From patchwork Thu Oct 12 20:01:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419768 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD4993B7BD for ; Thu, 12 Oct 2023 20:02:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Jt1Ob0kw" Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1c9e06f058bso7847275ad.0 for ; Thu, 12 Oct 2023 13:02:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140919; x=1697745719; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YU51O4/SkwsOPlViTQ69Tqmhgy4EYgfzoU1I29u+30Y=; b=Jt1Ob0kwABGR55boqFwePueH5GJ++nLv+fyk9remrVABHJs9c2i3klJwHdC9oO+Mts a1trChkKiQk5pIOz4WUCIO60KHcD415yK6hi6O9c5TAXEOARulLImOyOTEOpAboi+lY/ 2APF/VwZCPWZe32ChkuZkxQxtENuPwV1xUY/uEpKYlIDBzGwrzrmV4qH5uZ/MFK/pY/U folaimXbini/l4XKGKXQ/LHjeANkJkOxwt5WkabxRsnzhYf8tYqfFOzPUNiA6KqUK8zY vPImQu5/NYBShhbFWRmiqg4NoBxpF/vlC33nMz27/kBnfY7b967HYHOM7OPkMadBqLV0 /R4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140919; x=1697745719; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YU51O4/SkwsOPlViTQ69Tqmhgy4EYgfzoU1I29u+30Y=; b=DWzB9jy0pAHodyWuioio0untGo06HNZMEork6dPLKL12X+/j3kcFU4eWBblHj0x1UY 9TtC4PY75UQx1nSjvrWU0/MCZZBwIWmpwpbWuvGRghB8mmR1RUnKs7YlotX9TDq6CEk0 Q7b3b99C30vL/w7FuVfBeeXtFANt0YWIRM2IhHPJ8gJJJu1FvuJcmeLAf+iUfY4kgxTP x0Ad5P9oZcI7NLFXGzXz/phv6eWsToKlXxYjpZ166b3GlyuZpQMrjW53vGgDmSMAMJx2 0OtvCffqRKqFy2Fy5DJQlO7HtIePUtn9V5uHEzd1f1my/7JspvOFn4/KKNtaBN1KKmn5 XaLA== X-Gm-Message-State: AOJu0YxcKckoma2n32wfeLZ1UeMKdv0xQ4kOxkuXxgoWDjM0+Tan5/eX xhChz0sMBuGzTuHP82gPOptKX0Lwi/Y= X-Google-Smtp-Source: AGHT+IG/dhI91+oIhfAv41COcHPxBFS6KFPFCa8ztzMCgELTmpy5zcjEAOj/A4QUnG8zOfHzjiqPkw== X-Received: by 2002:a17:903:2290:b0:1c6:2655:625d with SMTP id b16-20020a170903229000b001c62655625dmr31874812plh.15.1697140918816; Thu, 12 Oct 2023 13:01:58 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.01.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:01:58 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 01/21] crypto: remove label from prf_plus, instead use va_args Date: Thu, 12 Oct 2023 13:01:30 -0700 Message-Id: <20231012200150.338401-2-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The prf_plus API was a bit restrictive because it only took a string label which isn't compatible with some specs (e.g. DPP inputs to HKDF-Expand). In addition it took additional label aruments which were appended to the HMAC call (and the non-intuitive '\0' if there were extra arguments). Instead the label argument has been removed and callers can pass it in through va_args. This also lets the caller decided the length and can include the '\0' or not, dependent on the spec the caller is following. --- src/crypto.c | 24 +++++++++--------------- src/crypto.h | 2 +- src/erp.c | 19 +++++++++++-------- 3 files changed, 21 insertions(+), 24 deletions(-) diff --git a/src/crypto.c b/src/crypto.c index 710641ed..3128b2a5 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -624,10 +624,10 @@ bool prf_sha1(const void *key, size_t key_len, /* PRF+ from RFC 5295 Section 3.1.2 (also RFC 4306 Section 2.13) */ bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len, - const char *label, void *out, size_t out_len, + void *out, size_t out_len, size_t n_extra, ...) { - struct iovec iov[n_extra + 3]; + struct iovec iov[n_extra + 2]; uint8_t *t = out; size_t t_len = 0; uint8_t count = 1; @@ -637,24 +637,17 @@ bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len, ssize_t ret; size_t i; - iov[1].iov_base = (void *) label; - iov[1].iov_len = strlen(label); - - /* Include the '\0' from the label in S if extra arguments provided */ - if (n_extra) - iov[1].iov_len += 1; - va_start(va, n_extra); for (i = 0; i < n_extra; i++) { - iov[i + 2].iov_base = va_arg(va, void *); - iov[i + 2].iov_len = va_arg(va, size_t); + iov[i + 1].iov_base = va_arg(va, void *); + iov[i + 1].iov_len = va_arg(va, size_t); } va_end(va); - iov[n_extra + 2].iov_base = &count; - iov[n_extra + 2].iov_len = 1; + iov[n_extra + 1].iov_base = &count; + iov[n_extra + 1].iov_len = 1; hmac = l_checksum_new_hmac(type, key, key_len); if (!hmac) @@ -664,7 +657,7 @@ bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len, iov[0].iov_base = t; iov[0].iov_len = t_len; - if (!l_checksum_updatev(hmac, iov, n_extra + 3)) { + if (!l_checksum_updatev(hmac, iov, n_extra + 2)) { l_checksum_free(hmac); return false; } @@ -874,7 +867,8 @@ bool hkdf_extract(enum l_checksum_type type, const void *key, bool hkdf_expand(enum l_checksum_type type, const void *key, size_t key_len, const char *info, void *out, size_t out_len) { - return prf_plus(type, key, key_len, info, out, out_len, 0); + return prf_plus(type, key, key_len, out, out_len, 1, + info, strlen(info)); } /* diff --git a/src/crypto.h b/src/crypto.h index d2a96655..1f48a52b 100644 --- a/src/crypto.h +++ b/src/crypto.h @@ -122,7 +122,7 @@ bool prf_plus_sha1(const void *key, size_t key_len, const void *data, size_t data_len, void *output, size_t size); bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len, - const char *label, void *out, size_t out_len, + void *out, size_t out_len, size_t n_extra, ...); bool hkdf_extract(enum l_checksum_type type, const void *key, size_t key_len, diff --git a/src/erp.c b/src/erp.c index 5af18fda..2729cfc8 100644 --- a/src/erp.c +++ b/src/erp.c @@ -281,8 +281,9 @@ static bool erp_derive_emsk_name(const uint8_t *session_id, size_t session_len, uint16_t eight = L_CPU_TO_BE16(8); char *ascii; - if (!prf_plus(L_CHECKSUM_SHA256, session_id, session_len, "EMSK", - hex, 8, 1, &eight, sizeof(eight))) + if (!prf_plus(L_CHECKSUM_SHA256, session_id, session_len, + hex, 8, 2, "EMSK", strlen("EMSK") + 1, + &eight, sizeof(eight))) return false; ascii = l_util_hexstring(hex, 8); @@ -309,13 +310,15 @@ static bool erp_derive_reauth_keys(const uint8_t *emsk, size_t emsk_len, uint16_t len = L_CPU_TO_BE16(emsk_len); uint8_t cryptosuite = ERP_CRYPTOSUITE_SHA256_128; - if (!prf_plus(L_CHECKSUM_SHA256, emsk, emsk_len, ERP_RRK_LABEL, - r_rk, emsk_len, 1, + if (!prf_plus(L_CHECKSUM_SHA256, emsk, emsk_len, + r_rk, emsk_len, 2, ERP_RRK_LABEL, + strlen(ERP_RRK_LABEL) + 1, &len, sizeof(len))) return false; - if (!prf_plus(L_CHECKSUM_SHA256, r_rk, emsk_len, ERP_RIK_LABEL, - r_ik, emsk_len, 2, + if (!prf_plus(L_CHECKSUM_SHA256, r_rk, emsk_len, + r_ik, emsk_len, 3, ERP_RIK_LABEL, + strlen(ERP_RIK_LABEL) + 1, &cryptosuite, 1, &len, sizeof(len))) return false; @@ -496,8 +499,8 @@ int erp_rx_packet(struct erp_state *erp, const uint8_t *pkt, size_t len) length = L_CPU_TO_BE16(64); if (!prf_plus(L_CHECKSUM_SHA256, erp->r_rk, erp->cache->emsk_len, - ERP_RMSK_LABEL, - erp->rmsk, erp->cache->emsk_len, 2, + erp->rmsk, erp->cache->emsk_len, 3, + ERP_RMSK_LABEL, strlen(ERP_RMSK_LABEL) + 1, &seq, sizeof(seq), &length, sizeof(length))) goto eap_failed; From patchwork Thu Oct 12 20:01:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419762 Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7A1693C6A9 for ; Thu, 12 Oct 2023 20:02:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="FaJtQQOd" Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-69af8a42066so1103689b3a.1 for ; Thu, 12 Oct 2023 13:02:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140919; x=1697745719; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=cm9ori2QRIFOTp/oCZLnpkkk/QtPez7Wn8BEmLoJbFo=; b=FaJtQQOdnyiiyIzYpYyN/wmKsUgrWmyUr5r0li0/QB5NGGOfJpcPky9cvLzTPJvfLD 3QWIqMCmqJ99YL6aDt2LDn75pX7j9C2TWuUAE6sCUuw2bMvfxzS63+/eJ8GJtxa7fEgF jLkqDkyBH1FFO1RGV9RnqZn2R4h/NXSaSDYYCRIOOSQ5jxvRM+b+H8IFXhHP0aj+cSzK zwfUffbl4xq9u2R+PMusV5DKNdCmWqPVbQtUWZcp/DsvRffLYBKxRAWFaGvPr631kI53 f2yv8H2ZmGr0Rz0zXIBGx3LtT1efAnk2+B2N4+6wWGoOEpOuUvmSBbfFUBeNZiPgh4v4 EKRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140919; x=1697745719; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cm9ori2QRIFOTp/oCZLnpkkk/QtPez7Wn8BEmLoJbFo=; b=RIIVZ4VCdAU4/8aTSBzV6s0BTWao/i8v3EvIc+GR6Kp+kepVpkjNx/BNjOKK3tAYph F1RdTiUpRLD0CVOy7jf7vK2ytLN3uX/yEMzWBA+JCUG4GoiVa9t1QmC84Hpgc4kQnYZT nxRHzd5T2R7Kxw4gZjQxTwR0noEdF8us6flSgBaNqN4zY1dX4LY7z0+ewCytM6jWkUmO waXjZq2jpK0u9fmzIVjF4xBgs8qGX63Q0pN27g/zt4wfstFtbh1aCApwNTHBPfpXS4IM BIs84hYMGU7d6c7WsmlNQq3ggFU23veesLMReBalBqT/Eu52sfu+b7Q3ZBAZXqvbFkyN 5i8g== X-Gm-Message-State: AOJu0YxfMBxliuuz/3IaOeSr+VHZHYBagn7zzWDnHyBNrqmJJ4WEsiYC kZKh7NykpP6praSl4x1HOMfC9QsrgiM= X-Google-Smtp-Source: AGHT+IE2j/lwLCDpK6BD2ZzDdL1JN/cjWTYFXqJp/6k3FDyAflKeWXuiqsFO5oV6iLiF/H+p+1RX8A== X-Received: by 2002:a05:6a20:3d01:b0:14c:446c:b188 with SMTP id y1-20020a056a203d0100b0014c446cb188mr27444484pzi.37.1697140919514; Thu, 12 Oct 2023 13:01:59 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.01.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:01:59 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 02/21] dpp-util: fix typo "COMMIT_REVEAP_RESPONSE" Date: Thu, 12 Oct 2023 13:01:31 -0700 Message-Id: <20231012200150.338401-3-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- src/dpp-util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/dpp-util.h b/src/dpp-util.h index a3ddd452..94fe595a 100644 --- a/src/dpp-util.h +++ b/src/dpp-util.h @@ -43,7 +43,7 @@ enum dpp_frame_type { DPP_FRAME_PKEX_VERSION1_XCHG_REQUST = 7, DPP_FRAME_PKEX_XCHG_RESPONSE = 8, DPP_FRAME_PKEX_COMMIT_REVEAL_REQUEST = 9, - DPP_FRAME_PKEX_COMMIT_REVEAP_RESPONSE = 10, + DPP_FRAME_PKEX_COMMIT_REVEAL_RESPONSE = 10, DPP_FRAME_CONFIGURATION_RESULT = 11, DPP_FRAME_CONNECTION_STATUS_RESULT = 12, DPP_FRAME_PRESENCE_ANNOUNCEMENT = 13, From patchwork Thu Oct 12 20:01:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419763 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F74B3C6B1 for ; Thu, 12 Oct 2023 20:02:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="dIGsI4i7" Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-1c9b1e3a809so10772685ad.2 for ; Thu, 12 Oct 2023 13:02:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140920; x=1697745720; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bbBqznPx/bYtVaUA2xH/5i4n96YuxtVDKfRDEub83LI=; b=dIGsI4i7cPRSv3X7sbJlARfT2HmYyJ9mlTTeuPEEtGA7/AwRYs6uKaB4jxuBXEvf/1 j091Sftx94DO5m3WimIu5elRUObTyOBlaZbaUy3mqYpYG9E0R6Dfv/utjZwcp8nohAPt vrHaR2vb3Mhhb871p+fOZskE17PTnBbckMspc7mWSSXcw1Y3JbUZzAu49aUklb0A1v1l FfcLWkWL3QimbIigdzO+5mNotDVo/SFZovquCFAw8xUL32f0tqQ2m+imqHnIJ2ZlAMMh vS3yFHVdZ2VnLvaHYrr6UYevEc1U8UaBIq5xMlurAop16+7J/QqXrjPcjW2g/f39jpYk MOmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140920; x=1697745720; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bbBqznPx/bYtVaUA2xH/5i4n96YuxtVDKfRDEub83LI=; b=C63tSaIaAbE4O34HhxkdgUcmZr3KG5cHABkbMU3FpJqBLM5gvQx110I8B1juYh1YZQ yCDiB1b0VgIYz/g3wHHyntmFdbCmp39i+GFR5dd05SUUAB1wcV9dliZ/wHT/sINBy5b3 3vrWOVzv7HcN6+Y90BGCjdh0zy/CZU6LmVaRWkt8D2XX4ElSJxRt7+ylSmYUgzuPN2kx 7DGZ0VQm05kpQNka0qBdMXzF5+h/nxMtleNKYh64lr8lwe1V9k7TvMLYxwgyW0fkHbUH VTh1YVrXwNf//FmUwnZpdZpXDS9lNGdDGw58lIBXICCV5+CVmJIR0Wc5YqlZuNCUMmUB xW0g== X-Gm-Message-State: AOJu0Yx+kNB8YNw5fZw8GVtSyHFDC6EeCxPhS3UpJFORH28fSIT6MrOd bfeZ+vPhYs6599xeYVNmXdvD3WxBH2c= X-Google-Smtp-Source: AGHT+IE64OO1Ers7zP1VvYPB29N0m1YH+GKhnp52YmH1xKnscYs5VHb47p23KTVRmIWpMIN/oMxyKA== X-Received: by 2002:a17:903:443:b0:1c5:ce3c:c391 with SMTP id iw3-20020a170903044300b001c5ce3cc391mr21363540plb.12.1697140920307; Thu, 12 Oct 2023 13:02:00 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.01.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:00 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 03/21] dpp: rename auth_addr to peer_addr Date: Thu, 12 Oct 2023 13:01:32 -0700 Message-Id: <20231012200150.338401-4-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This is more generic and with adding PKEX it makes sense to refer to it as peer_addr. --- src/dpp.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index 75f77481..25371fc5 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -114,7 +114,7 @@ struct dpp_sm { uint32_t offchannel_id; - uint8_t auth_addr[6]; + uint8_t peer_addr[6]; uint8_t r_nonce[32]; uint8_t i_nonce[32]; uint8_t e_nonce[32]; @@ -694,7 +694,7 @@ static void dpp_handle_config_response_frame(const struct mmpdu_header *frame, * Can a configuration request come from someone other than who you * authenticated to? */ - if (memcmp(dpp->auth_addr, frame->address_2, 6)) + if (memcmp(dpp->peer_addr, frame->address_2, 6)) return; if (body_len < 19) @@ -825,7 +825,7 @@ static void dpp_handle_config_response_frame(const struct mmpdu_header *frame, dpp_write_config(config, network); dpp_configuration_free(config); - send_config_result(dpp, dpp->auth_addr); + send_config_result(dpp, dpp->peer_addr); offchannel_cancel(dpp->wdev_id, dpp->offchannel_id); @@ -855,7 +855,7 @@ static void dpp_send_config_response(struct dpp_sm *dpp, uint8_t status) memset(hdr, 0, sizeof(hdr)); l_put_le16(0x00d0, hdr); - memcpy(hdr + 4, dpp->auth_addr, 6); + memcpy(hdr + 4, dpp->peer_addr, 6); memcpy(hdr + 10, netdev_get_address(dpp->netdev), 6); memcpy(hdr + 16, broadcast, 6); @@ -945,7 +945,7 @@ static void dpp_handle_config_request_frame(const struct mmpdu_header *frame, return; } - if (memcmp(dpp->auth_addr, frame->address_2, 6)) { + if (memcmp(dpp->peer_addr, frame->address_2, 6)) { l_debug("Configuration request not from authenticated peer"); return; } @@ -1181,7 +1181,7 @@ static void send_authenticate_response(struct dpp_sm *dpp) sizeof(r_proto_key)); iov[0].iov_len = dpp_build_header(netdev_get_address(dpp->netdev), - dpp->auth_addr, + dpp->peer_addr, DPP_FRAME_AUTHENTICATION_RESPONSE, hdr); iov[0].iov_base = hdr; @@ -1245,7 +1245,7 @@ static void authenticate_confirm(struct dpp_sm *dpp, const uint8_t *from, if (dpp->state != DPP_STATE_AUTHENTICATING) return; - if (memcmp(from, dpp->auth_addr, 6)) + if (memcmp(from, dpp->peer_addr, 6)) return; l_debug("authenticate confirm"); @@ -1368,7 +1368,7 @@ static void dpp_auth_request_failed(struct dpp_sm *dpp, struct iovec iov[2]; iov[0].iov_len = dpp_build_header(netdev_get_address(dpp->netdev), - dpp->auth_addr, + dpp->peer_addr, DPP_FRAME_AUTHENTICATION_RESPONSE, hdr); iov[0].iov_base = hdr; @@ -1451,7 +1451,7 @@ static bool dpp_send_authenticate_request(struct dpp_sm *dpp) sizeof(i_proto_key)); iov[0].iov_len = dpp_build_header(netdev_get_address(dpp->netdev), - dpp->auth_addr, + dpp->peer_addr, DPP_FRAME_AUTHENTICATION_REQUEST, hdr); iov[0].iov_base = hdr; @@ -1814,7 +1814,7 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, dpp->boot_public, dpp->auth_tag)) goto auth_request_failed; - memcpy(dpp->auth_addr, from, 6); + memcpy(dpp->peer_addr, from, 6); dpp->state = DPP_STATE_AUTHENTICATING; dpp_reset_protocol_timer(dpp); @@ -1839,7 +1839,7 @@ static void dpp_send_authenticate_confirm(struct dpp_sm *dpp) uint8_t zero = 0; iov[0].iov_len = dpp_build_header(netdev_get_address(dpp->netdev), - dpp->auth_addr, + dpp->peer_addr, DPP_FRAME_AUTHENTICATION_CONFIRM, hdr); iov[0].iov_base = hdr; @@ -1893,7 +1893,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, if (!dpp->freqs) return; - if (memcmp(from, dpp->auth_addr, 6)) + if (memcmp(from, dpp->peer_addr, 6)) return; dpp_attr_iter_init(&iter, body + 8, body_len - 8); @@ -2066,12 +2066,12 @@ static void dpp_handle_presence_announcement(struct dpp_sm *dpp, /* * The URI may not have contained a MAC address, if this announcement - * verifies set auth_addr then. + * verifies set peer_addr then. */ - if (!l_memeqzero(dpp->auth_addr, 6) && - memcmp(from, dpp->auth_addr, 6)) { + if (!l_memeqzero(dpp->peer_addr, 6) && + memcmp(from, dpp->peer_addr, 6)) { l_debug("Unexpected source "MAC" expected "MAC, MAC_STR(from), - MAC_STR(dpp->auth_addr)); + MAC_STR(dpp->peer_addr)); return; } @@ -2106,7 +2106,7 @@ static void dpp_handle_presence_announcement(struct dpp_sm *dpp, * This is the peer we expected, save away the address and derive the * initial keys. */ - memcpy(dpp->auth_addr, from, 6); + memcpy(dpp->peer_addr, from, 6); dpp->state = DPP_STATE_AUTHENTICATING; @@ -2214,7 +2214,7 @@ static void dpp_mlme_notify(struct l_genl_msg *msg, void *user_data) if (!dpp) return; - if (dpp->state <= DPP_STATE_PRESENCE) + if (dpp->state == DPP_STATE_PRESENCE || dpp->state == DPP_STATE_NOTHING) return; @@ -2563,7 +2563,7 @@ static bool dpp_configurator_start_presence(struct dpp_sm *dpp, const char *uri) } if (!l_memeqzero(info->mac, 6)) - memcpy(dpp->auth_addr, info->mac, 6); + memcpy(dpp->peer_addr, info->mac, 6); if (info->freqs) freqs = scan_freq_set_to_fixed_array(info->freqs, &freqs_len); From patchwork Thu Oct 12 20:01:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419764 Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BF6303B7BD for ; Thu, 12 Oct 2023 20:02:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="XUrjZn1q" Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-1c9b95943beso12148245ad.1 for ; Thu, 12 Oct 2023 13:02:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140921; x=1697745721; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FVXJyhuWpmh9lW4D60s/R9nS1tUxPnCO2z7TdE316vI=; b=XUrjZn1qkHX9e1zH4fzwnOLHwaOgUcofzv7joWZXOmCBNMdnjn1+o+uto5dAfuJHr9 OqD9jw3NpGMKVd3EQ5VQRPTOj1aZ4/cA1VsLlb3MDlhI0F1qHI2wvDzQWW9ueLdHsLdm UbwL419Bep6tE3JSkJT/anVEGSnAHpgtIFyFGxR0kYDwD+r236iG/K2javoljFfFmucA Z56pY2+K1CGfNxdbtyaOVynCAgAwY4tAtI0P3nNqzv4yGzv1flVpHl3VuKkX2mIALCQ4 53Y2DwAifyM0qx+2kbSsZNnLQT3B3AdifjOQ2HOJX6w0GYkt89vkEWYDEqA9zymg6d2J 5paA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140921; x=1697745721; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FVXJyhuWpmh9lW4D60s/R9nS1tUxPnCO2z7TdE316vI=; b=UOfWtHCjk9SxeYNYQ/FHXJeajcMV7aeA75huSeYRUiFKEzLbgCS0QFIuK4X5+3BIiZ L5JfMbFi+YoZIsD0opyPAx/fj48XuooinzLu+qMsMqC2QectFJuG1GJCUTxPQ9HGTKgD E2EacbpWdyZTWXqCGtQir4mcOFqw+K0UiFb5BtafgaG/kwFb7ekpV/jA/zTMi/gAwYSE YTnGB4Hy59GzvlOV/Av713bFUvrrjSpI6FVcryv1HLCZuCFnirYj5uUa42yuc84xNmTb Dc2nCG2r8h5Nr+QvcWRFhiVlqMHCfXeqdcpvm53NXKTLYt6l0TsH+sRenM5Ov4h0CIPA UN6Q== X-Gm-Message-State: AOJu0YxRLJ6EXOIBQgpP4sIEpma+SuGwyiOIIWlf5VGBIzC2ZRhWPL+M nrgUpW4KySMHxG9dqL/tvZ4S/+zYfII= X-Google-Smtp-Source: AGHT+IGY2zSgpnU3Niuexw0DpgaiHxxwViJ46E/u5DR5L+Jbj23dd7sX9Psd8tx/t/YZ435hlbAaBA== X-Received: by 2002:a17:903:2647:b0:1c9:bdff:6c47 with SMTP id je7-20020a170903264700b001c9bdff6c47mr7596871plb.59.1697140920859; Thu, 12 Oct 2023 13:02:00 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:00 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 04/21] dpp: rename dpp_presence_timeout to be generic Date: Thu, 12 Oct 2023 13:01:33 -0700 Message-Id: <20231012200150.338401-5-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 PKEX will utilize the same offchannel timeout, so rename to dpp_offchannel_timeout to be more generic. --- src/dpp.