[08/21] dpp-util: allow mutual auth in dpp_derive_ke

Message ID	20231012200150.338401-9-prestwoj@gmail.com (mailing list archive)
State	New
Headers	show Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE4413C6B0 for <iwd@lists.linux.dev>; Thu, 12 Oct 2023 20:02:04 +0000 (UTC) From: James Prestwood <prestwoj@gmail.com> To: iwd@lists.linux.dev Cc: James Prestwood <prestwoj@gmail.com> Subject: [PATCH 08/21] dpp-util: allow mutual auth in dpp_derive_ke Date: Thu, 12 Oct 2023 13:01:37 -0700 Message-Id: <20231012200150.338401-9-prestwoj@gmail.com> In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	DPP PKEX Changes \| expand [00/21] DPP PKEX Changes [01/21] crypto: remove label from prf_plus, instead use va_args [02/21] dpp-util: fix typo "COMMIT_REVEAP_RESPONSE" [03/21] dpp: rename auth_addr to peer_addr [04/21] dpp: rename dpp_presence_timeout to be generic [05/21] dpp: move/store max_roc setting into dpp_create [06/21] dpp: fix retransmits if on operating channel [07/21] dpp-util: allow for mutual authentication in i/r_auth [08/21] dpp-util: allow mutual auth in dpp_derive_ke [09/21] unit: update test-dpp with API changes [10/21] offchannel: add support to issue multiple offchannel requests [11/21] doc: PKEX support for DPP [12/21] dpp-util: add crypto for PKEX [13/21] dpp-util: add __DPP_STATUS_MAX [14/21] dpp: support mutual authentication [15/21] dpp: allow enrollee to be authentication initiator [16/21] dbus: add SharedCodeDeviceProvisioning interface definition [17/21] dpp: initial version of PKEX enrollee support [18/21] dpp: initial version of PKEX configurator support [19/21] auto-t: add utils for wpa_supplicant PKEX [20/21] auto-t: add APIs for PKEX [21/21] auto-t: add DPP PKEX tests

Message ID

20231012200150.338401-9-prestwoj@gmail.com (mailing list archive)

State

New

Headers

From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 08/21] dpp-util: allow mutual auth in dpp_derive_ke
Date: Thu, 12 Oct 2023 13:01:37 -0700
Message-Id: <20231012200150.338401-9-prestwoj@gmail.com>
In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com>
References: <20231012200150.338401-1-prestwoj@gmail.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

DPP PKEX Changes | expand

Commit Message

James Prestwood Oct. 12, 2023, 8:01 p.m. UTC

The Ke derivation requires an additional "L.x" value when
mutual authentication is used.
---
 src/dpp-util.c | 10 +++++++---
 src/dpp-util.h |  2 +-
 src/dpp.c      |  4 ++--
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/dpp-util.c b/src/dpp-util.c
index d3171d02..0406a4dc 100644
--- a/src/dpp-util.c
+++ b/src/dpp-util.c
@@ -681,12 +681,13 @@  free_n:
 
 bool dpp_derive_ke(const uint8_t *i_nonce, const uint8_t *r_nonce,
 				struct l_ecc_scalar *m, struct l_ecc_scalar *n,
-				void *ke)
+				struct l_ecc_point *l, void *ke)
 {
 	uint8_t nonces[32 + 32];
 	size_t nonce_len;
 	uint64_t mx_bytes[L_ECC_MAX_DIGITS];
 	uint64_t nx_bytes[L_ECC_MAX_DIGITS];
+	uint64_t lx_bytes[L_ECC_MAX_DIGITS];
 	uint64_t bk[L_ECC_MAX_DIGITS];
 	ssize_t key_len;
 	enum l_checksum_type sha;
@@ -697,12 +698,15 @@  bool dpp_derive_ke(const uint8_t *i_nonce, const uint8_t *r_nonce,
 	nonce_len = dpp_nonce_len_from_key_len(key_len);
 	sha = dpp_sha_from_key_len(key_len);
 
+	if (l)
+		l_ecc_point_get_x(l, lx_bytes, key_len * 2);
+
 	memcpy(nonces, i_nonce, nonce_len);
 	memcpy(nonces + nonce_len, r_nonce, nonce_len);
 
 	/* bk = HKDF-Extract(I-nonce | R-nonce, M.x | N.x [ | L.x]) */
-	if (!hkdf_extract(sha, nonces, nonce_len * 2, 2, bk, mx_bytes,
-			key_len, nx_bytes, key_len))
+	if (!hkdf_extract(sha, nonces, nonce_len * 2, 3, bk, mx_bytes,
+			key_len, nx_bytes, key_len, lx_bytes, l ? key_len : 0))
 		return false;
 
 	/* ke = HKDF-Expand(bk, "DPP Key", length) */
diff --git a/src/dpp-util.h b/src/dpp-util.h
index 050d66cc..96711c35 100644
--- a/src/dpp-util.h
+++ b/src/dpp-util.h
@@ -176,7 +176,7 @@  struct l_ecc_scalar *dpp_derive_k2(const struct l_ecc_point *i_proto_public,
 				void *k2);
 bool dpp_derive_ke(const uint8_t *i_nonce, const uint8_t *r_nonce,
 				struct l_ecc_scalar *m, struct l_ecc_scalar *n,
-				void *ke);
+				struct l_ecc_point *l, void *ke);
 
 uint8_t *dpp_point_to_asn1(const struct l_ecc_point *p, size_t *len_out);
 struct l_ecc_point *dpp_point_from_asn1(const uint8_t *asn1, size_t len);
diff --git a/src/dpp.c b/src/dpp.c
index bbb27ff1..fc3d5c4f 100644
--- a/src/dpp.c
+++ b/src/dpp.c
@@ -1807,7 +1807,7 @@  static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from,
 
 	l_getrandom(dpp->r_nonce, dpp->nonce_len);
 
-	if (!dpp_derive_ke(dpp->i_nonce, dpp->r_nonce, m, n, dpp->ke))
+	if (!dpp_derive_ke(dpp->i_nonce, dpp->r_nonce, m, n, NULL, dpp->ke))
 		goto auth_request_failed;
 
 	if (!dpp_derive_r_auth(dpp->i_nonce, dpp->r_nonce, dpp->nonce_len,
@@ -1983,7 +1983,7 @@  static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from,
 		return;
 	}
 
-	if (!dpp_derive_ke(i_nonce, r_nonce, dpp->m, n, dpp->ke)) {
+	if (!dpp_derive_ke(i_nonce, r_nonce, dpp->m, n, NULL, dpp->ke)) {
 		l_debug("Failed to derive ke");
 		return;
 	}

[08/21] dpp-util: allow mutual auth in dpp_derive_ke

Commit Message

Patch