd, " conf=ap-dpp")) {
 
-			conf_ap->dpp = 1;
 
+			conf_ap->akm = DPP_AKM_DPP;
 
 		} else {
 
 		} else {
 
 			goto fail;
 
 			goto fail;
 
 		}
 
 		}