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index 25371fc5..3a20f8ae 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -1555,7 +1555,7 @@ static void dpp_roc_started(void *user_data) static void dpp_start_offchannel(struct dpp_sm *dpp, uint32_t freq); -static void dpp_presence_timeout(int error, void *user_data) +static void dpp_offchannel_timeout(int error, void *user_data) { struct dpp_sm *dpp = user_data; @@ -1588,13 +1588,13 @@ static void dpp_presence_timeout(int error, void *user_data) dpp->freqs_idx++; if (dpp->freqs_idx >= dpp->freqs_len) { - l_debug("Max retries on presence announcements"); + l_debug("Max retries offchannel"); dpp->freqs_idx = 0; } dpp->current_freq = dpp->freqs[dpp->freqs_idx]; - l_debug("Presence timeout, moving to next frequency %u, duration %u", + l_debug("Offchannel timeout, moving to next frequency %u, duration %u", dpp->current_freq, dpp->dwell); next_roc: @@ -1617,15 +1617,15 @@ static void dpp_start_offchannel(struct dpp_sm *dpp, uint32_t freq) * between canceling and starting the next (e.g. if a scan request is * sitting in the queue). * - * Second, dpp_presence_timeout resets dpp->offchannel_id to zero which - * is why the new ID is saved and only set to dpp->offchannel_id once - * the previous offchannel work is cancelled (i.e. destroy() has been - * called). + * Second, dpp_offchannel_timeout resets dpp->offchannel_id to zero + * which is why the new ID is saved and only set to dpp->offchannel_id + * once the previous offchannel work is cancelled (i.e. destroy() has + * been called). */ uint32_t id = offchannel_start(netdev_get_wdev_id(dpp->netdev), WIPHY_WORK_PRIORITY_OFFCHANNEL, freq, dpp->dwell, dpp_roc_started, - dpp, dpp_presence_timeout); + dpp, dpp_offchannel_timeout); if (dpp->offchannel_id) offchannel_cancel(dpp->wdev_id, dpp->offchannel_id); From patchwork Thu Oct 12 20:01:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419765 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3013C3C6A9 for ; Thu, 12 Oct 2023 20:02:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="MlJzTygu" Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1c894e4573bso10966205ad.0 for ; Thu, 12 Oct 2023 13:02:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140921; x=1697745721; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MA2LqZA9NCa5av6PhWUtg0c+6eBsQd5d5126UoN66bU=; b=MlJzTyguP+8+tAu9TNozbziZ55RUHhWkEO9h4jkN8IlopcdM58D36/XxTff6rnXnJq GSc3XqjSpSwSxOKUsDgCGERblQ/zpIlSKNIbZWQ1Xlo5CXwICn+efzKhpcKq7WuXKgHO Rg82iNYBBMChrgNixed7tGqJrnMR0SLp5GKIuOt3D27yha4IDjLvukoqcs5ofnGxTQy3 6uSuVa9Tx42pa67ku7ydbM9VA7X4+TmJxzY1lQHL9TqHZhL22J1shVRMxTTIuKHaDr0W kRdP74UPVu88gozyBReVAPLpAqjtGFJYz3uYZlA1xnHY5jn/fqWYPylRc6l8bYauxSGw 1+mA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140921; x=1697745721; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MA2LqZA9NCa5av6PhWUtg0c+6eBsQd5d5126UoN66bU=; b=Sm33zwQLwjXS4Pt1X6BdNrFyFrT21bIy4EmL4NK/yU8n9IYoE3MKvulCqT2h9Ykzce kKpoHZx3cqI2SwAZF+TqCtccGVRJ3lTqdDdGNcUD8du+65mm+AxTeL4Ami6+/11JH5nY kO5bHb+2Q2bEsl6KRlvIA51T8UnpQ+keye/y+g4ko1zG1WAp34tuLPpwe6BxG4YuBn9L bMdAUB0OOPmqh1WJUDq7iU0/ktVQMJTFvjkjyqHJDfxiIgevwxKqIfAs4nlLqHcc3F+I BRdhVOMaHnr7Qj2L7P+XOgAby+nSMNsA2lDSm3KWgUd0fsrGm6qEGOQTVXhF7qZtBl++ +1OA== X-Gm-Message-State: AOJu0YxXM2+Ns1XST1HxmLWxJgc8mv4XzgLnLF6X1c2zULlu0Rn/o7si aRzTdElcdIuURvahXhwLJgPgmG2sK30= X-Google-Smtp-Source: AGHT+IGmRlm6f2Oi+J5VqvUnFTvh1w+AqpKzVgrjbSv/oFfEfC9usacF/T+cqSIx9ysiLmI/U7AolQ== X-Received: by 2002:a17:903:234e:b0:1c6:1fc3:6857 with SMTP id c14-20020a170903234e00b001c61fc36857mr28471159plh.27.1697140921602; Thu, 12 Oct 2023 13:02:01 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:01 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 05/21] dpp: move/store max_roc setting into dpp_create Date: Thu, 12 Oct 2023 13:01:34 -0700 Message-Id: <20231012200150.338401-6-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This value won't change since its per-phy so initialize it when creating the DPP state machine rather than every time DPP is started. --- src/dpp.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index 3a20f8ae..a5bc2e0a 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -111,6 +111,7 @@ struct dpp_sm { uint32_t current_freq; uint32_t new_freq; struct scan_freq_set *presence_list; + uint32_t max_roc; uint32_t offchannel_id; @@ -2364,13 +2365,15 @@ static void dpp_create(struct netdev *netdev) struct dpp_sm *dpp = l_new(struct dpp_sm, 1); uint8_t dpp_conf_response_prefix[] = { 0x04, 0x0b }; uint8_t dpp_conf_request_prefix[] = { 0x04, 0x0a }; + uint64_t wdev_id = netdev_get_wdev_id(netdev); dpp->netdev = netdev; dpp->state = DPP_STATE_NOTHING; - dpp->wdev_id = netdev_get_wdev_id(netdev); + dpp->wdev_id = wdev_id; dpp->curve = l_ecc_curve_from_ike_group(19); dpp->key_len = l_ecc_curve_get_scalar_bytes(dpp->curve); dpp->nonce_len = dpp_nonce_len_from_key_len(dpp->key_len); + dpp->max_roc = wiphy_get_max_roc_duration(wiphy_find_by_wdev(wdev_id)); dpp->mcast_support = wiphy_has_ext_feature( wiphy_find_by_wdev(dpp->wdev_id), NL80211_EXT_FEATURE_MULTICAST_REGISTRATIONS); @@ -2464,19 +2467,13 @@ static uint32_t *dpp_add_default_channels(struct dpp_sm *dpp, size_t *len_out) static void dpp_start_presence(struct dpp_sm *dpp, uint32_t *limit_freqs, size_t limit_len) { - uint32_t max_roc = wiphy_get_max_roc_duration( - wiphy_find_by_wdev(dpp->wdev_id)); - - if (2000 < max_roc) - max_roc = 2000; - if (limit_freqs) { dpp->freqs = l_memdup(limit_freqs, sizeof(uint32_t) * limit_len); dpp->freqs_len = limit_len; } else dpp->freqs = dpp_add_default_channels(dpp, &dpp->freqs_len); - dpp->dwell = max_roc; + dpp->dwell = (dpp->max_roc < 2000) ? dpp->max_roc : 2000; dpp->freqs_idx = 0; dpp->current_freq = dpp->freqs[0]; From patchwork Thu Oct 12 20:01:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419766 Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 171FC3CCE3 for ; Thu, 12 Oct 2023 20:02:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="iQC9fC1t" Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-1c735473d1aso11141005ad.1 for ; Thu, 12 Oct 2023 13:02:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140922; x=1697745722; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hg3COW67bfoCSeE7EVjUbr6xaWf+rQMP4P98pwXkI0M=; b=iQC9fC1t7NqrMjxmth3AmJrzFmSk0/cszy8RyPsI9p5bMtQynlyHTYIkJkfN/LfOxz CUn5wKW36e14iD+3N9sAjSslkwqKF0vt9+Ht3VryvVhEET3FLRLb7ZT0FnvDWsAB+x0I 86o81O/mypBakDv+3lDk4aNb2r/GYDRYWle3+TStn/LGqstPoVA99L7M35HSVZXlTLhe MDZP1YSvcHMT/GQvI2LiPJcy7k7DXTwkho4/bB8mQiUItzaYmwFN3wAMtpnfoQ31UQln dJvLNdNVQRLvDa+CGQaOaKPYoir/7PVt8UPzWiBm0FO/ybKb2d5I3SCoZRxJSqi8xvrw 5vJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140922; x=1697745722; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hg3COW67bfoCSeE7EVjUbr6xaWf+rQMP4P98pwXkI0M=; b=XCLS6WNVah7kepwOYGl+iHKFl28ZQ2wE2VkjhKkb6E14riBIxGXjAu4JabmNVD5tCZ r9rkFK9d7wPGslYWRxG6DfFi37VN2VKFrHP/jUW7FrQSVRxL2Gv+34UTJe6qh7keh85a s33iYy8/U+tQh4TItfr9gnI052SrdgxelWHxiKQLpMXhbxIvschUkD3e4RojJPC2fdbw t2OTEbH7GJjctBj2jB2qwQ9Y1YZODAPFNOBK7UJZQSdSUc/0kAAL3ScQ66UDBNwTzqdj 7EKF23AwMZjIxTbMjotzUPOZ+RFXkBHXZQoMcIcjzSm6iLd/j9QhGwdBLWDl+f9GRjCL CZig== X-Gm-Message-State: AOJu0YxMLfkgpONOugs4TLYDD3AZgFE3ILEky0zgswRPIfUGKKScryH0 cIcU3KgPMR6xj4PaEZIC98fM6d7EWBE= X-Google-Smtp-Source: AGHT+IEkamgEAaXSmrYrKEMEEXmeYozbpAjN5RHxzecg72Q3U/0nzhRE0McZYrH4645lAe4gwfiYqg== X-Received: by 2002:a17:902:c1c4:b0:1c9:c3a7:f96d with SMTP id c4-20020a170902c1c400b001c9c3a7f96dmr7787473plc.62.1697140922243; Thu, 12 Oct 2023 13:02:02 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:02 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 06/21] dpp: fix retransmits if on operating channel Date: Thu, 12 Oct 2023 13:01:35 -0700 Message-Id: <20231012200150.338401-7-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 DPP configurators are running the majority of the protocol on the current operating channel, meaning no ROC work. The retry logic was bailing out if !dpp->roc_started with the assumption that DPP was in between requesting offchannel work and it actually starting. For configurators, this may not be the case. The offchannel ID also needs to be checked, and if no work is scheduled we can send the frame. --- src/dpp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/dpp.c b/src/dpp.c index a5bc2e0a..52adda9a 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -2186,7 +2186,7 @@ static void dpp_frame_timeout(struct l_timeout *timeout, void *user_data) * send. Just bail out now and the roc_started callback will take care * of sending this out. */ - if (!dpp->roc_started) + if (dpp->offchannel_id && !dpp->roc_started) return; dpp_frame_retry(dpp); From patchwork Thu Oct 12 20:01:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419767 Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com [209.85.216.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE5283C6B1 for ; Thu, 12 Oct 2023 20:02:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Cw4mhUl/" Received: by mail-pj1-f42.google.com with SMTP id 98e67ed59e1d1-27cfb8442f9so988958a91.2 for ; Thu, 12 Oct 2023 13:02:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140923; x=1697745723; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7Aivrm8jlM4NES23EpFI5RFGEvkNS+oV3/aS5oro3ec=; b=Cw4mhUl/lnor2wa7nkQ6uumZ1Qpme0bNWplhV2f/fjFWQilUXW7LylnRcvC2I1orDg iMsxkZw7AH3lbFaT6v0C7w5Ro/piDN/iw/ix//wU3uMXJOBGEKNML0MAax3PWxDEULdr ZRWdTPtn9cLXDSIM0fAW6el/nv9Fc2CSUnA/hq087cnfPiV+fD0fS8XdyYKvbbePFlzT fe/VTQpRwm3bn9hH51W/CfjDIdnWq9umiwD8deQyOa4d5/BSUGn692F5YOaKMVoSlRe+ icjzgGiDTiN67pZ9DI5O6A5I/yIfhi9hv0QgS5qdyi/KikkqSK/Jqxqr27WjVVqCrkCb 5euA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140923; x=1697745723; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7Aivrm8jlM4NES23EpFI5RFGEvkNS+oV3/aS5oro3ec=; b=dDGKd3IQYMC4FZGTeJENIGXxnWLXJ2IprlGfVpMQf6SCcK+A9KZsh9u7EYZkNFPukL 7a7p9FcWBt/euyeBrJJxSfXAbwGIXxxlnBIxdw9cgrGRBSqcjf9P+G5aNlF2x/y57Uga k4isG9+SJFuKjc/jler4t6Y+MlWFyDq+Hx2C8Aq/0KqZMqUhZTUQeGSMjB5d2sJ8ZlqH 03rsrw7UcSioVtkq6druA7SZ6W5lhdFjiGBUxXlWzGya8n13MWgBQ1C/nY7+uddaL0Pl kVW3iMGnhB5DoGSZGV+asWq8EhC+3znVryrDd62Q1S0RQbHm/ncV4wAcBaK9UvtU+WX3 ZfNQ== X-Gm-Message-State: AOJu0YyBABX0vWMVi47nANZ0m+y7pRDSWpfDD7G0CNUuHPW2M9ee52lz NvIwG4jYFfSicPEwTlfsvBueHUtYoTc= X-Google-Smtp-Source: AGHT+IHGKqvwF0+UqnhlfxKW/H6IyvmDDFE0juxgS/ZXU4NyAaTD+EO90i32zVBtidf+W5mCRVBOtQ== X-Received: by 2002:a17:90a:db0f:b0:27d:b9d:bd6f with SMTP id g15-20020a17090adb0f00b0027d0b9dbd6fmr5084915pjv.45.1697140922914; Thu, 12 Oct 2023 13:02:02 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:02 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 07/21] dpp-util: allow for mutual authentication in i/r_auth Date: Thu, 12 Oct 2023 13:01:36 -0700 Message-Id: <20231012200150.338401-8-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 When using mutual authentication an additional value needs to be hashed when deriving i/r_auth values. A NULL value indicates no mutual authentication (zero length iovec is passed to hash). --- src/dpp-util.c | 20 ++++++++++++++++---- src/dpp-util.h | 4 +++- src/dpp.c | 8 ++++---- 3 files changed, 23 insertions(+), 9 deletions(-) diff --git a/src/dpp-util.c b/src/dpp-util.c index df7d0fc5..d3171d02 100644 --- a/src/dpp-util.c +++ b/src/dpp-util.c @@ -551,12 +551,14 @@ static bool dpp_hkdf(enum l_checksum_type sha, const void *salt, bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce, size_t nonce_len, struct l_ecc_point *i_proto, struct l_ecc_point *r_proto, + struct l_ecc_point *i_boot, struct l_ecc_point *r_boot, void *r_auth) { uint64_t pix[L_ECC_MAX_DIGITS]; uint64_t prx[L_ECC_MAX_DIGITS]; uint64_t brx[L_ECC_MAX_DIGITS]; + uint64_t bix[L_ECC_MAX_DIGITS]; size_t keys_len; uint8_t zero = 0; enum l_checksum_type type; @@ -565,24 +567,30 @@ bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce, l_ecc_point_get_x(r_proto, prx, sizeof(prx)); l_ecc_point_get_x(r_boot, brx, sizeof(brx)); + if (i_boot) + l_ecc_point_get_x(i_boot, bix, sizeof(bix)); + type = dpp_sha_from_key_len(keys_len); /* * R-auth = H(I-nonce | R-nonce | PI.x | PR.x | [ BI.x | ] BR.x | 0) */ - return dpp_hash(type, r_auth, 6, i_nonce, nonce_len, r_nonce, nonce_len, - pix, keys_len, prx, keys_len, brx, keys_len, + return dpp_hash(type, r_auth, 7, i_nonce, nonce_len, r_nonce, nonce_len, + pix, keys_len, prx, keys_len, + bix, i_boot ? keys_len : 0, brx, keys_len, &zero, (size_t) 1); } bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce, size_t nonce_len, struct l_ecc_point *r_proto, struct l_ecc_point *i_proto, - struct l_ecc_point *r_boot, void *i_auth) + struct l_ecc_point *r_boot, + struct l_ecc_point *i_boot, void *i_auth) { uint64_t prx[L_ECC_MAX_DIGITS]; uint64_t pix[L_ECC_MAX_DIGITS]; uint64_t brx[L_ECC_MAX_DIGITS]; + uint64_t bix[L_ECC_MAX_DIGITS]; size_t keys_len; uint8_t one = 1; enum l_checksum_type type; @@ -591,13 +599,17 @@ bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce, l_ecc_point_get_x(i_proto, pix, sizeof(pix)); l_ecc_point_get_x(r_boot, brx, sizeof(brx)); + if (i_boot) + l_ecc_point_get_x(i_boot, bix, sizeof(bix)); + type = dpp_sha_from_key_len(keys_len); /* * I-auth = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [ BI.x | ] 1) */ - return dpp_hash(type, i_auth, 6, r_nonce, nonce_len, i_nonce, nonce_len, + return dpp_hash(type, i_auth, 7, r_nonce, nonce_len, i_nonce, nonce_len, prx, keys_len, pix, keys_len, brx, keys_len, + bix, i_boot ? keys_len : 0, &one, (size_t) 1); } diff --git a/src/dpp-util.h b/src/dpp-util.h index 94fe595a..050d66cc 100644 --- a/src/dpp-util.h +++ b/src/dpp-util.h @@ -160,12 +160,14 @@ bool dpp_hash(enum l_checksum_type type, uint8_t *out, unsigned int num, ...); bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce, size_t nonce_len, struct l_ecc_point *i_proto, struct l_ecc_point *r_proto, + struct l_ecc_point *i_boot, struct l_ecc_point *r_boot, void *r_auth); bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce, size_t nonce_len, struct l_ecc_point *r_proto, struct l_ecc_point *i_proto, - struct l_ecc_point *r_boot, void *i_auth); + struct l_ecc_point *r_boot, + struct l_ecc_point *i_boot, void *i_auth); struct l_ecc_scalar *dpp_derive_k1(const struct l_ecc_point *i_proto_public, const struct l_ecc_scalar *boot_private, void *k1); diff --git a/src/dpp.c b/src/dpp.c index 52adda9a..bbb27ff1 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -1336,7 +1336,7 @@ static void authenticate_confirm(struct dpp_sm *dpp, const uint8_t *from, dpp_derive_i_auth(dpp->r_nonce, dpp->i_nonce, dpp->nonce_len, dpp->own_proto_public, dpp->peer_proto_public, - dpp->boot_public, i_auth_check); + dpp->boot_public, NULL, i_auth_check); if (memcmp(i_auth, i_auth_check, i_auth_len)) { l_error("I-Auth did not verify"); @@ -1812,7 +1812,7 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, if (!dpp_derive_r_auth(dpp->i_nonce, dpp->r_nonce, dpp->nonce_len, dpp->peer_proto_public, dpp->own_proto_public, - dpp->boot_public, dpp->auth_tag)) + NULL, dpp->boot_public, dpp->auth_tag)) goto auth_request_failed; memcpy(dpp->peer_addr, from, 6); @@ -2016,7 +2016,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, } if (!dpp_derive_r_auth(i_nonce, r_nonce, dpp->nonce_len, - dpp->own_proto_public, r_proto_key, + dpp->own_proto_public, r_proto_key, NULL, dpp->peer_boot_public, r_auth_derived)) { l_debug("Failed to derive r_auth"); return; @@ -2029,7 +2029,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, if (!dpp_derive_i_auth(r_nonce, i_nonce, dpp->nonce_len, r_proto_key, dpp->own_proto_public, - dpp->peer_boot_public, dpp->auth_tag)) { + dpp->peer_boot_public, NULL, dpp->auth_tag)) { l_debug("Could not derive I-Auth"); return; } From patchwork Thu Oct 12 20:01:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419770 Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE4413C6B0 for ; Thu, 12 Oct 2023 20:02:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="UgIdT4Ul" Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-1c9b95943beso12148535ad.1 for ; Thu, 12 Oct 2023 13:02:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140924; x=1697745724; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2rvPDOc+1rLHUCoKJx1s6sX8mdBD7w+IcaesF6MY8tY=; b=UgIdT4UlRYgao8tuaUY0Tm8bB7G2IOCkZ83p5ahPemtztYORTM+Ukk/6XLgUiOqecZ eqfg4rX9z0CJLl42xRMGs/pPvxyDLXnX0F9vv89V5sX6EsQ6Ig6PdS0hb7dNjV66CAc3 ERrGCsY9oQdRXpOyOr1zH0+xpGGnf9wiQmzO0bbI+AobfyCgAO4E8/kc7W5Vva/1zZoC 2G60aZnL22l+3UX/yQAwYZ0Du+ICbYEHhtJde+Ttrnt/MYXX1ianus2MkQltXtsAaFcq