From 37df40845ab4a0043f4dc90c2be0e05a7f462fce Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 13 Oct 2020 20:29:27 +0300 Subject: [PATCH] DPP2: Copy received ppKey into wpa_supplicant network profile Store the received privacy protection key from Connector into wpa_supplicant network profile and indicate it through the control interface similarly to C-sign-key. Signed-off-by: Jouni Malinen --- src/common/wpa_ctrl.h | 1 + wpa_supplicant/config.c | 2 ++ wpa_supplicant/config_file.c | 1 + wpa_supplicant/config_ssid.h | 10 ++++++++++ wpa_supplicant/dpp_supplicant.c | 23 +++++++++++++++++++++++ 5 files changed, 37 insertions(+) diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h index 52888d730..acc2d6c4c 100644 --- a/src/common/wpa_ctrl.h +++ b/src/common/wpa_ctrl.h @@ -184,6 +184,7 @@ extern "C" { #define DPP_EVENT_CONFOBJ_PSK "DPP-CONFOBJ-PSK " #define DPP_EVENT_CONNECTOR "DPP-CONNECTOR " #define DPP_EVENT_C_SIGN_KEY "DPP-C-SIGN-KEY " +#define DPP_EVENT_PP_KEY "DPP-PP-KEY " #define DPP_EVENT_NET_ACCESS_KEY "DPP-NET-ACCESS-KEY " #define DPP_EVENT_SERVER_NAME "DPP-SERVER-NAME " #define DPP_EVENT_CERTBAG "DPP-CERTBAG " diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index e3c12d8b3..61761299b 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -2573,6 +2573,7 @@ static const struct parse_data ssid_fields[] = { { STR_LEN(dpp_netaccesskey) }, { INT(dpp_netaccesskey_expiry) }, { STR_LEN(dpp_csign) }, + { STR_LEN(dpp_pp_key) }, { INT_RANGE(dpp_pfs, 0, 2) }, #endif /* CONFIG_DPP */ { INT_RANGE(owe_group, 0, 65535) }, @@ -2776,6 +2777,7 @@ void wpa_config_free_ssid(struct wpa_ssid *ssid) os_free(ssid->dpp_connector); bin_clear_free(ssid->dpp_netaccesskey, ssid->dpp_netaccesskey_len); os_free(ssid->dpp_csign); + os_free(ssid->dpp_pp_key); while ((psk = dl_list_first(&ssid->psk_list, struct psk_list_entry, list))) { dl_list_del(&psk->list); diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index da3b8a958..c01557dac 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -928,6 +928,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) STR(dpp_netaccesskey); INT(dpp_netaccesskey_expiry); STR(dpp_csign); + STR(dpp_pp_key); INT(dpp_pfs); #endif /* CONFIG_DPP */ INT(owe_group); diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index ff9cdf4f6..b4fdc8a17 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -1023,6 +1023,16 @@ struct wpa_ssid { */ size_t dpp_csign_len; + /** + * dpp_pp_key - ppKey (Configurator privacy protection public key) + */ + u8 *dpp_pp_key; + + /** + * dpp_pp_key_len - ppKey length in octets + */ + size_t dpp_pp_key_len; + /** * dpp_pfs - DPP PFS * 0: allow PFS to be used or not used diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c index 1008207b2..8e9a37c8b 100644 --- a/wpa_supplicant/dpp_supplicant.c +++ b/wpa_supplicant/dpp_supplicant.c @@ -1192,6 +1192,15 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s, ssid->dpp_csign_len = wpabuf_len(conf->c_sign_key); } + if (conf->pp_key) { + ssid->dpp_pp_key = os_malloc(wpabuf_len(conf->pp_key)); + if (!ssid->dpp_pp_key) + goto fail; + os_memcpy(ssid->dpp_pp_key, wpabuf_head(conf->pp_key), + wpabuf_len(conf->pp_key)); + ssid->dpp_pp_key_len = wpabuf_len(conf->pp_key); + } + if (auth->net_access_key) { ssid->dpp_netaccesskey = os_malloc(wpabuf_len(auth->net_access_key)); @@ -1429,6 +1438,20 @@ static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s, os_free(hex); } } + if (conf->pp_key) { + char *hex; + size_t hexlen; + + hexlen = 2 * wpabuf_len(conf->pp_key) + 1; + hex = os_malloc(hexlen); + if (hex) { + wpa_snprintf_hex(hex, hexlen, + wpabuf_head(conf->pp_key), + wpabuf_len(conf->pp_key)); + wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PP_KEY "%s", hex); + os_free(hex); + } + } if (auth->net_access_key) { char *hex; size_t hexlen;