Kdhu0661N9QmQIf5Ur2EU9mXgOgNeaVJIXh3Xn4CA6UcH/Pc7ubhhf3ln5lshdalOeYm FLUQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140924; x=1697745724; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2rvPDOc+1rLHUCoKJx1s6sX8mdBD7w+IcaesF6MY8tY=; b=OCrW1MBwu9DpDpAEDP+qmWejgBloU5PcGyPS/BHNXEWAydsB7kzHx/QXR6nEEBJjCJ 1LjDZa59T0RsqX4ys9dmAcrYRO+S8QSjV57MvsgSuGvPAuP4UZCc6uyVN7HSnEYdzecq zQnvdzArt52r1u2XmmsbVdGqTMGcUltntVqRoHfMZ8Z1gllCXqXiiRYoBP6uHcnKP1mW bI8P/zyMgiLBBfDnPdIJVSPcpdpCZV+T5dJ7O1XJ37u4yJVXXZzuCnBuJ5hw/99d7Rn4 Tdyr3NYFPgp974BRwZqlrRu0gCDP/YbTfaC35/rnelo6v5b78M1x9aFqsubbM/Ag8hKh beLg== X-Gm-Message-State: AOJu0YwUTVeKIQ9KPYX8R2TngtWlZ0VycInIrTSosmxAl8w9tc74/BoQ liNnC+1B2qy59R6DOiSowFW58As6qAo= X-Google-Smtp-Source: AGHT+IHhlnIJ52+s4zXZOPKwaxNrjCo8LDR6JtBHBf7KWn3MpRqMYoP6e80gDF+57pBUX7ykvxPvhw== X-Received: by 2002:a17:902:ea0a:b0:1bb:598a:14e5 with SMTP id s10-20020a170902ea0a00b001bb598a14e5mr32702166plg.43.1697140923608; Thu, 12 Oct 2023 13:02:03 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:03 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 08/21] dpp-util: allow mutual auth in dpp_derive_ke Date: Thu, 12 Oct 2023 13:01:37 -0700 Message-Id: <20231012200150.338401-9-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The Ke derivation requires an additional "L.x" value when mutual authentication is used. --- src/dpp-util.c | 10 +++++++--- src/dpp-util.h | 2 +- src/dpp.c | 4 ++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/dpp-util.c b/src/dpp-util.c index d3171d02..0406a4dc 100644 --- a/src/dpp-util.c +++ b/src/dpp-util.c @@ -681,12 +681,13 @@ free_n: bool dpp_derive_ke(const uint8_t *i_nonce, const uint8_t *r_nonce, struct l_ecc_scalar *m, struct l_ecc_scalar *n, - void *ke) + struct l_ecc_point *l, void *ke) { uint8_t nonces[32 + 32]; size_t nonce_len; uint64_t mx_bytes[L_ECC_MAX_DIGITS]; uint64_t nx_bytes[L_ECC_MAX_DIGITS]; + uint64_t lx_bytes[L_ECC_MAX_DIGITS]; uint64_t bk[L_ECC_MAX_DIGITS]; ssize_t key_len; enum l_checksum_type sha; @@ -697,12 +698,15 @@ bool dpp_derive_ke(const uint8_t *i_nonce, const uint8_t *r_nonce, nonce_len = dpp_nonce_len_from_key_len(key_len); sha = dpp_sha_from_key_len(key_len); + if (l) + l_ecc_point_get_x(l, lx_bytes, key_len * 2); + memcpy(nonces, i_nonce, nonce_len); memcpy(nonces + nonce_len, r_nonce, nonce_len); /* bk = HKDF-Extract(I-nonce | R-nonce, M.x | N.x [ | L.x]) */ - if (!hkdf_extract(sha, nonces, nonce_len * 2, 2, bk, mx_bytes, - key_len, nx_bytes, key_len)) + if (!hkdf_extract(sha, nonces, nonce_len * 2, 3, bk, mx_bytes, + key_len, nx_bytes, key_len, lx_bytes, l ? key_len : 0)) return false; /* ke = HKDF-Expand(bk, "DPP Key", length) */ diff --git a/src/dpp-util.h b/src/dpp-util.h index 050d66cc..96711c35 100644 --- a/src/dpp-util.h +++ b/src/dpp-util.h @@ -176,7 +176,7 @@ struct l_ecc_scalar *dpp_derive_k2(const struct l_ecc_point *i_proto_public, void *k2); bool dpp_derive_ke(const uint8_t *i_nonce, const uint8_t *r_nonce, struct l_ecc_scalar *m, struct l_ecc_scalar *n, - void *ke); + struct l_ecc_point *l, void *ke); uint8_t *dpp_point_to_asn1(const struct l_ecc_point *p, size_t *len_out); struct l_ecc_point *dpp_point_from_asn1(const uint8_t *asn1, size_t len); diff --git a/src/dpp.c b/src/dpp.c index bbb27ff1..fc3d5c4f 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -1807,7 +1807,7 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, l_getrandom(dpp->r_nonce, dpp->nonce_len); - if (!dpp_derive_ke(dpp->i_nonce, dpp->r_nonce, m, n, dpp->ke)) + if (!dpp_derive_ke(dpp->i_nonce, dpp->r_nonce, m, n, NULL, dpp->ke)) goto auth_request_failed; if (!dpp_derive_r_auth(dpp->i_nonce, dpp->r_nonce, dpp->nonce_len, @@ -1983,7 +1983,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, return; } - if (!dpp_derive_ke(i_nonce, r_nonce, dpp->m, n, dpp->ke)) { + if (!dpp_derive_ke(i_nonce, r_nonce, dpp->m, n, NULL, dpp->ke)) { l_debug("Failed to derive ke"); return; } From patchwork Thu Oct 12 20:01:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419769 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5E72A3CCE9 for ; Thu, 12 Oct 2023 20:02:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ffwlyxM9" Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-690f7d73a3aso1262185b3a.0 for ; Thu, 12 Oct 2023 13:02:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140924; x=1697745724; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uRWWB3Y4Aw7Mwz9wQsPPOcPVfVgRJMlholhMbgFmJjM=; b=ffwlyxM9gP2IDRpOzHf4aFuS1uMixB3Ju5gH0teof9SIuIoZm01ZJOGisTuX9Mc9NK vLVwWipLydcqNmyOnnfoM4e6chEVhEbwfZAI4JZDMvJB/VUjrcr06Z/vQPvGKGor3Znu zBC1YzOmyFhpt7TKxnCPm50R8PMSnhRDd6diTHdh6tPYnr3GQ6jxhUpC8wSxDuLIbi3+ BPU7VGP27dVTEaG6yTaOTmjwa8tiACuxWrUwyyE1wibyAapDfR3fPt55n6KyPF6pPsDz pyOCghNvB/UY+rc52YUyU/GVnRnRn9LFDuVh7xzJ6JdJ17sP0m75r3302udQGdydknec RVjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140924; x=1697745724; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uRWWB3Y4Aw7Mwz9wQsPPOcPVfVgRJMlholhMbgFmJjM=; b=YGTXUtGcizpAfUSBcvqJdilQfba9cfuH63J5yCMlRCpNOkbRf1RMjNUDm0K+pNu7pa dcpcoyHtoi1Bt8jRBjNGs5m/z3wFy8bS92mSi4CLsh23O9x9QfURKKWmwfxr1vLeG3F4 zLKyspx/CdSt0HKR0/uyjaRsBGegRHHIY3Wz0AYkMsugH6hb8Bv2Y9oeF0QXuIa8kyyi rZCC7IB4Pv62D/FG5UWIkAZb3fez5hGUHSJ+svv8hH/t7K3W2fgFF+Q3lBELzLv+4ezL 4ifsmWl3qwHMTpfjVgAM3e6RmKX5lsTgyl38XsgWk9p5NEPtixfZsohl3CK2RF8Bb9Cj Asgw== X-Gm-Message-State: AOJu0Yx4htKq6uRaoznQHlaSGmyhqrykre9t5Yh9eznXRQBksCkFQ2MJ Of5HY+va6NDy628f9InISRVHi157xDw= X-Google-Smtp-Source: AGHT+IGLpcsnduZzSMuQQ4GH5BQe/FIWQ4PQo7HFNqDH6SGYdhNQ+xsukp9iPkeF01aqFvSI9yqedQ== X-Received: by 2002:a05:6a20:9152:b0:160:83e1:712f with SMTP id x18-20020a056a20915200b0016083e1712fmr28669842pzc.23.1697140924493; Thu, 12 Oct 2023 13:02:04 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:04 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 09/21] unit: update test-dpp with API changes Date: Thu, 12 Oct 2023 13:01:38 -0700 Message-Id: <20231012200150.338401-10-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- unit/test-dpp.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/unit/test-dpp.c b/unit/test-dpp.c index 046a1831..c782efba 100644 --- a/unit/test-dpp.c +++ b/unit/test-dpp.c @@ -269,16 +269,16 @@ static void test_key_derivation(const void *data) HEX2BUF(i_nonce_bytes, i_nonce, 16); HEX2BUF(r_nonce_bytes, r_nonce, 16); - dpp_derive_ke(i_nonce, r_nonce, m, n, ke); + dpp_derive_ke(i_nonce, r_nonce, m, n, NULL, ke); CHECK_FROM_STR(ke_bytes, ke, 32); dpp_derive_r_auth(i_nonce, r_nonce, 16, i_proto_public, r_proto_public, - r_boot_public, r_auth); + NULL, r_boot_public, r_auth); CHECK_FROM_STR(r_auth_bytes, r_auth, 32); dpp_derive_i_auth(r_nonce, i_nonce, 16, r_proto_public, i_proto_public, - r_boot_public, i_auth); + r_boot_public, NULL, i_auth); CHECK_FROM_STR(i_auth_bytes, i_auth, 32); } From patchwork Thu Oct 12 20:01:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419771 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0BEEF3C6B1 for ; Thu, 12 Oct 2023 20:02:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Fe6vQyB0" Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1c9bca1d96cso11655435ad.3 for ; Thu, 12 Oct 2023 13:02:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140925; x=1697745725; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JRAryhIyB2TW+isH4eRZQPeCxi6k0E1U6/E2eLVn3Jw=; b=Fe6vQyB0VvRdUgIP6hPQ/tgqnzHPhg7ZcNCjnwGdhDMeKpv5fWB/58L2z3twNTGgH7 BRNrOBr1bX7SKfjGhmuEagtJRb1fcWrjIMBNYovQxiTETA8OOvljn4pkSRCLQkH4uXiE BtJp49VfzM5bluYnQz5Vbrbbzt5USm+sg7Q2jyeyq41EENfsrR/1SwGT0nGGVwDND8T5 NQEf7Hn2Y2rwv7e7xzzsBGz4h+rlDXkUDZi0vp5Wmjl0TnQ/SxwTbCjJ6pgl0GqOzoUJ EHlOCmLyVIyb5cgkgclGp9gN5XUKNVaxcfRQt1seoo1rjXWz7Yqr3yjMnpmeTJYnKLid xUIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140925; x=1697745725; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JRAryhIyB2TW+isH4eRZQPeCxi6k0E1U6/E2eLVn3Jw=; b=xKtnoUmG2eBO8GdXJ+yU0wsRUDAK1gW0Rl/hqJ75jgr1YvNy3ysyAAk/iEa3vFKZFQ BWkymkyNr9zRwnIuxKIkyiFdxjW+ddn7Mdfy0Dg7GKMN2VQoxwSjL073w97xuWkwuohn 91+8Kd8+pXyXICepNY/RTbt4JHZomtixYOnZgqcyz+z5v0Owdql5U5TkQIK+2JBtmzI/ 7cfmzN2F+Sk7S+OdI45tI+GicTJbjfR3hmOuI7CaXPpxplhoPceacRPJ8gKSq9GQN3fU TyV7v8Cu3ppWO2n1him314KXTLwkitJGlIRJEHP5r+adUiAMArLWwh9EoOJF4ytwY0E+ vlXA== X-Gm-Message-State: AOJu0YwUKOyZgHiMcDQk7fYiS1pAicPntH7ai2G928qS6k+MOcH08jVH 8dwyr4o3xfyInle+Jv3iBJ+/O3e/tRA= X-Google-Smtp-Source: AGHT+IH9pBQnX5YxdmPzS5r2ud3dJvd1LPBOSIclBStSOE8kSrZeX+2kXhnP56xibMYKsGh/T0BAqA== X-Received: by 2002:a17:902:9b8e:b0:1c6:2780:3adc with SMTP id y14-20020a1709029b8e00b001c627803adcmr19702037plp.24.1697140925238; Thu, 12 Oct 2023 13:02:05 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:04 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 10/21] offchannel: add support to issue multiple offchannel requests Date: Thu, 12 Oct 2023 13:01:39 -0700 Message-Id: <20231012200150.338401-11-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 There was nothing which prevented this, but due to the behavior of some drivers multiple offchannel requests on the same channel resulted in the second request never starting and eventually timing out. This is because some drivers combine offchannel requests if they are on the same channel and this ultimately results in the netlink ACK coming after the ROC started event. This patch fixes some logic to allow for this case. The motivation to support this is so modules can start offchannel work items for short durations and wait for a response, if a frame is received the offchannel request can be canceled/restarted for a longer duration. This could also be done instead by using a long duration initially and an extra timer to cancel, but its more convenient if offchannel supports this natively. In addition, this driver quirk should be supported regardless (e.g. if two IWD modules happen to issue ROC's on the same channel). Furthermore, the offchannel module was only looking up requests by wdev_id which could result in the wrong request being found. Instead the request should be looked up by both wdev_id and cookie (when possible), or the ID in the case of canceling. --- src/offchannel.c | 55 ++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 48 insertions(+), 7 deletions(-) diff --git a/src/offchannel.c b/src/offchannel.c index b9cdc117..6a705092 100644 --- a/src/offchannel.c +++ b/src/offchannel.c @@ -54,15 +54,34 @@ struct offchannel_info { bool needs_cancel : 1; }; +struct match_data { + uint64_t wdev_id; + uint64_t cookie; +}; + static struct l_genl_family *nl80211; static struct l_queue *offchannel_list; -static bool match_wdev(const void *a, const void *user_data) +static bool match_info(const void *a, const void *user_data) +{ + const struct match_data *match = user_data; + const struct offchannel_info *info = a; + + if (match->wdev_id != info->wdev_id) + return false; + + if (!match->cookie) + return true; + + return match->cookie == info->roc_cookie; +} + +static bool match_id(const void *a, const void *user_data) { + const uint32_t *id = user_data; const struct offchannel_info *info = a; - const uint64_t *wdev_id = user_data; - return info->wdev_id == *wdev_id; + return *id == info->work.id; } static void offchannel_cancel_roc(struct offchannel_info *info) @@ -191,7 +210,8 @@ void offchannel_cancel(uint64_t wdev_id, uint32_t id) else if (ret == false) goto work_done; - info = l_queue_find(offchannel_list, match_wdev, &wdev_id); + + info = l_queue_find(offchannel_list, match_id, &id); if (!info) return; @@ -246,6 +266,7 @@ work_done: static void offchannel_mlme_notify(struct l_genl_msg *msg, void *user_data) { struct offchannel_info *info; + struct match_data match = {0}; uint64_t wdev_id; uint64_t cookie; uint8_t cmd; @@ -261,12 +282,32 @@ static void offchannel_mlme_notify(struct l_genl_msg *msg, void *user_data) NL80211_ATTR_UNSPEC) < 0) return; - info = l_queue_find(offchannel_list, match_wdev, &wdev_id); + match.wdev_id = wdev_id; + match.cookie = cookie; + + info = l_queue_find(offchannel_list, match_info, &match); + if (!info) { + /* Try again without cookie */ + match.cookie = 0; + info = l_queue_find(offchannel_list, match_info, &match); + } + if (!info) return; - /* ROC must have been started elsewhere, not by IWD */ - if (info->roc_cookie != cookie) + /* + * If the cookie is zero this could be from the ACK callback coming out + * of order which can happen when there is an ongoing offchannel request + * that is canceled (but no ROC_CANCEL event yet) and another is issued + * on the same frequency. Some drivers will combine these two requests + * and the ACK ends up coming after the ROC started event. + * + * If the cookie is set but does not match, this ROC request came from + * outside IWD. + */ + if (!info->roc_cookie) { + info->roc_cookie = cookie; + } else if (info->roc_cookie != cookie) return; switch (cmd) { From patchwork Thu Oct 12 20:01:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419772 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0BFF43CCE3 for ; Thu, 12 Oct 2023 20:02:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JHk8PcBh" Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1c8a1541233so11330075ad.1 for ; Thu, 12 Oct 2023 13:02:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140926; x=1697745726; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=O6bi+WsV1NR7GZ3XaqKp2BXeDK3clIwQguZqUYG2Pvw=; b=JHk8PcBhcif20Bog41WboGGQu+KjowO2uwUgN2+013yVwiJAIjIRba7OhIBjVX1BuL uCJbKCbP9DkKsg+5EbwfQ5y2Iina2iOvwWDBLYKJmUNPQTj5QdQbuom6WyqXOPBkXrpG 3v8SS8+zDPpQsZw8l/8ra4bOUqdCDZHIdt2Arw5pWZE9RyFckzXc9JIr2By2HXTHlUNf k1kLx33Kug7JjrJ95OrsTHqVDH5fxfyqh/upB7qx57or9CG3loEbgWQMItWzlLSMvRvZ QQXzc/kpiEhyH7U4Z55HSOw/Ftw+8aNShJkfkdHJSfWSbeJX3vy7Lev+M6SERNmNCv4s zSWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140926; x=1697745726; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O6bi+WsV1NR7GZ3XaqKp2BXeDK3clIwQguZqUYG2Pvw=; b=YW/rTLGTHANws4UHYKq7qPDgT/Xv1geeq+raYI7IphdLeI0lSmk2qbiDECRgf2vfIT P17PvDgrPQUDYeIoq323cWAX/4Ozt22NY2kY67iDkwcZ5As2bMbcA/JTSygzMZJ8R7Ez MVHk1LUhYnMO6iKmgtCLbCkpLae2AnAiMvLrQFmPKJimODk53RPdsOBzedi51v+Z66UX RnRWrcENHydVXNidfomXnxu2XWK76AUgtNevP6iRcdig027pfyK2hn41Ktm0+QyTTyc9 XiYczAc0B6Ugm7/pq1TiY0QVSRypJylEO0N3lFqaSsoirefwAR5kyueUNiY7n/BqHKWJ 8ZeA== X-Gm-Message-State: AOJu0YzT0qm2yqLXlL+QFLAL+IzveERSf5Mz0AgI6bW+IXJ5OxXg363M AA8onStWxIJvRylSgmWpd/2agCNA/JA= X-Google-Smtp-Source: AGHT+IGWM4gh13cZcrlaXRg8v/P6H6Ih/EDmqfN+eQelblPyOKa9aKBnWwi1WAFuerwdHoYe379Qcg== X-Received: by 2002:a17:902:f103:b0:1c9:e378:3a82 with SMTP id e3-20020a170902f10300b001c9e3783a82mr1808960plb.2.1697140926039; Thu, 12 Oct 2023 13:02:06 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:05 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 11/21] doc: PKEX support for DPP Date: Thu, 12 Oct 2023 13:01:40 -0700 Message-Id: <20231012200150.338401-12-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 PKEX is part of the WFA EasyConnect specification and is an additional boostrapping method (like QR codes) for exchanging public keys between a configurator and enrollee. PKEX operates over wifi and requires a key/code be exchanged prior to the protocol. The key is used to encrypt the exchange of the boostrapping information, then DPP authentication is started immediately aftewards. This can be useful for devices which don't have the ability to scan a QR code, or even as a more convenient way to share wireless credentials if the PSK is very secure (i.e. not a human readable string). PKEX would be used via the two DBus APIs on a new interface SharedCodeDeviceProvisioning. StartConfigurator() will start listening and wait for an Enrollee to send a PKEX exchange request. StartEnrollee() will initiate the exchange. PKEX would proceed and once done DPP Authentication will start using the boostrapping keys exchanged. --- doc/device-provisioning-api.txt | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/doc/device-provisioning-api.txt b/doc/device-provisioning-api.txt index ac204f46..4c0ecb28 100644 --- a/doc/device-provisioning-api.txt +++ b/doc/device-provisioning-api.txt @@ -71,3 +71,33 @@ Properties boolean Started [readonly] Indicates the DPP URI. This property is only available when Started is true. + + +Interface net.connman.iwd.DeviceProvisioning [Experimental] +Object path /net/connman/iwd/{phy0,phy1,...}/{1,2,...} + + StartConfigurator() + Start a PKEX configurator. IWD must be currently + connected to a BSS and have at least the + [Security].DeviceProvisioningSharedCode option set in + the network profile. An identifier can be set with + [Security].DeviceProvisioningIdentifier. + + Possible errors: net.connman.iwd.Busy + net.connman.iwd.NotConnected + net.connman.iwd.InvalidArguments + net.connman.iwd.NotConfigured + + StartEnrollee(a{sv} args) + The 'args' dictionary contains parameters for the PKEX + enrollee. + + string Key - The PKEX key. This is required and must + match the configurer's key. + + string Identifier - The PKEX key identifier. This is + optional, but if used both the Configurer and enrollee + must use the same value. + + Possible errors: net.connman.iwd.Busy + net.connman.iwd.InvalidArguments \ No newline at end of file From patchwork Thu Oct 12 20:01:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419773 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A2E103B7BD for ; Thu, 12 Oct 2023 20:02:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ftMF4Rtn" Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1c5cd27b1acso12057025ad.2 for ; Thu, 12 Oct 2023 13:02:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140927; x=1697745727; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Y7QrCl1QfDzyYnsNm+akjruGqZpzWdRuGCF6J9CRREo=; b=ftMF4RtnFdjlpfYRflMK1wSY/hyrbu1Ngb2PAbBJNnrjHSgi1XoyfLeVmPLJNtw9Kc oAYlMnFymdpEECu35EGpLmHKOCzhXQj/IWikcuVl+W5QWP3+mZuLn4MBD48gfd4yPSRD 1Ef4sIQG32P4bpxZbNWs4d18texQio/idhPSf+gGFqjmgJnfCdHlvbQsxA7wnq0weV5v iu6rq+GfLMf2PLRWZ+u7rU/6XNZARSxMB1lu+BF5j7SXf/ObzBarsNmCXq72VUd43Qfx NGXOLJSX7aQ6/9esSH3JQ2amCBxFAbcMxJDMB5Ee5RO+A0ms5cl30qqzngqbPQYxyg2k 5LqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140927; x=1697745727; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Y7QrCl1QfDzyYnsNm+akjruGqZpzWdRuGCF6J9CRREo=; b=nM0R1R42BwuNjWMnfRp12K7vLnt/taliE0ekam6pylKcDnNTS8kh8FzIoWS9i3Xqfb 1jc5k2NmNudWSR/wO0TyhwjN7W96Kmc0A1q2ygFTu7uFei0Ot5Z8p0vEFWHfavLHcZ8p Nl4cZY3lZKcFsrNQZvbyzRSbubrmkZ11AMxDPlcCOF+JxeDqVdjnnpcSkJKmRg20mljD zN3DzIHdDt+/ycHeg/svcQfkJ44bqUStQ5qUeZiblbVMHXHJJMprQ8taayJ9VTiYbcqK DCtkCeVjiLs+osnlNRkSVr+POz8cd0ivQFnfVO88M9sz1YtY0FQfOT2mcBej1OKEvPrH ZoIg== X-Gm-Message-State: AOJu0YzFZw/+wTRBNYtw6KhVyYAmB4B85FvsTfwDxXnQETKAqWQDaDHY xGZ/inn7HAGvUh2orm1XO7QiaGYKVdY= X-Google-Smtp-Source: AGHT+IGkOKX0LSzX4Tepa1HctpO2RwIZ8oJZmCS72FeQvBZaQE8ovLoQ3/ocvPFcqVNY2jSIlZowDg== X-Received: by 2002:a17:902:d2c3:b0:1c4:4efc:90a6 with SMTP id n3-20020a170902d2c300b001c44efc90a6mr33687843plc.38.1697140926788; Thu, 12 Oct 2023 13:02:06 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:06 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 12/21] dpp-util: add crypto for PKEX Date: Thu, 12 Oct 2023 13:01:41 -0700 Message-Id: <20231012200150.338401-13-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- src/dpp-util.c | 208 +++++++++++++++++++++++++++++++++++++++++++++++++ src/dpp-util.h | 32 ++++++++ 2 files changed, 240 insertions(+) diff --git a/src/dpp-util.c b/src/dpp-util.c index 0406a4dc..b0556917 100644 --- a/src/dpp-util.c +++ b/src/dpp-util.c @@ -39,6 +39,32 @@ #include "ell/asn1-private.h" #include "src/ie.h" +static const uint8_t dpp_pkex_initiator_p256[64] = { + /* X */ + 0x56, 0x26, 0x12, 0xcf, 0x36, 0x48, 0xfe, 0x0b, + 0x07, 0x04, 0xbb, 0x12, 0x22, 0x50, 0xb2, 0x54, + 0xb1, 0x94, 0x64, 0x7e, 0x54, 0xce, 0x08, 0x07, + 0x2e, 0xec, 0xca, 0x74, 0x5b, 0x61, 0x2d, 0x25, + /* Y */ + 0x3e, 0x44, 0xc7, 0xc9, 0x8c, 0x1c, 0xa1, 0x0b, + 0x20, 0x09, 0x93, 0xb2, 0xfd, 0xe5, 0x69, 0xdc, + 0x75, 0xbc, 0xad, 0x33, 0xc1, 0xe7, 0xc6, 0x45, + 0x4d, 0x10, 0x1e, 0x6a, 0x3d, 0x84, 0x3c, 0xa4 +}; + +static const uint8_t dpp_pkex_responder_p256[64] = { + /* X */ + 0x1e, 0xa4, 0x8a, 0xb1, 0xa4, 0xe8, 0x42, 0x39, + 0xad, 0x73, 0x07, 0xf2, 0x34, 0xdf, 0x57, 0x4f, + 0xc0, 0x9d, 0x54, 0xbe, 0x36, 0x1b, 0x31, 0x0f, + 0x59, 0x91, 0x52, 0x33, 0xac, 0x19, 0x9d, 0x76, + /* Y */ + 0xd9, 0xfb, 0xf6, 0xb9, 0xf5, 0xfa, 0xdf, 0x19, + 0x58, 0xd8, 0x3e, 0xc9, 0x89, 0x7a, 0x35, 0xc1, + 0xbd, 0xe9, 0x0b, 0x77, 0x7a, 0xcb, 0x91, 0x2a, + 0xe8, 0x21, 0x3f, 0x47, 0x52, 0x02, 0x4d, 0x67 +}; + static void append_freqs(struct l_string *uri, const uint32_t *freqs, size_t len) { @@ -1134,3 +1160,185 @@ void dpp_free_uri_info(struct dpp_uri_info *info) l_free(info); } + +struct l_ecc_point *dpp_derive_l_initiator( + const struct l_ecc_point *boot_public, + const struct l_ecc_point *proto_public, + const struct l_ecc_scalar *boot_private) +{ + const struct l_ecc_curve *curve = l_ecc_point_get_curve(boot_public); + struct l_ecc_point *ret = l_ecc_point_new(curve); + + l_ecc_point_add(ret, boot_public, proto_public); + l_ecc_point_multiply(ret, boot_private, ret); + + return ret; +} + +struct l_ecc_point *dpp_derive_l_responder( + const struct l_ecc_scalar *boot_private, + const struct l_ecc_scalar *proto_private, + const struct l_ecc_point *peer_public) +{ + const struct l_ecc_curve *curve = l_ecc_point_get_curve(peer_public); + _auto_(l_ecc_scalar_free) struct l_ecc_scalar *order = + l_ecc_curve_get_order(curve); + _auto_(l_ecc_scalar_free) struct l_ecc_scalar *sum = + l_ecc_scalar_new(curve, NULL, 0); + _auto_(l_ecc_point_free) struct l_ecc_point *ret = + l_ecc_point_new(curve); + + if (!l_ecc_scalar_add(sum, boot_private, proto_private, order)) + return NULL; + + if (!l_ecc_point_multiply(ret, sum, peer_public)) + return NULL; + + return l_steal_ptr(ret); +} + +struct l_ecc_point *dpp_derive_q(const struct l_ecc_curve *curve, + bool responder, + const char *key, + const char *identifier, + const uint8_t *mac) +{ + _auto_(l_ecc_scalar_free) struct l_ecc_scalar *scalar = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *ret = NULL; + uint8_t hash[L_ECC_SCALAR_MAX_BYTES]; + unsigned int bytes = l_ecc_curve_get_scalar_bytes(curve); + enum l_checksum_type type = dpp_sha_from_key_len(bytes); + _auto_(l_ecc_point_free) struct l_ecc_point *p = NULL; + const uint8_t *p_data = responder ? dpp_pkex_responder_p256 : + dpp_pkex_initiator_p256; + struct l_checksum *sha = l_checksum_new(type); + + if (mac) + l_checksum_update(sha, mac, 6); + + if (identifier) + l_checksum_update(sha, identifier, strlen(identifier)); + + l_checksum_update(sha, key, strlen(key)); + l_checksum_get_digest(sha, hash, bytes); + l_checksum_free(sha); + + /* Unlikely but can happen */ + scalar = l_ecc_scalar_new(curve, hash, bytes); + if (!scalar) + return NULL; + + p = l_ecc_point_from_data(curve, L_ECC_POINT_TYPE_FULL, + p_data, bytes * 2); + if (!p) + return NULL; + + ret = l_ecc_point_new(curve); + + if (!l_ecc_point_multiply(ret, scalar, p)) + return NULL; + + return l_steal_ptr(ret); +} + +bool dpp_derive_z(const uint8_t *mac_i, const uint8_t *mac_r, + const struct l_ecc_point *n, + const struct l_ecc_point *m, + const struct l_ecc_point *k, + const char *key, + const char *identifier, + void *z_out, size_t *z_len) +{ + const struct l_ecc_curve *curve = l_ecc_point_get_curve(n); + size_t bytes = l_ecc_curve_get_scalar_bytes(curve); + enum l_checksum_type sha = dpp_sha_from_key_len(bytes); + uint8_t k_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t m_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t n_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t prk[L_ECC_SCALAR_MAX_BYTES]; + + l_ecc_point_get_x(k, k_x, sizeof(k_x)); + l_ecc_point_get_x(m, m_x, sizeof(m_x)); + l_ecc_point_get_x(n, n_x, sizeof(n_x)); + + hkdf_extract(sha, NULL, 0, 1, prk, k_x, bytes); + + /* HKDF-Extract (since it doesn't take non-string arguments)*/ + prf_plus(sha, prk, bytes, z_out, bytes, 5, mac_i, 6, mac_r, 6, m_x, + bytes, n_x, bytes, key, strlen(key)); + + *z_len = bytes; + + return true; +} + +bool dpp_derive_u(const struct l_ecc_point *j, + const uint8_t *mac_i, + const struct l_ecc_point *a, + const struct l_ecc_point *y, + const struct l_ecc_point *x, + void *u_out, size_t *u_len) +{ + const struct l_ecc_curve *curve = l_ecc_point_get_curve(y); + uint8_t j_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t a_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t y_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t x_x[L_ECC_SCALAR_MAX_BYTES]; + size_t bytes = l_ecc_curve_get_scalar_bytes(curve); + enum l_checksum_type sha = dpp_sha_from_key_len(bytes); + struct l_checksum *hmac; + + l_ecc_point_get_x(j, j_x, bytes); + l_ecc_point_get_x(a, a_x, bytes); + l_ecc_point_get_x(y, y_x, bytes); + l_ecc_point_get_x(x, x_x, bytes); + + /* u = HMAC(J.x, MAC-Initiator | A.x | Y'.x | X.x)*/ + hmac = l_checksum_new_hmac(sha, j_x, bytes); + l_checksum_update(hmac, mac_i, 6); + l_checksum_update(hmac, a_x, bytes); + l_checksum_update(hmac, y_x, bytes); + l_checksum_update(hmac, x_x, bytes); + l_checksum_get_digest(hmac, u_out, bytes); + l_checksum_free(hmac); + + *u_len = bytes; + + return true; +} + +bool dpp_derive_v(const struct l_ecc_point *l, const uint8_t *mac, + const struct l_ecc_point *b, + const struct l_ecc_point *x, + const struct l_ecc_point *y, + uint8_t *v_out, size_t *v_len) +{ + const struct l_ecc_curve *curve = l_ecc_point_get_curve(l); + uint8_t l_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t b_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t x_x[L_ECC_SCALAR_MAX_BYTES]; + uint8_t y_x[L_ECC_SCALAR_MAX_BYTES]; + size_t bytes = l_ecc_curve_get_scalar_bytes(curve); + enum l_checksum_type sha = dpp_sha_from_key_len(bytes); + struct l_checksum *hmac; + + l_ecc_point_get_x(l, l_x, sizeof(l_x)); + l_ecc_point_get_x(b, b_x, sizeof(b_x)); + l_ecc_point_get_x(x, x_x, sizeof(x_x)); + l_ecc_point_get_x(y, y_x, sizeof(y_x)); + + hmac = l_checksum_new_hmac(sha, l_x, bytes); + + if (mac) + l_checksum_update(hmac, mac, 6); + + l_checksum_update(hmac, b_x, bytes); + l_checksum_update(hmac, x_x, bytes); + l_checksum_update(hmac, y_x, bytes); + l_checksum_get_digest(hmac, v_out, bytes); + l_checksum_free(hmac); + + *v_len = bytes; + + return true; +} diff --git a/src/dpp-util.h b/src/dpp-util.h index 96711c35..6b00796e 100644 --- a/src/dpp-util.h +++ b/src/dpp-util.h @@ -183,3 +183,35 @@ struct l_ecc_point *dpp_point_from_asn1(const uint8_t *asn1, size_t len); struct dpp_uri_info *dpp_parse_uri(const char *uri); void dpp_free_uri_info(struct dpp_uri_info *info); + +struct l_ecc_point *dpp_derive_q(const struct l_ecc_curve *curve, + bool responder, + const char *key, + const char *identifier, + const uint8_t *mac); +struct l_ecc_point *dpp_derive_l_initiator( + const struct l_ecc_point *boot_public, + const struct l_ecc_point *proto_public, + const struct l_ecc_scalar *boot_private); +struct l_ecc_point *dpp_derive_l_responder( + const struct l_ecc_scalar *boot_private, + const struct l_ecc_scalar *proto_private, + const struct l_ecc_point *peer_public); +bool dpp_derive_z(const uint8_t *mac_i, const uint8_t *mac_r, + const struct l_ecc_point *n, + const struct l_ecc_point *m, + const struct l_ecc_point *k, + const char *key, + const char *identifier, + void *z_out, size_t *z_len); +bool dpp_derive_u(const struct l_ecc_point *j, + const uint8_t *mac_i, + const struct l_ecc_point *a, + const struct l_ecc_point *y, + const struct l_ecc_point *x, + void *u_out, size_t *u_len); +bool dpp_derive_v(const struct l_ecc_point *l, const uint8_t *mac, + const struct l_ecc_point *b, + const struct l_ecc_point *x, + const struct l_ecc_point *y, + uint8_t *v_out, size_t *v_len); From patchwork Thu Oct 12 20:01:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419774 Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5578E3CCEC for ; Thu, 12 Oct 2023 20:02:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LRd1MkQP" Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-1c9b1e3a809so10773465ad.2 for ; Thu, 12 Oct 2023 13:02:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140927; x=1697745727; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Fw/NcNRV6vAOGwpBsCKSuZrYjj3NrsDksb1f31yp7A0=; b=LRd1MkQPetq5ewcM7JwdaZhovIfUbs4QeCgp4V8+kYwP/nXph+fJhjaaz0SZpKtiv3 2SbztDdaA7biJbNiIXV3TY4UynZIIuNV1sU7ulWLUKV4/vsnx6HIvc6059Oyz6/36ZD+ 4Vvw5aZj1WoWvgdH2mWAOU0XLBFd2lDcDx334XWyxCKn0WW+HXC6N+9pNae459hbfm+I SsH6OU7plRsrX7zCjNbr2OrymbYh9Bn5EDpGgUp0Km921yajTm+lRl9srPLEbYnO01Xh lqiJdyf0g8yJoNqCcoSjMRlJZN2KnU/eeMZo/yBi10C14waC+PvUYL/BWw6oxKOS2MsA n7Vw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140927; x=1697745727; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Fw/NcNRV6vAOGwpBsCKSuZrYjj3NrsDksb1f31yp7A0=; b=XuK/ko38zFB02SajLezinRBoGZYfGJRhey4Ojn9H4mt3TOq5lyzsjoUPIWuEAb3ZCj tyaeKKNC87a2Z30J/BPniF+5cRwmsd8MM4V308d4qECQdel0ALCiX8WvfcBF78MxxWnP KywtWFOqNAhSuwPRrilLBQlYIxRxp5veWaDQP1E0TUkXoNzDper51pyUvQXT56BaYAtA jEmYL7RHBBXumSNDFuYO+lTBA1rbIiveOYpEbmWd9+3JSf9CSpAwG8CyjJAHqryZvRJN 9dLF571wlgx1bJHrP8ZIvq+uFQm0DuiGic4wFSwj3lTMf7yIhgXBulZiMcrKqfFEmYwu 2Iig== X-Gm-Message-State: AOJu0YzpK3aWdduv3dq7HrXE+ocqsu9VS9SGVHVAThLnyWIOiAdRQ3C0 yqkZuiyzdEdAdC8sFMThd6P8ibqhQuk= X-Google-Smtp-Source: AGHT+IHrAs9SC6jJmTA1pO4zoELKGScf/qryJkigEx6obWzFBMwOLupmP0EDjEbWVAJC1E1vHIWaEA== X-Received: by 2002:a17:902:f68b:b0:1c8:a68e:7f1 with SMTP id l11-20020a170902f68b00b001c8a68e07f1mr14420343plg.66.1697140927538; Thu, 12 Oct 2023 13:02:07 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:07 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 13/21] dpp-util: add __DPP_STATUS_MAX Date: Thu, 12 Oct 2023 13:01:42 -0700 Message-Id: <20231012200150.338401-14-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Nice for setting as an invalid status since STATUS_OK is already zero. --- src/dpp-util.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/dpp-util.h b/src/dpp-util.h index 6b00796e..61f1c859 100644 --- a/src/dpp-util.h +++ b/src/dpp-util.h @@ -71,6 +71,7 @@ enum dpp_status { DPP_STATUS_CSR_NEEDED, DPP_STATUS_CSR_BAD, DPP_STATUS_NEW_KEY_NEEDED, + __DPP_STATUS_MAX, }; enum dpp_attribute_type { From patchwork Thu Oct 12 20:01:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419775 Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F15923C6B0 for ; Thu, 12 Oct 2023 20:02:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="L5Ll4F1d" Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-1c888b3a25aso11422735ad.0 for ; Thu, 12 Oct 2023 13:02:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140928; x=1697745728; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NJeJDFRoAxVOQIu0OQPOFgq6AIgCxMsqYFDJ3fsfN8w=; b=L5Ll4F1dPWnNHhvJjJRXs6hPYFwCJEuhjq1Pa/JD1T08Z104k5VBlbzIjEM2l9nB20 mt0xXHFsg9Q6IryXewajMjEVIvM1Xcr89fj8ss9fCVp+QfbGP+1nDtIHfYJiptEv7Zcu 5IiBGKRWpS6T23IuwjFgSpTJzhzG/mR1Rt1owImfj6JG4adnzPG+ZqEYbhZDRNp0hZNC yPhoDQem+MXn/U4Nv4mr+hvSRJjj3natG4nE7i9VhGDPP2BLeIryfCRef/XWCsYDDZkX hb60UkDtJH5ifAsrDR49Z+EZKE1tbmkUb+tuzUZYuQJ1vu3CISnQqEPSQL4QUE4SQ+jO LHAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140928; x=1697745728; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NJeJDFRoAxVOQIu0OQPOFgq6AIgCxMsqYFDJ3fsfN8w=; b=rCXKBEsAyar79xiQHvj45+gpS7+VMo6guVm+c4k8pWh2fo+gf9jC+bnpLdJR5RYzLn tPLbtEdsI9VYgukR0n32R8RnkzMKpQNZPN4vEphcszRG8hWltE/c/hH2nTYRW0WNsLUZ I518+T9ZC8TVhwsXbZSn4ZQG7ZC2NGIQ5NWdY0Xb09iFFe5taN9hil+pt789KMLbizf1 NniVdPwFghb36TExFHoaI4TkBntgwUVjTggIhdqN/xwxI78I7DT7UEf7Q3/a3Oxhdiws jEk/U72yQLBiinpAFz86rDwn7/dQWBqp+P83JkbTipexzbysIQYYjEchlYSBQuy9L74E yd/w== X-Gm-Message-State: AOJu0Yx+AT1kvSxU8pG2rtXqO7B5+tEL7sIEAO7/09iz3uSFfnFgkeZ7 fSqgzwkq9O1wDcQLgfmdpHBlNbF9+BE= X-Google-Smtp-Source: AGHT+IHsplO7wcd2TRak+/tKsfnRHOKkIjv1phWP8G6tsAKQNgaB+o9CDlQlSpjdih1ZwgwPVEE1yg== X-Received: by 2002:a17:902:f689:b0:1c7:65e3:e605 with SMTP id l9-20020a170902f68900b001c765e3e605mr25853761plg.36.1697140928286; Thu, 12 Oct 2023 13:02:08 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:08 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 14/21] dpp: support mutual authentication Date: Thu, 12 Oct 2023 13:01:43 -0700 Message-Id: <20231012200150.338401-15-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This will be needed for PKEX support. It requires an additional value, L, be derived and used in some of the hashing functions. --- src/dpp.c | 42 +++++++++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 7 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index fc3d5c4f..adfebff3 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -149,6 +149,7 @@ struct dpp_sm { bool mcast_support : 1; bool roc_started : 1; bool channel_switch : 1; + bool mutual_auth : 1; }; static bool dpp_get_started(struct l_dbus *dbus, @@ -1168,7 +1169,7 @@ static void dpp_handle_config_result_frame(struct dpp_sm *dpp, static void send_authenticate_response(struct dpp_sm *dpp) { uint8_t hdr[32]; - uint8_t attrs[256]; + uint8_t attrs[512]; uint8_t *ptr = attrs; uint8_t status = DPP_STATUS_OK; uint64_t r_proto_key[L_ECC_MAX_DIGITS * 2]; @@ -1189,6 +1190,9 @@ static void send_authenticate_response(struct dpp_sm *dpp) ptr += dpp_append_attr(ptr, DPP_ATTR_STATUS, &status, 1); ptr += dpp_append_attr(ptr, DPP_ATTR_RESPONDER_BOOT_KEY_HASH, dpp->own_boot_hash, 32); + if (dpp->mutual_auth) + ptr += dpp_append_attr(ptr, DPP_ATTR_INITIATOR_BOOT_KEY_HASH, + dpp->peer_boot_hash, 32); ptr += dpp_append_attr(ptr, DPP_ATTR_RESPONDER_PROTOCOL_KEY, r_proto_key, dpp->key_len * 2); ptr += dpp_append_attr(ptr, DPP_ATTR_PROTOCOL_VERSION, &version, 1); @@ -1242,6 +1246,7 @@ static void authenticate_confirm(struct dpp_sm *dpp, const uint8_t *from, const void *unwrap_key; const void *ad0 = body + 2; const void *ad1 = body + 8; + struct l_ecc_point *bi = NULL; if (dpp->state != DPP_STATE_AUTHENTICATING) return; @@ -1334,9 +1339,12 @@ static void authenticate_confirm(struct dpp_sm *dpp, const uint8_t *from, goto auth_confirm_failed; } + if (dpp->mutual_auth) + bi = dpp->peer_boot_public; + dpp_derive_i_auth(dpp->r_nonce, dpp->i_nonce, dpp->nonce_len, dpp->own_proto_public, dpp->peer_proto_public, - dpp->boot_public, NULL, i_auth_check); + dpp->boot_public, bi, i_auth_check); if (memcmp(i_auth, i_auth_check, i_auth_len)) { l_error("I-Auth did not verify"); @@ -1652,6 +1660,8 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, _auto_(l_free) uint8_t *unwrapped = NULL; _auto_(l_ecc_scalar_free) struct l_ecc_scalar *m = NULL; _auto_(l_ecc_scalar_free) struct l_ecc_scalar *n = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *l = NULL; + struct l_ecc_point *bi = NULL; uint64_t k1[L_ECC_MAX_DIGITS]; const void *ad0 = body + 2; const void *ad1 = body + 8; @@ -1799,6 +1809,13 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, memcpy(dpp->i_nonce, i_nonce, i_nonce_len); + if (dpp->mutual_auth) { + l = dpp_derive_l_responder(dpp->boot_private, + dpp->proto_private, + dpp->peer_boot_public); + bi = dpp->peer_boot_public; + } + /* Derive keys k2, ke, and R-Auth for authentication response */ n = dpp_derive_k2(dpp->peer_proto_public, dpp->proto_private, dpp->k2); @@ -1807,12 +1824,12 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, l_getrandom(dpp->r_nonce, dpp->nonce_len); - if (!dpp_derive_ke(dpp->i_nonce, dpp->r_nonce, m, n, NULL, dpp->ke)) + if (!dpp_derive_ke(dpp->i_nonce, dpp->r_nonce, m, n, l, dpp->ke)) goto auth_request_failed; if (!dpp_derive_r_auth(dpp->i_nonce, dpp->r_nonce, dpp->nonce_len, dpp->peer_proto_public, dpp->own_proto_public, - NULL, dpp->boot_public, dpp->auth_tag)) + bi, dpp->boot_public, dpp->auth_tag)) goto auth_request_failed; memcpy(dpp->peer_addr, from, 6); @@ -1847,6 +1864,9 @@ static void dpp_send_authenticate_confirm(struct dpp_sm *dpp) ptr += dpp_append_attr(ptr, DPP_ATTR_STATUS, &zero, 1); ptr += dpp_append_attr(ptr, DPP_ATTR_RESPONDER_BOOT_KEY_HASH, dpp->peer_boot_hash, 32); + if (dpp->mutual_auth) + ptr += dpp_append_attr(ptr, DPP_ATTR_INITIATOR_BOOT_KEY_HASH, + dpp->own_boot_hash, 32); ptr += dpp_append_wrapped_data(hdr + 26, 6, attrs, ptr - attrs, ptr, sizeof(attrs), dpp->ke, dpp->key_len, 1, @@ -1879,6 +1899,8 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, const void *r_auth = NULL; _auto_(l_ecc_point_free) struct l_ecc_point *r_proto_key = NULL; _auto_(l_ecc_scalar_free) struct l_ecc_scalar *n = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *l = NULL; + struct l_ecc_point *bi = NULL; const void *ad0 = body + 2; const void *ad1 = body + 8; uint64_t r_auth_derived[L_ECC_MAX_DIGITS]; @@ -1983,7 +2005,13 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, return; } - if (!dpp_derive_ke(i_nonce, r_nonce, dpp->m, n, NULL, dpp->ke)) { + if (dpp->mutual_auth) { + l = dpp_derive_l_initiator(dpp->peer_boot_public, r_proto_key, + dpp->boot_private); + bi = dpp->boot_public; + } + + if (!dpp_derive_ke(i_nonce, r_nonce, dpp->m, n, l, dpp->ke)) { l_debug("Failed to derive ke"); return; } @@ -2016,7 +2044,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, } if (!dpp_derive_r_auth(i_nonce, r_nonce, dpp->nonce_len, - dpp->own_proto_public, r_proto_key, NULL, + dpp->own_proto_public, r_proto_key, bi, dpp->peer_boot_public, r_auth_derived)) { l_debug("Failed to derive r_auth"); return; @@ -2029,7 +2057,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, if (!dpp_derive_i_auth(r_nonce, i_nonce, dpp->nonce_len, r_proto_key, dpp->own_proto_public, - dpp->peer_boot_public, NULL, dpp->auth_tag)) { + dpp->peer_boot_public, bi, dpp->auth_tag)) { l_debug("Could not derive I-Auth"); return; } From patchwork Thu Oct 12 20:01:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419776 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 06E053CCFA for ; Thu, 12 Oct 2023 20:02:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Rts+yW+Q" Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1c8a1541232so12412145ad.0 for ; Thu, 12 Oct 2023 13:02:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140929; x=1697745729; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=k1mQNPSPsVlJe67kyZKXg3OtbokCYP4GCa9A0hj1t2U=; b=Rts+yW+Q6lcQXeFRCuTxUkEd4cPzjeN5rty7b8tV2ni12+nSLPDKpo0Kk/Pm/wGRTe hq26OXBv6Z7rhJW4WDiIBWeRTrgYqqaI27uymIahMD0K54v9FMWbHZuS81FT6Hvmcpap UoJm+tS/R0adpC20uN5apDrAKf6eqkLQ7j3go/szXt7hUnA59Wn4yQwB6Any1xlJbDlQ ZQ0DrYwm6yha8lXf3lGka6VWcTbZAOQvMylIZsvJebzseCO64zp6s4eLxLoB/buwoBol LdQQUedTVksNghwXD3pCqbv89Ou8nU3TQ3yfXF34cmKgR2N9TZWNa2doibYmVeOSneU1 wQtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140929; x=1697745729; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=k1mQNPSPsVlJe67kyZKXg3OtbokCYP4GCa9A0hj1t2U=; b=hRhfPm2aUbLfhOKutnYtvdFyQblCH13ZThP/iIrzX16C0sh17r6IY9l8li6MrUh3BE aVhrTX9dBUSDSvs5SXYE+yf9ywkyAJd5cZAtH38vtEhTG7r9nzDJQXJPYkrwcs82FAZz BoC7dAPnP9M6BR9qz9Lzi0EZ2xxzk3NbYObRfrKMLLmrAP0U9MJyhcauQcUkZ07DrNNo q2KRllmRHDFT702aCCVnMnP+WHgPaBceZvsn20YurP9ge7hDlywa4cd41gaC7341z+9v a80hMf1RzLqiK3dPo+ZXqHkEWmxbw3z3T7pBZYtdk3ybCjT5muYvZOcmcj5bhXdXcsAg cZ9w== X-Gm-Message-State: AOJu0YwqzNwt989bpd6+wIWTV6wRsEXDgieP1Eu8x9hv+SqFXBMESODV LK9hieln4BL/0CGpigKHdSeJDmXzDX8= X-Google-Smtp-Source: AGHT+IFbAobkMwiCu+AMjJw/ulbLO58hqTG7ciYHe66P2ZUzUTKDXXIqkmNXi3zmQQB9Gp26KIi2/Q== X-Received: by 2002:a17:903:228f:b0:1c7:1fbc:b9e7 with SMTP id b15-20020a170903228f00b001c71fbcb9e7mr29819218plh.43.1697140929160; Thu, 12 Oct 2023 13:02:09 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:08 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 15/21] dpp: allow enrollee to be authentication initiator Date: Thu, 12 Oct 2023 13:01:44 -0700 Message-Id: <20231012200150.338401-16-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Until now IWD only supported enrollees as responders (configurators could do both). For PKEX it makes sense for the enrollee to be the initiator because configurators in the area are already on their operating channel and going off is inefficient. For PKEX, whoever initiates also initiates authentication so for this reason the authentication path is being opened up to allow enrollees to initiate. --- src/dpp.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index adfebff3..fb025ac3 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -1451,7 +1451,7 @@ static bool dpp_send_authenticate_request(struct dpp_sm *dpp) struct scan_bss *bss = station_get_connected_bss(station); /* Got disconnected by the time the peer was discovered */ - if (!bss) { + if (dpp->role == DPP_CAPABILITY_CONFIGURATOR && !bss) { dpp_reset(dpp); return false; } @@ -1472,7 +1472,8 @@ static bool dpp_send_authenticate_request(struct dpp_sm *dpp) i_proto_key, dpp->key_len * 2); ptr += dpp_append_attr(ptr, DPP_ATTR_PROTOCOL_VERSION, &version, 1); - if (dpp->current_freq != bss->frequency) { + if (dpp->role == DPP_CAPABILITY_CONFIGURATOR && + dpp->current_freq != bss->frequency) { uint8_t pair[2] = { 81, band_freq_to_channel(bss->frequency, NULL) }; @@ -1910,9 +1911,6 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, if (dpp->state != DPP_STATE_AUTHENTICATING) return; - if (dpp->role != DPP_CAPABILITY_CONFIGURATOR) - return; - if (!dpp->freqs) return; @@ -2066,6 +2064,10 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from, dpp->current_freq = dpp->new_freq; dpp_send_authenticate_confirm(dpp); + + if (dpp->role == DPP_CAPABILITY_ENROLLEE) + dpp_configuration_start(dpp, from); + } static void dpp_handle_presence_announcement(struct dpp_sm *dpp, From patchwork Thu Oct 12 20:01:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419777 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D020D3B7BD for ; Thu, 12 Oct 2023 20:02:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="k0N6Kdz0" Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1c9b7c234a7so12226745ad.3 for ; Thu, 12 Oct 2023 13:02:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140930; x=1697745730; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ugoc02Q2FpoXZFBiQ5BqiLP0/t/38mCaTnl1KA/s1cs=; b=k0N6Kdz0M2PKs1XJ3xMPvMLgUarGLmHALshnRNc0kIT0N36ugf1Zc3DukfpCC6w7lU D5b95ebl03BAdTWkKpAuuiA2udUKhlGq2DRSRNfyPudNkSdcO22e0opwW2qpPGcB/BJ6 Le9AR5vnrmGiC49EmS+IxFJPteEXK1s/esS5eDTjzAEKjG1jLgAEtq6868l77U3K8x8n 5PMvbiFz6+4oEDBHfWIq3t+CA6rR3hugivjrYcMTRf0SNNwUe6rBZ6BvDuDn5kOZMCuS +fcnQSg/btxJx3Z9a4edWjR/AmCyULQKIvHGsCfnErmT8K6esFX+yoA/s2lIl9jOtHoO qe8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140930; x=1697745730; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ugoc02Q2FpoXZFBiQ5BqiLP0/t/38mCaTnl1KA/s1cs=; b=OE7OHAl7/ATNgTpwkFCA9uNId/Kg3WyRbNz+E4EfHP4AxUnKZv2qgQoqWCwQUOsFmM +aCv2FOPfnj0Y+PjW5/JJ8R0Ed9pucB6YHj59nOATTxgG+kerbl3V5Ww9qst+Mnv9HWc bUXM/o31DAzY44cthndOzlqFIgK6wXNTICwA6CUnSb/WqaHb/4FVXaw7WKXFmy0Vpa8v yOvYikJmsTKOZ0wNbdHFKq6UzavWjc4PB4KkBO0/zTNyA+95lQjQO6fm2OzJ1DH2brtP J4r3LuqukT7FC6jKdszXcbuXRmg9/fdMvfaUW+ZTGZOmA0HUHrifzD5o4xUwLX/PDp0M UABQ== X-Gm-Message-State: AOJu0Yw0ceF2is94dlV5ClG+7Zr9EYftLmviB2ZAFul7D+HKhHtj7fAS QJIevD4ZXzTJCv1tR7hPERt1g7itc5E= X-Google-Smtp-Source: AGHT+IE3TAMMdDaXralKE4bKVopYGUw+RcAbv4dTpXE0o1UmanppAItmyqa0RzOTckTMPn0cSiZ/Dw== X-Received: by 2002:a17:903:2348:b0:1c5:fab7:70ac with SMTP id c8-20020a170903234800b001c5fab770acmr32698741plh.27.1697140930095; Thu, 12 Oct 2023 13:02:10 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:09 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 16/21] dbus: add SharedCodeDeviceProvisioning interface definition Date: Thu, 12 Oct 2023 13:01:45 -0700 Message-Id: <20231012200150.338401-17-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- src/dbus.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/dbus.h b/src/dbus.h index 00c2df57..cff64ae2 100644 --- a/src/dbus.h +++ b/src/dbus.h @@ -44,6 +44,7 @@ #define IWD_AP_DIAGNOSTIC_INTERFACE "net.connman.iwd.AccessPointDiagnostic" #define IWD_STATION_DEBUG_INTERFACE "net.connman.iwd.StationDebug" #define IWD_DPP_INTERFACE "net.connman.iwd.DeviceProvisioning" +#define IWD_DPP_PKEX_INTERFACE "net.connman.iwd.SharedCodeDeviceProvisioning" #define IWD_NETCONFIG_AGENT_INTERFACE \ "net.connman.iwd.NetworkConfigurationAgent" From patchwork Thu Oct 12 20:01:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419779 Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C32A83C6B0 for ; Thu, 12 Oct 2023 20:02:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JINzPnbd" Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-1c9de3f66e5so9935825ad.3 for ; Thu, 12 Oct 2023 13:02:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140931; x=1697745731; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jLiLyDe69Ilf4v7vlhUvsxckLsd0nEMIiqeFAS7xK08=; b=JINzPnbdxFbcMZV0ehpjTZ425QT0VmEnDRGaSiydFZlupp+eh+yPwxTtyl0Rvalp55 Z2teUH2XR3YMjlmkH9Bs4gVT8Q+BwDNy+6Y5EoRsoa+q3A45YSx+VgXPQeG8LXqRBg8V mAQXytQQsJkuP1Vh+KiJy0hUWudnFrXSaAPbgD8UtXo13WikoT4/JrIhDopQBnZI855G mCi4g/PgGpliggMi1Cz6br75caND7V2xlc+M74sX80ywYI8A5niTBjfQ/WhKjk9tVBgk f3NrbHz3K9QJvevXjKkLmAD3hf/R7fcz/NTKrF/zIuUcqhsfTKAJsB9yqyUP3wJGbMHB J8WQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140931; x=1697745731; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jLiLyDe69Ilf4v7vlhUvsxckLsd0nEMIiqeFAS7xK08=; b=vKWceDFIvqjzcQfC/gtRqefDyRk4dkYZN6Nff3za7LwF9SR8YAFlhkUrGBvR00uVkr 8kVniyx2rHAtjxjl6zolSVMgtpdWCjmMX72TZyD9NOAdEMdZ7b/v+4bCaFfjXcBOZ66B ogpUkIMtWXbR0RcVoN1UhbNSV+gvNx308sCZOe+X9FKC8dYQx3a62MbZ5kEBfN4yJFli EwMC2VawVIoEylXToxdh5n8qOQIyXp+MQlhVH/4kBxrTjWRJbUfSZYX8jHZsecMuTFx5 TMUhdZGczGlYekZ8WNqaXtMniafuq8omFhyDKwe9b4bFYK6rBKMi5bn5YlxudMXPLi1E GYIQ== X-Gm-Message-State: AOJu0YzESS7kEkHHrjY2glpaLbvPG9XNDYYW1lTYAHENgmIZcjfLKZjH VGEHB3qSVbQeQHVNRliLD12ny/S9ecY= X-Google-Smtp-Source: AGHT+IE1hxnp8aB1lYY3Xqfa+6WgMJJyux/tRTh0e8u9ZDZGamzgoGFHJdIMpSZTCuKZ+xLzAopa/w== X-Received: by 2002:a17:902:dac9:b0:1c7:5f18:d125 with SMTP id q9-20020a170902dac900b001c75f18d125mr28245039plx.27.1697140930891; Thu, 12 Oct 2023 13:02:10 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:10 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 17/21] dpp: initial version of PKEX enrollee support Date: Thu, 12 Oct 2023 13:01:46 -0700 Message-Id: <20231012200150.338401-18-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This is the initial support for PKEX enrollees acting as the initiator. A PKEX initiator starts the protocol by broadcasting the PKEX exchange request. This request contains a key encrypted with the pre-shared PKEX code. If accepted the peer sends back the exchange response with its own encrypted key. The enrollee decrypts this and performs some crypto/hashing in order to establish an ephemeral key used to encrypt its own boostrapping key. The boostrapping key is encrypted and sent to the peer in the PKEX commit-reveal request. The peer then does the same thing, encrypting its own bootstrapping key and sending to the initiator as the PKEX commit-reveal response. After this, both peers have exchanged their boostrapping keys securely and can begin DPP authentication, then configuration. For now the enrollee will only iterate the default channel list from the Easy Connect spec. Future upates will need to include some way of discovering non-default channel configurators, but the protocol needs to be ironed out first. --- src/dpp.c | 745 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 742 insertions(+), 3 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index fb025ac3..de9c64ce 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -69,6 +69,8 @@ static uint8_t dpp_prefix[] = { 0x04, 0x09, 0x50, 0x6f, 0x9a, 0x1a, 0x01 }; enum dpp_state { DPP_STATE_NOTHING, DPP_STATE_PRESENCE, + DPP_STATE_PKEX_EXCHANGE, + DPP_STATE_PKEX_COMMIT_REVEAL, DPP_STATE_AUTHENTICATING, DPP_STATE_CONFIGURING, }; @@ -146,19 +148,66 @@ struct dpp_sm { struct l_dbus_message *pending; + /* PKEX-specific values */ + char *pkex_id; + char *pkex_key; + uint8_t pkex_version; + struct l_ecc_point *pkex_m; + /* Ephemeral key Y' or X' for enrollee or configurator */ + struct l_ecc_point *y_or_x; + /* Ephemeral key pair y/Y or x/X */ + struct l_ecc_point *pkex_public; + struct l_ecc_scalar *pkex_private; + uint8_t z[L_ECC_SCALAR_MAX_BYTES]; + size_t z_len; + uint8_t u[L_ECC_SCALAR_MAX_BYTES]; + size_t u_len; + bool mcast_support : 1; bool roc_started : 1; bool channel_switch : 1; bool mutual_auth : 1; }; +static bool dpp_pkex_get_started(struct l_dbus *dbus, + struct l_dbus_message *message, + struct l_dbus_message_builder *builder, + void *user_data) +{ + struct dpp_sm *dpp = user_data; + bool started = false; + + switch (dpp->state) { + case DPP_STATE_PKEX_EXCHANGE: + case DPP_STATE_PKEX_COMMIT_REVEAL: + started = true; + break; + default: + break; + } + + l_dbus_message_builder_append_basic(builder, 'b', &started); + + return true; +} + static bool dpp_get_started(struct l_dbus *dbus, struct l_dbus_message *message, struct l_dbus_message_builder *builder, void *user_data) { struct dpp_sm *dpp = user_data; - bool started = (dpp->state != DPP_STATE_NOTHING); + bool started = false; + + switch (dpp->state) { + case DPP_STATE_PRESENCE: + case DPP_STATE_AUTHENTICATING: + case DPP_STATE_CONFIGURING: + started = true; + break; + default: + break; + } l_dbus_message_builder_append_basic(builder, 'b', &started); @@ -198,7 +247,9 @@ static bool dpp_get_uri(struct l_dbus *dbus, { struct dpp_sm *dpp = user_data; - if (dpp->state == DPP_STATE_NOTHING) + if (dpp->state == DPP_STATE_NOTHING || + dpp->state == DPP_STATE_PKEX_EXCHANGE || + dpp->state == DPP_STATE_PKEX_COMMIT_REVEAL) return false; l_dbus_message_builder_append_basic(builder, 's', dpp->uri); @@ -217,6 +268,16 @@ static void dpp_property_changed_notify(struct dpp_sm *dpp) "URI"); } +static void dpp_pkex_property_changed_notify(struct dpp_sm *dpp) +{ + const char *path = netdev_get_path(dpp->netdev); + + l_dbus_property_changed(dbus_get_bus(), path, IWD_DPP_PKEX_INTERFACE, + "Started"); + l_dbus_property_changed(dbus_get_bus(), path, IWD_DPP_PKEX_INTERFACE, + "Role"); +} + static void *dpp_serialize_iovec(struct iovec *iov, size_t iov_len, size_t *out_len) { @@ -267,6 +328,27 @@ static void dpp_free_auth_data(struct dpp_sm *dpp) l_ecc_scalar_free(dpp->m); dpp->m = NULL; } + + if (dpp->pkex_m) { + l_ecc_point_free(dpp->pkex_m); + dpp->pkex_m = NULL; + } + + if (dpp->y_or_x) { + l_ecc_point_free(dpp->y_or_x); + dpp->y_or_x = NULL; + } + + if (dpp->pkex_public) { + l_ecc_point_free(dpp->pkex_public); + dpp->pkex_public = NULL; + } + + if (dpp->pkex_private) { + l_ecc_scalar_free(dpp->pkex_private); + dpp->pkex_private = NULL; + } + } static void dpp_reset(struct dpp_sm *dpp) @@ -328,10 +410,24 @@ static void dpp_reset(struct dpp_sm *dpp) explicit_bzero(dpp->k1, dpp->key_len); explicit_bzero(dpp->k2, dpp->key_len); explicit_bzero(dpp->auth_tag, dpp->key_len); + explicit_bzero(dpp->z, dpp->key_len); + explicit_bzero(dpp->u, dpp->u_len); + + if (dpp->pkex_key) { + explicit_bzero(dpp->pkex_key, strlen(dpp->pkex_key)); + l_free(dpp->pkex_key); + dpp->pkex_key = NULL; + } + + if (dpp->pkex_id) { + l_free(dpp->pkex_id); + dpp->pkex_id = NULL; + } dpp_free_auth_data(dpp); dpp_property_changed_notify(dpp); + dpp_pkex_property_changed_notify(dpp); } static void dpp_free(struct dpp_sm *dpp) @@ -1494,6 +1590,71 @@ static bool dpp_send_authenticate_request(struct dpp_sm *dpp) return true; } +static void dpp_send_pkex_exchange_request(struct dpp_sm *dpp) +{ + uint8_t hdr[32]; + uint8_t attrs[256]; + uint8_t *ptr = attrs; + uint64_t m_data[L_ECC_MAX_DIGITS * 2]; + uint16_t group; + struct iovec iov[2]; + const uint8_t *own_mac = netdev_get_address(dpp->netdev); + + l_put_le16(l_ecc_curve_get_ike_group(dpp->curve), &group); + + iov[0].iov_len = dpp_build_header(own_mac, broadcast, + DPP_FRAME_PKEX_VERSION1_XCHG_REQUST, hdr); + iov[0].iov_base = hdr; + + ptr += dpp_append_attr(ptr, DPP_ATTR_PROTOCOL_VERSION, + &dpp->pkex_version, 1); + ptr += dpp_append_attr(ptr, DPP_ATTR_FINITE_CYCLIC_GROUP, + &group, 2); + + if (dpp->pkex_id) + ptr += dpp_append_attr(ptr, DPP_ATTR_CODE_IDENTIFIER, + dpp->pkex_id, strlen(dpp->pkex_id)); + + l_ecc_point_get_data(dpp->pkex_m, m_data, sizeof(m_data)); + + ptr += dpp_append_attr(ptr, DPP_ATTR_ENCRYPTED_KEY, + m_data, dpp->key_len * 2); + + iov[1].iov_base = attrs; + iov[1].iov_len = ptr - attrs; + + dpp_send_frame(dpp, iov, 2, dpp->current_freq); +} + +static void dpp_send_commit_reveal_request(struct dpp_sm *dpp) +{ + struct iovec iov[2]; + uint8_t hdr[41]; + uint8_t attrs[512]; + uint8_t *ptr = attrs; + uint8_t zero = 0; + uint8_t a_pub[L_ECC_POINT_MAX_BYTES]; + ssize_t a_len; + + a_len = l_ecc_point_get_data(dpp->boot_public, a_pub, sizeof(a_pub)); + + iov[0].iov_len = dpp_build_header(netdev_get_address(dpp->netdev), + dpp->peer_addr, + DPP_FRAME_PKEX_COMMIT_REVEAL_REQUEST, + hdr); + iov[0].iov_base = hdr; + + ptr += dpp_append_wrapped_data(hdr + 26, 6, &zero, 1, ptr, + sizeof(attrs), dpp->z, dpp->z_len, 2, + DPP_ATTR_BOOTSTRAPPING_KEY, a_len, a_pub, + DPP_ATTR_INITIATOR_AUTH_TAG, dpp->u_len, dpp->u); + + iov[1].iov_base = attrs; + iov[1].iov_len = ptr - attrs; + + dpp_send_frame(dpp, iov, 2, dpp->current_freq); +} + static void dpp_roc_started(void *user_data) { struct dpp_sm *dpp = user_data; @@ -1557,6 +1718,16 @@ static void dpp_roc_started(void *user_data) send_authenticate_response(dpp); } + break; + case DPP_STATE_PKEX_EXCHANGE: + if (dpp->role == DPP_CAPABILITY_ENROLLEE) + dpp_send_pkex_exchange_request(dpp); + + break; + case DPP_STATE_PKEX_COMMIT_REVEAL: + if (dpp->role == DPP_CAPABILITY_ENROLLEE) + dpp_send_commit_reveal_request(dpp); + break; default: break; @@ -1586,12 +1757,14 @@ static void dpp_offchannel_timeout(int error, void *user_data) switch (dpp->state) { case DPP_STATE_PRESENCE: + case DPP_STATE_PKEX_EXCHANGE: break; case DPP_STATE_NOTHING: /* Protocol already terminated */ return; case DPP_STATE_AUTHENTICATING: case DPP_STATE_CONFIGURING: + case DPP_STATE_PKEX_COMMIT_REVEAL: goto next_roc; } @@ -2155,6 +2328,382 @@ static void dpp_handle_presence_announcement(struct dpp_sm *dpp, dpp->channel_switch = true; } +static void dpp_pkex_bad_group(struct dpp_sm *dpp, uint16_t group) +{ + uint16_t own_group = l_ecc_curve_get_ike_group(dpp->curve); + + /* + * TODO: The spec allows group negotiation, but it is not yet + * implemented. + */ + if (!group) + return; + /* + * Section 5.6.2 + * "If the Responder's offered group offers less security + * than the Initiator's offered group, then the Initiator should + * ignore this message" + */ + if (group < own_group) { + l_debug("Offered group %u is less secure, ignoring", + group); + return; + } + /* + * Section 5.6.2 + * "If the Responder's offered group offers equivalent or better + * security than the Initiator's offered group, then the + * Initiator may choose to abort its original request and try + * another exchange using the group offered by the Responder" + */ + if (group >= own_group) { + l_debug("Offered group %u is the same or more secure, " + " but group negotiation is not supported", group); + return; + } +} + +static void dpp_pkex_bad_code(struct dpp_sm *dpp) +{ + _auto_(l_ecc_point_free) struct l_ecc_point *qr = NULL; + + qr = dpp_derive_q(dpp->curve, true, dpp->pkex_key, dpp->pkex_id, + netdev_get_address(dpp->netdev)); + if (!qr) { + l_debug("Qr computed to zero, new code should be provisioned"); + return; + } + + l_debug("Qr computed successfully but responder indicated otherwise"); +} + +static void dpp_handle_pkex_exchange_response(struct dpp_sm *dpp, + const uint8_t *from, + const uint8_t *body, size_t body_len) +{ + struct dpp_attr_iter iter; + enum dpp_attribute_type type; + size_t len; + const uint8_t *data; + uint8_t status = __DPP_STATUS_MAX; + uint8_t version = 0; + const char *identifier = NULL; + size_t identifier_len = 0; + const void *key = NULL; + size_t key_len = 0; + uint16_t group = 0; + _auto_(l_ecc_point_free) struct l_ecc_point *n = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *j = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *qr = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *k = NULL; + const uint8_t *own_addr = netdev_get_address(dpp->netdev); + + l_debug("PKEX response "MAC, MAC_STR(from)); + + if (dpp->state != DPP_STATE_PKEX_EXCHANGE) + return; + + if (dpp->role != DPP_CAPABILITY_ENROLLEE) + return; + + memcpy(dpp->peer_addr, from, 6); + + dpp_attr_iter_init(&iter, body + 8, body_len - 8); + + while (dpp_attr_iter_next(&iter, &type, &len, &data)) { + switch (type) { + case DPP_ATTR_STATUS: + if (len != 1) + return; + + status = l_get_u8(data); + break; + case DPP_ATTR_PROTOCOL_VERSION: + if (len != 1) + return; + + version = l_get_u8(data); + break; + case DPP_ATTR_CODE_IDENTIFIER: + identifier = (char *) data; + identifier_len = len; + break; + case DPP_ATTR_ENCRYPTED_KEY: + if (len != dpp->key_len * 2) + return; + + key = data; + key_len = len; + break; + case DPP_ATTR_FINITE_CYCLIC_GROUP: + if (len != 2) + return; + + group = l_get_le16(data); + break; + default: + break; + } + } + + if (status == __DPP_STATUS_MAX) { + l_debug("No status attribute, ignoring"); + return; + } + + if (!key) { + l_debug("No encrypted key, ignoring"); + return; + } + + if (status != DPP_STATUS_OK) + goto handle_status; + + if (dpp->pkex_id) { + if (!identifier || identifier_len != strlen(dpp->pkex_id) || + strncmp(dpp->pkex_id, identifier, + identifier_len)) { + l_debug("mismatch identifier, ignoring"); + return; + } + } + + if (version && version != dpp->pkex_version) { + l_debug("PKEX version does not match, igoring"); + return; + } + + n = l_ecc_point_from_data(dpp->curve, L_ECC_POINT_TYPE_FULL, + key, key_len); + if (!n) { + l_debug("failed to parse peers encrypted key"); + goto failed; + } + + qr = dpp_derive_q(dpp->curve, true, dpp->pkex_key, dpp->pkex_id, + dpp->peer_addr); + if (!qr) + goto failed; + + dpp->y_or_x = l_ecc_point_new(dpp->curve); + + /* Y' = N - Qr */ + l_ecc_point_inverse(qr); + l_ecc_point_add(dpp->y_or_x, n, qr); + + /* + * "The resulting ephemeral key, denoted Y’, is then checked whether it + * is the point-at-infinity. If it is not valid, the protocol ends + * unsuccessfully" + */ + if (l_ecc_point_is_infinity(dpp->y_or_x)) { + l_debug("Y' computed to infinity, failing"); + dpp_reset(dpp); + return; + } + + k = l_ecc_point_new(dpp->curve); + + /* K = Y' * x */ + l_ecc_point_multiply(k, dpp->pkex_private, dpp->y_or_x); + + dpp_derive_z(own_addr, dpp->peer_addr, n, dpp->pkex_m, k, + dpp->pkex_key, dpp->pkex_id, + dpp->z, &dpp->z_len); + + j = l_ecc_point_new(dpp->curve); + + l_ecc_point_multiply(j, dpp->boot_private, dpp->y_or_x); + + if (!dpp_derive_u(j, own_addr, dpp->boot_public, dpp->y_or_x, + dpp->pkex_public, dpp->u, &dpp->u_len)) { + l_debug("failed to compute u"); + goto failed; + } + + /* + * Now that a response was successfully received, start another + * offchannel with more time for the remainder of the protocol. After + * PKEX, authentication will begin which handles the protocol timeout. + * If the remainder of PKEX (commit-reveal exchange) cannot complete in + * this time it will fail. + */ + dpp->dwell = (dpp->max_roc < 2000) ? dpp->max_roc : 2000; + dpp->state = DPP_STATE_PKEX_COMMIT_REVEAL; + + dpp_pkex_property_changed_notify(dpp); + + dpp_start_offchannel(dpp, dpp->current_freq); + + return; + +handle_status: + switch (status) { + case DPP_STATUS_BAD_GROUP: + dpp_pkex_bad_group(dpp, group); + break; + case DPP_STATUS_BAD_CODE: + dpp_pkex_bad_code(dpp); + break; + default: + l_debug("Unhandled status %u", status); + break; + } + +failed: + dpp_reset(dpp); +} + +static bool dpp_pkex_start_authentication(struct dpp_sm *dpp) +{ + dpp->uri = dpp_generate_uri(dpp->own_asn1, dpp->own_asn1_len, 2, + netdev_get_address(dpp->netdev), + &dpp->current_freq, 1, NULL, NULL); + + l_ecdh_generate_key_pair(dpp->curve, &dpp->proto_private, + &dpp->own_proto_public); + + l_getrandom(dpp->i_nonce, dpp->nonce_len); + + dpp->peer_asn1 = dpp_point_to_asn1(dpp->peer_boot_public, + &dpp->peer_asn1_len); + + dpp->m = dpp_derive_k1(dpp->peer_boot_public, dpp->proto_private, + dpp->k1); + + dpp_hash(L_CHECKSUM_SHA256, dpp->peer_boot_hash, 1, dpp->peer_asn1, + dpp->peer_asn1_len); + + dpp->state = DPP_STATE_AUTHENTICATING; + dpp->mutual_auth = true; + + dpp_pkex_property_changed_notify(dpp); + + if (dpp->role == DPP_CAPABILITY_ENROLLEE) { + dpp->new_freq = dpp->current_freq; + + return dpp_send_authenticate_request(dpp); + } + + return true; +} + + +static void dpp_handle_pkex_commit_reveal_response(struct dpp_sm *dpp, + const uint8_t *from, + const uint8_t *body, size_t body_len) +{ + struct dpp_attr_iter iter; + enum dpp_attribute_type type; + size_t len; + const uint8_t *data; + const uint8_t *wrapped = NULL; + size_t wrapped_len = 0; + uint8_t one = 1; + _auto_(l_free) uint8_t *unwrapped = NULL; + size_t unwrapped_len = 0; + const uint8_t *boot_key = NULL; + size_t boot_key_len = 0; + const uint8_t *r_auth = NULL; + uint8_t v[L_ECC_SCALAR_MAX_BYTES]; + size_t v_len; + _auto_(l_ecc_point_free) struct l_ecc_point *l = NULL; + + l_debug("PKEX commit reveal "MAC, MAC_STR(from)); + + if (dpp->state != DPP_STATE_PKEX_COMMIT_REVEAL) + return; + + if (dpp->role != DPP_CAPABILITY_ENROLLEE) + return; + + /* + * The URI may not have contained a MAC address, if this announcement + * verifies set peer_addr then. + */ + if (memcmp(from, dpp->peer_addr, 6)) { + l_debug("Unexpected source "MAC" expected "MAC, MAC_STR(from), + MAC_STR(dpp->peer_addr)); + return; + } + + dpp_attr_iter_init(&iter, body + 8, body_len - 8); + + while (dpp_attr_iter_next(&iter, &type, &len, &data)) { + switch (type) { + case DPP_ATTR_WRAPPED_DATA: + wrapped = data; + wrapped_len = len; + break; + default: + break; + } + } + + if (!wrapped) { + l_debug("No wrapped data"); + return; + } + + unwrapped = dpp_unwrap_attr(body + 2, 6, &one, 1, dpp->z, dpp->z_len, + wrapped, wrapped_len, &unwrapped_len); + if (!unwrapped) { + l_debug("Failed to unwrap Reveal-Commit message"); + return; + } + + dpp_attr_iter_init(&iter, unwrapped, unwrapped_len); + + while (dpp_attr_iter_next(&iter, &type, &len, &data)) { + switch (type) { + case DPP_ATTR_BOOTSTRAPPING_KEY: + if (len != dpp->key_len * 2) + return; + + boot_key = data; + boot_key_len = len; + break; + case DPP_ATTR_RESPONDER_AUTH_TAG: + if (len != 32) + return; + + r_auth = data; + break; + default: + break; + } + } + + dpp->peer_boot_public = l_ecc_point_from_data(dpp->curve, + L_ECC_POINT_TYPE_FULL, + boot_key, boot_key_len); + if (!dpp->peer_boot_public) { + l_debug("Peer public bootstrapping key was invalid"); + goto failed; + } + + l = l_ecc_point_new(dpp->curve); + + l_ecc_point_multiply(l, dpp->pkex_private, dpp->peer_boot_public); + + if (!dpp_derive_v(l, dpp->peer_addr, dpp->peer_boot_public, + dpp->pkex_public, dpp->y_or_x, v, &v_len)) { + l_debug("Failed to derive v"); + goto failed; + } + + if (memcmp(v, r_auth, v_len)) { + l_debug("Bootstrapping data did not verify"); + goto failed; + } + + if (dpp_pkex_start_authentication(dpp)) + return; + +failed: + dpp_reset(dpp); +} + static void dpp_handle_frame(struct dpp_sm *dpp, const struct mmpdu_header *frame, const void *body, size_t body_len) @@ -2189,6 +2738,14 @@ static void dpp_handle_frame(struct dpp_sm *dpp, dpp_handle_presence_announcement(dpp, frame->address_2, body, body_len); break; + case DPP_FRAME_PKEX_XCHG_RESPONSE: + dpp_handle_pkex_exchange_response(dpp, frame->address_2, body, + body_len); + break; + case DPP_FRAME_PKEX_COMMIT_REVEAL_RESPONSE: + dpp_handle_pkex_commit_reveal_response(dpp, frame->address_2, + body, body_len); + break; default: l_debug("Unhandled DPP frame %u", *ptr); break; @@ -2245,7 +2802,14 @@ static void dpp_mlme_notify(struct l_genl_msg *msg, void *user_data) if (!dpp) return; - if (dpp->state == DPP_STATE_PRESENCE || dpp->state == DPP_STATE_NOTHING) + /* + * Don't retransmit for presence or PKEX exchange if an enrollee, both + * are broadcast frames which don't expect an ack. + */ + if (dpp->state == DPP_STATE_NOTHING || + dpp->state == DPP_STATE_PRESENCE || + (dpp->state == DPP_STATE_PKEX_EXCHANGE && + dpp->role == DPP_CAPABILITY_ENROLLEE)) return; @@ -2418,6 +2982,8 @@ static void dpp_create(struct netdev *netdev) l_dbus_object_add_interface(dbus, netdev_get_path(netdev), IWD_DPP_INTERFACE, dpp); + l_dbus_object_add_interface(dbus, netdev_get_path(netdev), + IWD_DPP_PKEX_INTERFACE, dpp); dpp_frame_watch(dpp, 0x00d0, dpp_prefix, sizeof(dpp_prefix)); @@ -2722,6 +3288,163 @@ static struct l_dbus_message *dpp_dbus_stop(struct l_dbus *dbus, return l_dbus_message_new_method_return(message); } +/* + * Section 5.6.1 + * In lieu of specific channel information obtained in a manner outside + * the scope of this specification, PKEX responders shall select one of + * the following channels: + * - 2.4 GHz: Channel 6 (2.437 GHz) + * - 5 GHz: Channel 44 (5.220 GHz) if local regulations permit + * operation only in the 5.150 – 5.250 GHz band and Channel + * 149 (5.745 GHz) otherwise + */ +static uint32_t *dpp_get_pkex_freqs(struct dpp_sm *dpp, size_t *out_len) +{ + struct wiphy *wiphy = wiphy_find_by_wdev(dpp->wdev_id); + const uint32_t default_channels[] = { 2437, 5220, 5745 }; + uint32_t *freqs_out; + size_t i; + size_t len = 1; + + if (wiphy_get_supported_bands(wiphy) & BAND_FREQ_5_GHZ) + len += 2; + + freqs_out = l_new(uint32_t, len); + + for (i = 0; i < 3; i++) + freqs_out[i] = default_channels[i]; + + *out_len = len; + return freqs_out; +} + +static bool dpp_start_pkex_enrollee(struct dpp_sm *dpp, const char *key, + const char *identifier) +{ + _auto_(l_ecc_point_free) struct l_ecc_point *qi = NULL; + + dpp->freqs = dpp_get_pkex_freqs(dpp, &dpp->freqs_len); + if (!dpp->freqs) + return false; + + if (identifier) + dpp->pkex_id = l_strdup(identifier); + + dpp->pkex_key = l_strdup(key); + memcpy(dpp->peer_addr, broadcast, 6); + dpp->role = DPP_CAPABILITY_ENROLLEE; + dpp->state = DPP_STATE_PKEX_EXCHANGE; + dpp->current_freq = dpp->freqs[dpp->freqs_idx]; + /* + * In theory a driver could support a lesser duration than 200ms. This + * complicates things since we would need to tack on additional + * offchannel requests to meet the 200ms requirement. This could be done + * but for now use max_roc or 200ms, whichever is less. + */ + dpp->dwell = (dpp->max_roc < 200) ? dpp->max_roc : 200; + /* "DPP R2 devices are expected to use PKEXv1 by default" */ + dpp->pkex_version = 1; + + if (!l_ecdh_generate_key_pair(dpp->curve, &dpp->pkex_private, + &dpp->pkex_public)) + goto failed; + + /* + * "If Qi is the point-at-infinity, the code shall be deleted and the + * user should be notified to provision a new code" + */ + qi = dpp_derive_q(dpp->curve, false, dpp->pkex_key, + dpp->pkex_id, netdev_get_address(dpp->netdev)); + if (!qi || l_ecc_point_is_infinity(qi)) { + l_debug("Cannot derive Qi, provision a new code"); + goto failed; + } + + dpp->pkex_m = l_ecc_point_new(dpp->curve); + + if (!l_ecc_point_add(dpp->pkex_m, dpp->pkex_public, qi)) + goto failed; + + dpp_pkex_property_changed_notify(dpp); + + l_debug("PKEX start enrollee (id=%s)", dpp->pkex_id ?: "unset"); + + dpp_start_offchannel(dpp, dpp->current_freq); + + return true; + +failed: + dpp_reset(dpp); + return false; +} + +static bool dpp_check_pkex_identifier(const char *id) +{ + const char *end; + + if (!id) + return true; + + /* + * "If an optional code identifier is used, it shall be a UTF-8 string + * not greater than eighty (80) octets" + */ + if (!l_utf8_validate(id, strlen(id), &end) || end - id > 80) + return false; + + return true; +} + +static struct l_dbus_message *dpp_dbus_pkex_start_enrollee(struct l_dbus *dbus, + struct l_dbus_message *message, + void *user_data) +{ + struct dpp_sm *dpp = user_data; + struct l_dbus_message_iter iter; + struct l_dbus_message_iter variant; + const char *dict_key; + const char *key; + const char *id = NULL; + struct station *station = station_find(netdev_get_ifindex(dpp->netdev)); + + l_debug(""); + + if (dpp->state != DPP_STATE_NOTHING) + return dbus_error_busy(message); + + if (station_get_connected_network(station)) + return dbus_error_busy(message); + + if (!l_dbus_message_get_arguments(message, "a{sv}", &iter)) + goto invalid_args; + + while (l_dbus_message_iter_next_entry(&iter, &dict_key, &variant)) { + if (!strcmp(dict_key, "Key")) { + if (!l_dbus_message_iter_get_variant(&variant, "s", + &key)) + goto invalid_args; + } else if (!strcmp(dict_key, "Identifier")) { + if (!l_dbus_message_iter_get_variant(&variant, "s", + &id)) + goto invalid_args; + } + } + + if (!key) + goto invalid_args; + + if (!dpp_check_pkex_identifier(id)) + goto invalid_args; + + if (!dpp_start_pkex_enrollee(dpp, key, id)) + goto invalid_args; + + return l_dbus_message_new_method_return(message); + +invalid_args: + return dbus_error_invalid_args(message); +} + static void dpp_setup_interface(struct l_dbus_interface *interface) { l_dbus_interface_method(interface, "StartEnrollee", 0, @@ -2740,6 +3463,18 @@ static void dpp_setup_interface(struct l_dbus_interface *interface) l_dbus_interface_property(interface, "URI", 0, "s", dpp_get_uri, NULL); } +static void dpp_setup_pkex_interface(struct l_dbus_interface *interface) +{ + l_dbus_interface_method(interface, "StartEnrollee", 0, + dpp_dbus_pkex_start_enrollee, "", "a{sv}", "args"); + l_dbus_interface_method(interface, "Stop", 0, dpp_dbus_stop, "", ""); + + l_dbus_interface_property(interface, "Started", 0, "b", + dpp_pkex_get_started, NULL); + l_dbus_interface_property(interface, "Role", 0, "s", dpp_get_role, + NULL); +} + static void dpp_destroy_interface(void *user_data) { struct dpp_sm *dpp = user_data; @@ -2762,6 +3497,10 @@ static int dpp_init(void) l_dbus_register_interface(dbus_get_bus(), IWD_DPP_INTERFACE, dpp_setup_interface, dpp_destroy_interface, false); + /* No destroy since DPP/PKEX interfaces are added/removed together */ + l_dbus_register_interface(dbus_get_bus(), IWD_DPP_PKEX_INTERFACE, + dpp_setup_pkex_interface, + NULL, false); mlme_watch = l_genl_family_register(nl80211, "mlme", dpp_mlme_notify, NULL, NULL); From patchwork Thu Oct 12 20:01:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419780 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A914B3CCF8 for ; Thu, 12 Oct 2023 20:02:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="nLE/8fR+" Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1c60cec8041so10254815ad.3 for ; Thu, 12 Oct 2023 13:02:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140932; x=1697745732; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=IpL43CGn5ITvDHY6TCWR2dUtuKoWlccCi3KOIJAA3gg=; b=nLE/8fR+UZrfPws3lGZMG4Mi7tB42q9ZXdEB6Xu6Mkx+tjn41bBLXZGivEMVWmx7l2 GjSA3DD7e6roVGLKRPjTuMHgYqNS54ItbjGI1W6O8Oo/HSGmH+o2KED05bfjtaxotred fSbMCcVLbLf0VHCN8L+/I9WYIJ4okT0fWs5RShG7k3pHtPaksX2n5sXmxTlHi64M2g9y tm8HYc9/Okix0G5knfCeotkC9ATqcf92elpgYOlrakIXQzlTTAkrE0edpMY+Y7BvUXPk IsxT5aCnGLl7MxtZ59I61HH3g0MJaGSu3VASs7tz0tSsrf1odTzr5DAgPAJAMQkOC+Y7 y2Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140932; x=1697745732; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=IpL43CGn5ITvDHY6TCWR2dUtuKoWlccCi3KOIJAA3gg=; b=cp3MUuQiLqlRTTeX6r5FpS7+E43Z+YRRjKy/MCKpXIJczo4aGpS3t0m+nN/kd70CEM b3kqGOhYjyaSXazJ1A9D/2P6czR9loHnvwSRRSaFfDsght/xmI4CBYo0QIPqqGmCKVn1 fAu7igdUSJk8mBrXVs0YXBaWtHWqsmL/txr7W28GI3VMVFCj84zfOMwrxmGcxI0TpGtw MUrCIFTMOfTLOEQxlxvtH0Zb4Vcvu8J/quHC+Ir/SYLKiYEoH7jOLsOfc4NRN3LvxSW6 KooIear+4IdrBRNxQwBq6haFF7PVB0iBg+hhStNrpsDWWZhCeLZzCCgRX2+jwUbndEA6 Msfg== X-Gm-Message-State: AOJu0YyfMOdRE1JpI0tOKcw2dFGHUevfbDqpPnJKvn8XWVoUqjW9xF0E vLcDBUtMenJGduP6El/Dv6U0FFaqJHQ= X-Google-Smtp-Source: AGHT+IFKMd6v5qYBIQtjhtE/96bEg2f9QG1C3wUK3YQI7oIsisd8Dc2x7uSqQTbfj1qzX4YGyTbArg== X-Received: by 2002:a17:902:dac8:b0:1c9:e48c:7272 with SMTP id q8-20020a170902dac800b001c9e48c7272mr2343646plx.13.1697140931757; Thu, 12 Oct 2023 13:02:11 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:11 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 18/21] dpp: initial version of PKEX configurator support Date: Thu, 12 Oct 2023 13:01:47 -0700 Message-Id: <20231012200150.338401-19-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The PKEX configurator role is currently limited to being a responder. When started the configurator will listen on its current operating channel for a PKEX exchange request. Once received it and the encrypted key is properly decrypted it treats this peer as the enrollee and won't allow configurations from other peers unless PKEX is restarted. The configurator will encrypt and send its encrypted ephemeral key in the PKEX exchange response. The enrollee then sends its encrypted bootstrapping key (as commit-reveal request) then the same for the configurator (as commit-reveal response). After this, PKEX authentication begins. The enrollee is expected to send the authenticate request, since its the initiator. --- src/dpp.c | 496 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 494 insertions(+), 2 deletions(-) diff --git a/src/dpp.c b/src/dpp.c index de9c64ce..5fc50c5f 100644 --- a/src/dpp.c +++ b/src/dpp.c @@ -1844,7 +1844,8 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from, if (util_is_broadcast_address(from)) return; - if (dpp->state != DPP_STATE_PRESENCE) + if (dpp->state != DPP_STATE_PRESENCE && + dpp->state != DPP_STATE_AUTHENTICATING) return; l_debug("authenticate request"); @@ -2369,7 +2370,7 @@ static void dpp_pkex_bad_code(struct dpp_sm *dpp) qr = dpp_derive_q(dpp->curve, true, dpp->pkex_key, dpp->pkex_id, netdev_get_address(dpp->netdev)); - if (!qr) { + if (!qr || l_ecc_point_is_infinity(qr)) { l_debug("Qr computed to zero, new code should be provisioned"); return; } @@ -2704,6 +2705,419 @@ failed: dpp_reset(dpp); } +static void dpp_send_bad_group(struct dpp_sm *dpp, const uint8_t *addr) +{ + uint8_t hdr[32]; + uint8_t attrs[256]; + uint8_t *ptr = attrs; + uint16_t group; + uint8_t status = DPP_STATUS_BAD_GROUP; + struct iovec iov[2]; + const uint8_t *own_mac = netdev_get_address(dpp->netdev); + + l_put_le16(l_ecc_curve_get_ike_group(dpp->curve), &group); + + iov[0].iov_len = dpp_build_header(own_mac, addr, + DPP_FRAME_PKEX_XCHG_RESPONSE, hdr); + iov[0].iov_base = hdr; + + ptr += dpp_append_attr(ptr, DPP_ATTR_STATUS, &status, 1); + ptr += dpp_append_attr(ptr, DPP_ATTR_PROTOCOL_VERSION, + &dpp->pkex_version, 1); + ptr += dpp_append_attr(ptr, DPP_ATTR_FINITE_CYCLIC_GROUP, &group, 2); + + iov[1].iov_base = attrs; + iov[1].iov_len = ptr - attrs; + + dpp_send_frame(dpp, iov, 2, dpp->current_freq); +} + +static void dpp_send_bad_code(struct dpp_sm *dpp, const uint8_t *addr) +{ + uint8_t hdr[32]; + uint8_t attrs[256]; + uint8_t *ptr = attrs; + uint8_t status = DPP_STATUS_BAD_CODE; + struct iovec iov[2]; + const uint8_t *own_mac = netdev_get_address(dpp->netdev); + + iov[0].iov_len = dpp_build_header(own_mac, addr, + DPP_FRAME_PKEX_XCHG_RESPONSE, hdr); + iov[0].iov_base = hdr; + + ptr += dpp_append_attr(ptr, DPP_ATTR_STATUS, &status, 1); + ptr += dpp_append_attr(ptr, DPP_ATTR_PROTOCOL_VERSION, + &dpp->pkex_version, 1); + if (dpp->pkex_id) + ptr += dpp_append_attr(ptr, DPP_ATTR_CODE_IDENTIFIER, + dpp->pkex_id, strlen(dpp->pkex_id)); + + iov[1].iov_base = attrs; + iov[1].iov_len = ptr - attrs; + + dpp_send_frame(dpp, iov, 2, dpp->current_freq); +} + +static void dpp_send_pkex_exchange_response(struct dpp_sm *dpp, + struct l_ecc_point *n) +{ + uint8_t hdr[32]; + uint8_t attrs[256]; + uint8_t *ptr = attrs; + uint64_t n_data[L_ECC_MAX_DIGITS * 2]; + uint16_t group; + uint8_t status = DPP_STATUS_OK; + struct iovec iov[2]; + const uint8_t *own_mac = netdev_get_address(dpp->netdev); + + l_put_le16(l_ecc_curve_get_ike_group(dpp->curve), &group); + + iov[0].iov_len = dpp_build_header(own_mac, dpp->peer_addr, + DPP_FRAME_PKEX_XCHG_RESPONSE, hdr); + iov[0].iov_base = hdr; + + ptr += dpp_append_attr(ptr, DPP_ATTR_STATUS, &status, 1); + + if (dpp->pkex_id) + ptr += dpp_append_attr(ptr, DPP_ATTR_CODE_IDENTIFIER, + dpp->pkex_id, strlen(dpp->pkex_id)); + + l_ecc_point_get_data(n, n_data, sizeof(n_data)); + + ptr += dpp_append_attr(ptr, DPP_ATTR_ENCRYPTED_KEY, + n_data, dpp->key_len * 2); + + iov[1].iov_base = attrs; + iov[1].iov_len = ptr - attrs; + + dpp->state = DPP_STATE_PKEX_COMMIT_REVEAL; + + dpp_pkex_property_changed_notify(dpp); + + dpp_send_frame(dpp, iov, 2, dpp->current_freq); +} + +static void dpp_handle_pkex_exchange_request(struct dpp_sm *dpp, + const uint8_t *from, + const uint8_t *body, size_t body_len) +{ + struct dpp_attr_iter iter; + enum dpp_attribute_type type; + size_t len; + const uint8_t *data; + uint8_t version = 0; + uint16_t group = 0; + const char *id = NULL; + size_t id_len = 0; + const void *key = NULL; + size_t key_len = 0; + _auto_(l_ecc_point_free) struct l_ecc_point *m = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *n = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *qr = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *qi = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *k = NULL; + const uint8_t *own_addr = netdev_get_address(dpp->netdev); + + l_debug("PKEX exchange request "MAC, MAC_STR(from)); + + if (dpp->state != DPP_STATE_PKEX_EXCHANGE) + return; + + if (dpp->role != DPP_CAPABILITY_CONFIGURATOR) + return; + + dpp_attr_iter_init(&iter, body + 8, body_len - 8); + + while (dpp_attr_iter_next(&iter, &type, &len, &data)) { + switch (type) { + case DPP_ATTR_PROTOCOL_VERSION: + if (len != 1) + return; + + version = l_get_u8(data); + break; + case DPP_ATTR_FINITE_CYCLIC_GROUP: + if (len != 2) + return; + + group = l_get_le16(data); + break; + case DPP_ATTR_CODE_IDENTIFIER: + id = (char *) data; + id_len = len; + break; + case DPP_ATTR_ENCRYPTED_KEY: + key = data; + key_len = len; + break; + default: + break; + } + } + + if (!key || !group) { + l_debug("initiator did not provide group or key, ignoring"); + return; + } + + if (group != l_ecc_curve_get_ike_group(dpp->curve)) { + l_debug("initiator is not using the same group"); + goto bad_group; + } + + /* + * If the group isn't the same the key length won't match, so check + * this here after we've determined the groups are equal + */ + if (key_len != dpp->key_len * 2) { + l_debug("Unexpected encrypted key length"); + return; + } + + if (version && version != dpp->pkex_version) { + l_debug("initiator is not using the same version, ignoring"); + return; + } + + if (dpp->pkex_id) { + if (!id || id_len != strlen(dpp->pkex_id) || + strncmp(dpp->pkex_id, id, id_len)) { + l_debug("mismatch identifier, ignoring"); + return; + } + } + + m = l_ecc_point_from_data(dpp->curve, L_ECC_POINT_TYPE_FULL, + key, key_len); + if (!m) { + l_debug("could not parse key from initiator, ignoring"); + return; + } + + /* Qi = H(MAC-Initiator | [identifier | ] code) * Pi */ + qi = dpp_derive_q(dpp->curve, false, dpp->pkex_key, dpp->pkex_id, from); + if (!qi) { + l_debug("could not derive Qi"); + return; + } + + /* X' = M - Qi */ + dpp->y_or_x = l_ecc_point_new(dpp->curve); + + l_ecc_point_inverse(qi); + l_ecc_point_add(dpp->y_or_x, m, qi); + + /* + * "The resulting ephemeral key, denoted X’, is checked whether it is + * the point-at-infinity. If it is not valid, the protocol silently + * fails" + */ + if (l_ecc_point_is_infinity(dpp->y_or_x)) { + l_debug("X' is at infinity, ignore message"); + dpp_reset(dpp); + return; + } + + qr = dpp_derive_q(dpp->curve, true, dpp->pkex_key, + dpp->pkex_id, own_addr); + if (!qr || l_ecc_point_is_infinity(qr)) { + l_debug("Qr did not derive"); + l_ecc_point_free(dpp->y_or_x); + dpp->y_or_x = NULL; + goto bad_code; + } + + /* + * "The Responder then generates a random ephemeral keypair, y/Y, + * encrypts Y with Qr to obtain the result, denoted N." + */ + l_ecdh_generate_key_pair(dpp->curve, &dpp->pkex_private, + &dpp->pkex_public); + + /* N = Y + Qr */ + n = l_ecc_point_new(dpp->curve); + + l_ecc_point_add(n, dpp->pkex_public, qr); + + /* K = y * X' */ + + k = l_ecc_point_new(dpp->curve); + + l_ecc_point_multiply(k, dpp->pkex_private, dpp->y_or_x); + + /* z = HKDF(<>, info | M.x | N.x | code, K.x) */ + dpp_derive_z(from, own_addr, n, m, k, dpp->pkex_key, + dpp->pkex_id, dpp->z, &dpp->z_len); + + memcpy(dpp->peer_addr, from, 6); + + dpp_send_pkex_exchange_response(dpp, n); + + return; +bad_group: + dpp_send_bad_group(dpp, from); + return; +bad_code: + dpp_send_bad_code(dpp, from); + return; +} + +static void dpp_send_commit_reveal_response(struct dpp_sm *dpp, + const uint8_t *v, size_t v_len) +{ + uint8_t hdr[32]; + uint8_t attrs[256]; + uint8_t *ptr = attrs; + uint8_t one = 1; + struct iovec iov[2]; + const uint8_t *own_mac = netdev_get_address(dpp->netdev); + uint8_t b_pub[L_ECC_POINT_MAX_BYTES]; + size_t b_len; + + b_len = l_ecc_point_get_data(dpp->boot_public, b_pub, sizeof(b_pub)); + + + iov[0].iov_len = dpp_build_header(own_mac, dpp->peer_addr, + DPP_FRAME_PKEX_COMMIT_REVEAL_RESPONSE, hdr); + iov[0].iov_base = hdr; + + ptr += dpp_append_wrapped_data(hdr + 26, 6, &one, 1, ptr, + sizeof(attrs), dpp->z, dpp->z_len, 2, + DPP_ATTR_BOOTSTRAPPING_KEY, b_len, b_pub, + DPP_ATTR_RESPONDER_AUTH_TAG, v_len, v); + + iov[1].iov_base = attrs; + iov[1].iov_len = ptr - attrs; + + dpp_send_frame(dpp, iov, 2, dpp->current_freq); +} + +static void dpp_handle_pkex_commit_reveal_request(struct dpp_sm *dpp, + const uint8_t *from, + const uint8_t *body, size_t body_len) +{ + struct dpp_attr_iter iter; + enum dpp_attribute_type type; + size_t len; + const uint8_t *data; + const void *wrapped = NULL; + size_t wrapped_len = 0; + _auto_(l_free) uint8_t *unwrapped = NULL; + size_t unwrapped_len; + uint8_t zero = 0; + const void *key = 0; + size_t key_len = 0; + const void *i_auth = NULL; + size_t i_auth_len = 0; + _auto_(l_ecc_point_free) struct l_ecc_point *a = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *j = NULL; + _auto_(l_ecc_point_free) struct l_ecc_point *l = NULL; + uint8_t u[L_ECC_SCALAR_MAX_BYTES]; + size_t u_len = 0; + uint8_t v[L_ECC_SCALAR_MAX_BYTES]; + size_t v_len = 0; + const uint8_t *own_addr = netdev_get_address(dpp->netdev); + + l_debug("PKEX commit-reveal request "MAC, MAC_STR(from)); + + if (dpp->state != DPP_STATE_PKEX_COMMIT_REVEAL) + return; + + if (dpp->role != DPP_CAPABILITY_CONFIGURATOR) + return; + + dpp_attr_iter_init(&iter, body + 8, body_len - 8); + + while (dpp_attr_iter_next(&iter, &type, &len, &data)) { + switch (type) { + case DPP_ATTR_WRAPPED_DATA: + wrapped = data; + wrapped_len = len; + break; + default: + break; + } + } + + if (!wrapped) { + l_debug("No wrapped data"); + return; + } + + unwrapped = dpp_unwrap_attr(body + 2, 6, &zero, 1, dpp->z, dpp->z_len, + wrapped, wrapped_len, &unwrapped_len); + if (!unwrapped) { + l_debug("Failed to unwrap attributes"); + return; + } + + dpp_attr_iter_init(&iter, unwrapped, unwrapped_len); + + while (dpp_attr_iter_next(&iter, &type, &len, &data)) { + switch (type) { + case DPP_ATTR_BOOTSTRAPPING_KEY: + if (len != dpp->key_len * 2) + return; + + key = data; + key_len = len; + break; + case DPP_ATTR_INITIATOR_AUTH_TAG: + if (len != 32) + return; + + i_auth = data; + i_auth_len = len; + break; + default: + break; + } + } + + if (!key || !i_auth) { + l_debug("missing attributes"); + return; + } + + dpp->peer_boot_public = l_ecc_point_from_data(dpp->curve, + L_ECC_POINT_TYPE_FULL, key, key_len); + if (!dpp->peer_boot_public) { + l_debug("peers boostrapping key did not validate"); + goto failed; + } + + j = l_ecc_point_new(dpp->curve); + + l_ecc_point_multiply(j, dpp->pkex_private, dpp->peer_boot_public); + + dpp_derive_u(j, dpp->peer_addr, dpp->peer_boot_public, dpp->pkex_public, + dpp->y_or_x, u, &u_len); + + if (memcmp(u, i_auth, i_auth_len)) { + l_debug("Initiator auth tag did not verify"); + goto failed; + } + + l = l_ecc_point_new(dpp->curve); + + l_ecc_point_multiply(l, dpp->boot_private, dpp->y_or_x); + + if (!dpp_derive_v(l, own_addr, dpp->boot_public, dpp->y_or_x, + dpp->pkex_public, v, &v_len)) { + l_debug("Failed to derive v"); + goto failed; + } + + dpp_send_commit_reveal_response(dpp, v, v_len); + + dpp_pkex_start_authentication(dpp); + + return; + +failed: + dpp_reset(dpp); +} + static void dpp_handle_frame(struct dpp_sm *dpp, const struct mmpdu_header *frame, const void *body, size_t body_len) @@ -2746,6 +3160,14 @@ static void dpp_handle_frame(struct dpp_sm *dpp, dpp_handle_pkex_commit_reveal_response(dpp, frame->address_2, body, body_len); break; + case DPP_FRAME_PKEX_VERSION1_XCHG_REQUST: + dpp_handle_pkex_exchange_request(dpp, frame->address_2, body, + body_len); + break; + case DPP_FRAME_PKEX_COMMIT_REVEAL_REQUEST: + dpp_handle_pkex_commit_reveal_request(dpp, frame->address_2, + body, body_len); + break; default: l_debug("Unhandled DPP frame %u", *ptr); break; @@ -3445,6 +3867,74 @@ invalid_args: return dbus_error_invalid_args(message); } +static bool dpp_start_pkex_configurator(struct dpp_sm *dpp, + struct network *network, + const char *key, const char *identifier, + uint32_t freq) +{ + struct handshake_state *hs = netdev_get_handshake(dpp->netdev); + + if (identifier) + dpp->pkex_id = l_strdup(identifier); + + dpp->pkex_key = l_strdup(key); + + dpp->role = DPP_CAPABILITY_CONFIGURATOR; + dpp->state = DPP_STATE_PKEX_EXCHANGE; + dpp->current_freq = freq; + dpp->config = dpp_configuration_new(network_get_settings(network), + network_get_ssid(network), + hs->akm_suite); + + dpp_pkex_property_changed_notify(dpp); + + return true; +} + +static struct l_dbus_message *dpp_dbus_pkex_start_configurator( + struct l_dbus *dbus, + struct l_dbus_message *message, + void *user_data) +{ + struct dpp_sm *dpp = user_data; + struct station *station = station_find(netdev_get_ifindex(dpp->netdev)); + struct network *network = station_get_connected_network(station); + struct scan_bss *bss = station_get_connected_bss(station); + const struct l_settings *settings; + const char *key; + const char *id; + + if (!network || !bss) { + l_debug("Shared Code provisioning only allowed when connected"); + return dbus_error_not_configured(message); + } + + settings = network_get_settings(network); + if (!settings) { + l_debug("No settings for network, is this a known network?"); + return dbus_error_not_configured(message); + } + + key = l_settings_get_value(settings, "Security", + "DeviceProvisioningSharedCode"); + if (!key) { + l_debug("Profile doesn't allow Shared Code provisioning"); + return dbus_error_not_configured(message); + } + + id = l_settings_get_value(settings, "Security", + "DeviceProvisioningIdentifier"); + if (!dpp_check_pkex_identifier(id)) { + l_debug("Invalid format/size for DeviceProvisioningIdentifier"); + return dbus_error_not_configured(message); + } + + if (!dpp_start_pkex_configurator(dpp, network, key, id, bss->frequency)) + return dbus_error_failed(message); + + return l_dbus_message_new_method_return(message); +} + static void dpp_setup_interface(struct l_dbus_interface *interface) { l_dbus_interface_method(interface, "StartEnrollee", 0, @@ -3467,6 +3957,8 @@ static void dpp_setup_pkex_interface(struct l_dbus_interface *interface) { l_dbus_interface_method(interface, "StartEnrollee", 0, dpp_dbus_pkex_start_enrollee, "", "a{sv}", "args"); + l_dbus_interface_method(interface, "StartConfigurator", 0, + dpp_dbus_pkex_start_configurator, "", ""); l_dbus_interface_method(interface, "Stop", 0, dpp_dbus_stop, "", ""); l_dbus_interface_property(interface, "Started", 0, "b", From patchwork Thu Oct 12 20:01:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419778 Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 173573CCE3 for ; Thu, 12 Oct 2023 20:02:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="EWPHg/Mn" Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1c9a1762b43so11703555ad.1 for ; Thu, 12 Oct 2023 13:02:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140932; x=1697745732; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ALaZJ6XsrsPVtrQi96mwWume01S/yCvLr5bXcq2qj94=; b=EWPHg/MnqqaAsmdHwe/zTTlpM1uS5MzCwSvIR06PqdbCYYhSYiecWRVwl9kC0rJK5r j1M8eUTiCFjq9034JXYMpQutXp5CsOAvZcV/UAXYyGGK0V2j/8Hm3xjtV6bbkr2RQTaa nZ/6vn4GFORMGTb4YnGUUtRT9AGnTghNdJf57HxMsDHHf7wLD/vOwPvDk0CZX5Jx6Ioc UX2iFObmutwJ6vHWGukSfCpecJ8/015rtGjmvt+14bVGopqJ7zR8FoUhRwv96YdEvKZc yCS71Sy+FZPiiEQH2dLzdEoiHvzNSumKEYNFYONMgZrOshiIVEEGiI++teioNhr7g/Ph wVbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140932; x=1697745732; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ALaZJ6XsrsPVtrQi96mwWume01S/yCvLr5bXcq2qj94=; b=sB3/KfEPKfTVCKFr393+slVUQjBxJ+9srrB99GFKAlVfm/cH8cpol6Hfv6VUTzgYtX NyI6QRS7XQiPNafHXBsLadKYANuLIJIYFyAyLVeKOcLxrspuFhHewAZkzuLLV2b//MxF 2BvCyXKzjaCd3EBfPYpqwWZdKcveaMBlemUWjT27pyiPEDQ4VSjooK+JkFMFMz3vN9Sh x0m7rFFq2rzQDwIbQ3OalCMWm3BQqgM9gzmGfhOQm2E+8ueu9e2ZOwx9GRBxg+oHzH3x xmwEPwXIFRYlyT1XPzJ4UGEdRZozJsAieKZaBw5qNAzcjUJxbguE3Cknzax5Za7NHT9u ZFjA== X-Gm-Message-State: AOJu0Yx47hYsmEP1wPZMoQaN3EcQ/ZJZZllC/O+sbkFz2iesCM0y7t5m jVZ0WzgfQDxIY7XLiuAoelND9ycX8R8= X-Google-Smtp-Source: AGHT+IGNosKOkGGHIl94H1GGzUgytQMUucY79fAcOFc4Tu4X8r/n+W/ufE3pL0bm0J27oMKyRuMYcQ== X-Received: by 2002:a17:902:f543:b0:1c7:2740:cfb3 with SMTP id h3-20020a170902f54300b001c72740cfb3mr31939591plf.35.1697140932351; Thu, 12 Oct 2023 13:02:12 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:12 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 19/21] auto-t: add utils for wpa_supplicant PKEX Date: Thu, 12 Oct 2023 13:01:48 -0700 Message-Id: <20231012200150.338401-20-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- autotests/util/wpas.py | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/autotests/util/wpas.py b/autotests/util/wpas.py index 442f0dce..eab08b43 100644 --- a/autotests/util/wpas.py +++ b/autotests/util/wpas.py @@ -273,13 +273,17 @@ class Wpas: return self._dpp_uri - def dpp_configurator_create(self, uri): + def dpp_configurator_create(self, uri=None): self._rx_data = [] self._ctrl_request('DPP_CONFIGURATOR_ADD') self._dpp_conf_id = self.wait_for_result() while not self._dpp_conf_id.isnumeric(): self._dpp_conf_id = self.wait_for_result() + if not uri: + print("DPP Configurator ID: %s", self._dpp_conf_id) + return + self._rx_data = [] self._ctrl_request('DPP_QR_CODE ' + uri) self._dpp_qr_id = self.wait_for_result() @@ -302,6 +306,40 @@ class Wpas: self.wait_for_event('DPP-AUTH-SUCCESS', timeout=30) self.wait_for_event('DPP-CONF-SENT') + def dpp_bootstrap_gen(self, type='qrcode', curve=None): + cmd = f'DPP_BOOTSTRAP_GEN type={type}' + + if curve: + cmd += f' curve={curve}' + + self._rx_data = [] + self._ctrl_request(cmd) + self._dpp_id = self.wait_for_result() + + def dpp_pkex_add(self, code, identifier=None, version=None, initiator=False, role=None): + cmd = f'DPP_PKEX_ADD own={self._dpp_id}' + + if identifier: + cmd += f' identifier={identifier}' + + if initiator: + cmd += f' init=1' + + if version: + cmd += f' ver={version}' + + if role: + cmd += f' role={role}' + + cmd += f' code={code}' + + self._rx_data = [] + self._ctrl_request(cmd) + + def dpp_listen(self, freq): + self._rx_data = [] + self._ctrl_request(f'DPP_LISTEN {freq}') + def dpp_configurator_remove(self): self._ctrl_request('DPP_CONFIGURATOR_REMOVE *') self.wait_for_result() From patchwork Thu Oct 12 20:01:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419781 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7A553B7BD for ; Thu, 12 Oct 2023 20:02:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IJcnP39Q" Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-1c77449a6daso11802355ad.0 for ; Thu, 12 Oct 2023 13:02:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140933; x=1697745733; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8PAYVwyyHw0vjdAKxptwWDRnv6J4jNgoZT/HKqZKxIA=; b=IJcnP39Qc0jNytitYD+XYCG79S8hzDmefEbfNr2WX074AUWQ+V60lOUrdP/++ZYiI4 jAbmGEwfVV8zxSY9Ra7ZnFLTJYqR3JUHISmEAmZFRuMra+norNy5R0FAe51oqubTXiLR yPEkCSBdKrH5QPAX0jmgyLDleguuQtMvgM7AKijz4ZJe4W0EDyiBlD83FX++DyEtdUZo z8/zdmuHc5/ySIQ4/t5Uf5duHmTLfcNbrAGPEhiNWzTShZH/1q4oYuvwQR7luIJtbQf+ IkaYVK2vVliZ4rhqOu90KwbFUcAPAboxLqfdZ2dKdVBmtuheBAL809K0Yvz5s15dQUfw 3xWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140933; x=1697745733; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8PAYVwyyHw0vjdAKxptwWDRnv6J4jNgoZT/HKqZKxIA=; b=dmT7ooBUTpCmc0l0AUbM0WGb0feIBkx2gQQEzmjUb7/ywv66sX01801LvtGltpWH0s 4jBg0ca5tJXwPbtqGI4csSrOUHZFJceO43MpWIqIjTL3W/ydDB0B5M0tcdr/d3jvMBnn ui0Ii2lAXPLpHKGA/EMWn5ld5iUYYhjw5z5YuObYXd2CmKrrkglLn0b6JFFf3AZap7ed aOl+20Fn69jXlNG3vYO47kUyY3+hiG6JSz2UaW82EFKg5DSMtp0ctIT0RJBOugTPtqBa /gqw/IJnZ0A9u4MqaZxrsN4J9zwECO2khu9gyTtagytZmyPbyC9a9oI/Ps34uudhZ5qY /aZQ== X-Gm-Message-State: AOJu0YyX5pdaU3jIVXtf6iS563kVKgEpvSUrBSoHcqQWYbP1ytl8UbI4 6snV+1pco4jhMlSzBsvMM5JlPH8hjWE= X-Google-Smtp-Source: AGHT+IHkTdQFfsatNOD7IRJAT6hVVQSZvk/RcBA6YxGjamKNjZd1scg8Z4m9FFiORFaUu2c2CHxAug== X-Received: by 2002:a17:902:ea09:b0:1c5:d747:a124 with SMTP id s9-20020a170902ea0900b001c5d747a124mr32966528plg.9.1697140932981; Thu, 12 Oct 2023 13:02:12 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:12 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 20/21] auto-t: add APIs for PKEX Date: Thu, 12 Oct 2023 13:01:49 -0700 Message-Id: <20231012200150.338401-21-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Also added some sanity checks to the existing DPP APIs to make sure started/role gets set correctly. --- autotests/util/iwd.py | 93 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 90 insertions(+), 3 deletions(-) diff --git a/autotests/util/iwd.py b/autotests/util/iwd.py index 5fa12444..79490904 100755 --- a/autotests/util/iwd.py +++ b/autotests/util/iwd.py @@ -42,6 +42,7 @@ IWD_P2P_SERVICE_MANAGER_INTERFACE = 'net.connman.iwd.p2p.ServiceManager' IWD_P2P_WFD_INTERFACE = 'net.connman.iwd.p2p.Display' IWD_STATION_DEBUG_INTERFACE = 'net.connman.iwd.StationDebug' IWD_DPP_INTERFACE = 'net.connman.iwd.DeviceProvisioning' +IWD_DPP_PKEX_INTERFACE = 'net.connman.iwd.SharedCodeDeviceProvisioning' IWD_AGENT_MANAGER_PATH = '/net/connman/iwd' IWD_TOP_LEVEL_PATH = '/' @@ -299,6 +300,33 @@ class DeviceProvisioning(IWDDBusAbstract): def role(self): return self._properties['Role'] +class SharedCodeDeviceProvisioning(IWDDBusAbstract): + _iface_name = IWD_DPP_PKEX_INTERFACE + + def start_enrollee(self, key, identifier=None): + args = { + "Key": key + } + + if identifier: + args["Identifier"] = identifier + + return self._iface.StartEnrollee(args) + + def start_configurator(self): + return self._iface.StartConfigurator() + + def stop(self): + self._iface.Stop() + + @property + def started(self): + return self._properties['Started'] + + @property + def role(self): + return self._properties['Role'] + class AccessPointDevice(IWDDBusAbstract): ''' Class represents net.connman.iwd.AccessPoint @@ -375,6 +403,7 @@ class Device(IWDDBusAbstract): self._station_props = None self._station_debug_obj = None self._dpp_obj = None + self._sc_dpp_obj = None self._ap_obj = None IWDDBusAbstract.__init__(self, *args, **kwargs) @@ -407,6 +436,17 @@ class Device(IWDDBusAbstract): return self._dpp_obj + @property + def _sc_device_provisioning(self): + if self._properties['Mode'] != 'station': + self._prop_proxy.Set(IWD_DEVICE_INTERFACE, 'Mode', 'station') + + if self._sc_dpp_obj is None: + self._sc_dpp_obj = SharedCodeDeviceProvisioning( + object_path=self._object_path, + namespace=self._namespace) + return self._sc_dpp_obj + @property def _station_debug(self): if self._properties['Mode'] != 'station': @@ -774,13 +814,60 @@ class Device(IWDDBusAbstract): self._station_debug.wait_for_event(event, timeout) def dpp_start_enrollee(self): - return self._device_provisioning.start_enrollee() + ret = self._device_provisioning.start_enrollee() + + condition = 'obj.started == True' + IWD._wait_for_object_condition(self._device_provisioning, condition) + condition = 'obj.role == "enrollee"' + IWD._wait_for_object_condition(self._device_provisioning, condition) + + return ret def dpp_start_configurator(self, uri=None): - return self._device_provisioning.start_configurator(uri) + ret = self._device_provisioning.start_configurator(uri) + + condition = 'obj.started == True' + IWD._wait_for_object_condition(self._device_provisioning, condition) + condition = 'obj.role == "configurator"' + IWD._wait_for_object_condition(self._device_provisioning, condition) + + return ret + + def dpp_pkex_enroll(self, *args, **kwargs): + ret = self._sc_device_provisioning.start_enrollee(*args, **kwargs) + + condition = 'obj.started == True' + IWD._wait_for_object_condition(self._sc_device_provisioning, condition) + condition = 'obj.role == "enrollee"' + IWD._wait_for_object_condition(self._sc_device_provisioning, condition) + + return ret + + def dpp_pkex_configure(self): + ret = self._sc_device_provisioning.start_configurator() + + condition = 'obj.started == True' + IWD._wait_for_object_condition(self._sc_device_provisioning, condition) + condition = 'obj.role == "configurator"' + IWD._wait_for_object_condition(self._sc_device_provisioning, condition) + + return ret + + def dpp_pkex_stop(self): + ret = self._sc_device_provisioning.stop() + + condition = 'obj.started == False' + IWD._wait_for_object_condition(self._sc_device_provisioning, condition) + + return ret def dpp_stop(self): - return self._device_provisioning.stop() + ret = self._device_provisioning.stop() + + condition = 'obj.started == False' + IWD._wait_for_object_condition(self._device_provisioning, condition) + + return ret def __str__(self, prefix = ''): s = prefix + 'Device: ' + self.device_path + '\n'\ From patchwork Thu Oct 12 20:01:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13419782 Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD58E3CCFA for ; Thu, 12 Oct 2023 20:02:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="mrCK5tzt" Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1c888b3a25aso11423395ad.0 for ; Thu, 12 Oct 2023 13:02:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697140934; x=1697745734; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FI6vQkbm1YleX32UbYwJAFA+9rTPUOIkcO9JSVeDk70=; b=mrCK5tztqlkFhWXYdx4lBM3l4/YD/69CTB+BN1HbnAs4TWtvuUl0u7J10/YRJYPeB3 +Ho/PBIOYWOK1VwtVUFxdUjzzk4ko6XlFJUj6aUj6qeB1AUE6RRli1deCdCPi+n9n5X2 Fbo17rkjF2+IMTMIGet7RbGJdReifqLtTFmXGB2huDfqcyK441KRjJGyCsu1GoWGlzGi s3c82bCzUa3tKF4g8gmLaXuqI1G/72An71q5mND03c4hFmmz/lqukEt5oV01KfYeP/bV xLru3jhXd6kL56QV0vGxGicPTBfe9TxJOoBtwN5gjGj9S5LXOn2/PUoLXdKgm5TjwhTd gGDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697140934; x=1697745734; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FI6vQkbm1YleX32UbYwJAFA+9rTPUOIkcO9JSVeDk70=; b=uzS8RBGkSvZTYY4iQr29IGv/kl0vEdWNIXClfT8MFmcbZCDcniC/Aq2e9kX3N4hcDa 4ogR48biQWDywGFKSgq3k1NzLsBxQCf5LnP2emk7+9N2JLUJcXuqvb81fq3+pPoJdjsk mHyt9y/JUW44hOlgJuXlzUM81FAxVapuManle305ciUO8w1BQiZH0hfvmNJoVPcygmT5 bs2zvwoYHB/ThblYs62iWJ4+uO87g7uxFDWctwHBpGNuwKiLBbRFfmG2ngCKjMCn3n0v kiFKi/hI41QfIe1Om0VdaNQk9NvYHKWmWaasAx/h0PoNarBYqbuZY4nmPKgsbxjLJoGe dIwg== X-Gm-Message-State: AOJu0YxYAGGj5Vp0EFFwjiTEVb2bC+2arsx4kMvbMRWz6ZuZrGs6fzFz qeBeYx99pZYtAVQGBRo4b8wl8ctt1Q0= X-Google-Smtp-Source: AGHT+IFOFEb5R0oz/IlviQQhHxBbPAhs2cd1wM4gkF5GJTtgWyNC4H2E8QsvqZMXIvx+mmbzFS0PWQ== X-Received: by 2002:a17:902:8544:b0:1b9:e972:134d with SMTP id d4-20020a170902854400b001b9e972134dmr18552602plo.3.1697140933706; Thu, 12 Oct 2023 13:02:13 -0700 (PDT) Received: from localhost.localdomain (h67-204-152-76.bendor.broadband.dynamic.tds.net. [67.204.152.76]) by smtp.gmail.com with ESMTPSA id l4-20020a170902f68400b001c727d3ea6bsm2388057plg.74.2023.10.12.13.02.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 13:02:13 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 21/21] auto-t: add DPP PKEX tests Date: Thu, 12 Oct 2023 13:01:50 -0700 Message-Id: <20231012200150.338401-22-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231012200150.338401-1-prestwoj@gmail.com> References: <20231012200150.338401-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- autotests/testDPP/hostapd.conf | 2 +- autotests/testDPP/pkex_test.py | 150 +++++++++++++++++++++++++++++++++ autotests/testDPP/ssidCCMP.psk | 2 + 3 files changed, 153 insertions(+), 1 deletion(-) create mode 100644 autotests/testDPP/pkex_test.py diff --git a/autotests/testDPP/hostapd.conf b/autotests/testDPP/hostapd.conf index 074e8228..3611933c 100644 --- a/autotests/testDPP/hostapd.conf +++ b/autotests/testDPP/hostapd.conf @@ -1,5 +1,5 @@ hw_mode=g -channel=1 +channel=6 ssid=ssidCCMP wpa=2 diff --git a/autotests/testDPP/pkex_test.py b/autotests/testDPP/pkex_test.py new file mode 100644 index 00000000..e7f7ddb4 --- /dev/null +++ b/autotests/testDPP/pkex_test.py @@ -0,0 +1,150 @@ +#!/usr/bin/python3 + +import unittest +import sys + +sys.path.append('../util') +from iwd import IWD +from iwd import DeviceProvisioning +from wpas import Wpas +from hostapd import HostapdCLI +from hwsim import Hwsim +from config import ctx + +class Test(unittest.TestCase): + def start_wpas_pkex(self, code, curve=None, **kwargs): + self.wpas.dpp_bootstrap_gen(type='pkex', curve=curve) + self.wpas.dpp_pkex_add(code=code, **kwargs) + if kwargs.get('role', 'configurator') == 'configurator': + self.wpas.dpp_configurator_create() + self.wpas.dpp_listen(2437) + + def test_pkex_iwd_as_enrollee(self): + self.start_wpas_pkex('secret123', identifier="test") + + self.device.dpp_pkex_enroll(key='secret123', identifier="test") + + self.wpas.wait_for_event("DPP-AUTH-SUCCESS") + + def test_pkex_iwd_as_enrollee_retransmit(self): + self.rule_reveal_req.enabled = True + + self.start_wpas_pkex('secret123', identifier="test") + + self.device.dpp_pkex_enroll(key='secret123', identifier="test") + + self.wpas.wait_for_event("DPP-AUTH-SUCCESS") + + def test_pkex_unsupported_version(self): + self.start_wpas_pkex('secret123', identifier="test", version=2) + + self.device.dpp_pkex_enroll(key='secret123', identifier="test") + + with self.assertRaises(TimeoutError): + self.wpas.wait_for_event("DPP-AUTH-SUCCESS") + + def test_pkex_iwd_as_configurator(self): + self.hapd.reload() + self.hapd.wait_for_event('AP-ENABLED') + + IWD.copy_to_storage('ssidCCMP.psk') + self.device.autoconnect = True + + condition = 'obj.state == DeviceState.connected' + self.wd.wait_for_object_condition(self.device, condition) + + self.start_wpas_pkex('secret123', identifier="test", initiator=True, role='enrollee') + + self.device.dpp_pkex_configure() + + self.wpas.wait_for_event("DPP-AUTH-SUCCESS") + self.wpas.wait_for_event("DPP-CONF-RECEIVED") + + def test_pkex_iwd_as_configurator_retransmit(self): + self.rule_xchg_resp.enabled = True + self.rule_reveal_resp.enabled = True + self.hapd.reload() + self.hapd.wait_for_event('AP-ENABLED') + + IWD.copy_to_storage('ssidCCMP.psk') + self.device.autoconnect = True + + condition = 'obj.state == DeviceState.connected' + self.wd.wait_for_object_condition(self.device, condition) + + self.start_wpas_pkex('secret123', identifier="test", initiator=True, role='enrollee') + + self.device.dpp_pkex_configure() + + self.wpas.wait_for_event("DPP-AUTH-SUCCESS") + self.wpas.wait_for_event("DPP-CONF-RECEIVED") + + def test_pkex_iwd_as_configurator_bad_group(self): + self.hapd.reload() + self.hapd.wait_for_event('AP-ENABLED') + + IWD.copy_to_storage('ssidCCMP.psk') + self.device.autoconnect = True + + condition = 'obj.state == DeviceState.connected' + self.wd.wait_for_object_condition(self.device, condition) + + self.start_wpas_pkex('secret123', identifier="test", initiator=True, role='enrollee', curve='P-384') + + self.device.dpp_pkex_configure() + + self.wpas.wait_for_event(f"DPP-RX src={self.device.address} freq=2437 type=8") + self.wpas.wait_for_event("DPP-FAIL") + + def setUp(self): + self.wpas = Wpas('wpas.conf') + self.wd = IWD(True) + self.device = self.wd.list_devices(1)[0] + self.hapd = HostapdCLI('hostapd.conf') + self.hapd.disable() + self.hwsim = Hwsim() + + self.rule_xchg_resp = self.hwsim.rules.create() + self.rule_xchg_resp.prefix = 'd0' + self.rule_xchg_resp.match_offset = 24 + self.rule_xchg_resp.match = '04 09 50 6f 9a 1a 01 08' + self.rule_xchg_resp.match_times = 1 + self.rule_xchg_resp.drop = True + + self.rule_reveal_resp = self.hwsim.rules.create() + self.rule_reveal_resp.prefix = 'd0' + self.rule_reveal_resp.match_offset = 24 + self.rule_reveal_resp.match = '04 09 50 6f 9a 1a 01 0a' + self.rule_reveal_resp.match_times = 1 + self.rule_reveal_resp.drop = True + + self.rule_reveal_req = self.hwsim.rules.create() + self.rule_reveal_req.prefix = 'd0' + self.rule_reveal_req.match_offset = 24 + self.rule_reveal_req.match = '04 09 50 6f 9a 1a 01 09' + self.rule_reveal_req.match_times = 1 + self.rule_reveal_req.drop = True + + def tearDown(self): + self.device.disconnect() + self.device.dpp_stop() + self.wpas.dpp_configurator_remove() + self.wpas.clean_up() + + self.wd = None + self.device = None + self.wpas = None + self.hapd = None + self.rule_xchg_resp = None + IWD.clear_storage() + + @classmethod + def setUpClass(cls): + pass + + @classmethod + def tearDownClass(cls): + pass + +if __name__ == '__main__': + unittest.main(exit=True) \ No newline at end of file diff --git a/autotests/testDPP/ssidCCMP.psk b/autotests/testDPP/ssidCCMP.psk index abafdb66..156cbec6 100644 --- a/autotests/testDPP/ssidCCMP.psk +++ b/autotests/testDPP/ssidCCMP.psk @@ -1,2 +1,4 @@ [Security] Passphrase=secret123 +DeviceProvisioningSharedCode=secret123 +DeviceProvisioningIdentifier=test