DPP2: Use the new privacy protection key to protect E-id on Enrollee

Use ppKey instead of C-sign-key to encrypted E-id to E'-id into Reconfig
Announcement frame on the Enrollee side.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2020-10-13 20:53:09 +03:00 committed by Jouni Malinen
parent 37df40845a
commit 99d7bf2348
4 changed files with 30 additions and 12 deletions

View File

@ -723,7 +723,9 @@ int dpp_reconfig_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
const u8 *attr_start, size_t attr_len);
struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key,
size_t csign_key_len);
size_t csign_key_len,
const u8 *pp_key,
size_t pp_key_len);
int dpp_update_reconfig_id(struct dpp_reconfig_id *id);
void dpp_free_reconfig_id(struct dpp_reconfig_id *id);

View File

@ -3004,10 +3004,12 @@ fail:
struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key,
size_t csign_key_len)
size_t csign_key_len,
const u8 *pp_key,
size_t pp_key_len)
{
const unsigned char *p;
EVP_PKEY *csign = NULL;
EVP_PKEY *csign = NULL, *ppkey = NULL;
struct dpp_reconfig_id *id = NULL;
BN_CTX *ctx = NULL;
BIGNUM *bn = NULL, *q = NULL;
@ -3020,6 +3022,13 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key,
if (!csign)
goto fail;
if (!pp_key)
goto fail;
p = pp_key;
ppkey = d2i_PUBKEY(NULL, &p, pp_key_len);
if (!ppkey)
goto fail;
eckey = EVP_PKEY_get0_EC_KEY(csign);
if (!eckey)
goto fail;
@ -3047,9 +3056,12 @@ struct dpp_reconfig_id * dpp_gen_reconfig_id(const u8 *csign_key,
e_id = NULL;
id->csign = csign;
csign = NULL;
id->pp_key = ppkey;
ppkey = NULL;
fail:
EC_POINT_free(e_id);
EVP_PKEY_free(csign);
EVP_PKEY_free(ppkey);
BN_clear_free(bn);
BN_CTX_free(ctx);
return id;
@ -3093,13 +3105,13 @@ int dpp_update_reconfig_id(struct dpp_reconfig_id *id)
BIGNUM *bn = NULL, *q = NULL;
EC_POINT *e_prime_id = NULL, *a_nonce = NULL;
int ret = -1;
const EC_KEY *csign;
const EC_POINT *csign_point;
const EC_KEY *pp;
const EC_POINT *pp_point;
csign = EVP_PKEY_get0_EC_KEY(id->csign);
if (!csign)
pp = EVP_PKEY_get0_EC_KEY(id->pp_key);
if (!pp)
goto fail;
csign_point = EC_KEY_get0_public_key(csign);
pp_point = EC_KEY_get0_public_key(pp);
e_prime_id = EC_POINT_new(id->group);
a_nonce = EC_POINT_new(id->group);
ctx = BN_CTX_new();
@ -3107,12 +3119,12 @@ int dpp_update_reconfig_id(struct dpp_reconfig_id *id)
q = BN_new();
/* Generate random 0 <= a-nonce < q
* A-NONCE = a-nonce * G
* E'-id = E-id + a-nonce * S_C */
if (!csign_point || !e_prime_id || !a_nonce || !ctx || !bn || !q ||
* E'-id = E-id + a-nonce * P_pk */
if (!pp_point || !e_prime_id || !a_nonce || !ctx || !bn || !q ||
!EC_GROUP_get_order(id->group, q, ctx) ||
!BN_rand_range(bn, q) || /* bn = a-nonce */
!EC_POINT_mul(id->group, a_nonce, bn, NULL, NULL, ctx) ||
!EC_POINT_mul(id->group, e_prime_id, NULL, csign_point, bn, ctx) ||
!EC_POINT_mul(id->group, e_prime_id, NULL, pp_point, bn, ctx) ||
!EC_POINT_add(id->group, e_prime_id, id->e_id, e_prime_id, ctx))
goto fail;
@ -3145,6 +3157,7 @@ void dpp_free_reconfig_id(struct dpp_reconfig_id *id)
EVP_PKEY_free(id->csign);
EVP_PKEY_free(id->a_nonce);
EVP_PKEY_free(id->e_prime_id);
EVP_PKEY_free(id->pp_key);
os_free(id);
}
}

View File

@ -146,6 +146,7 @@ struct dpp_reconfig_id {
EVP_PKEY *csign;
EVP_PKEY *a_nonce; /* A-NONCE */
EVP_PKEY *e_prime_id; /* E'-id */
EVP_PKEY *pp_key;
};
/* dpp_tcp.c */

View File

@ -3730,7 +3730,9 @@ int wpas_dpp_reconfig(struct wpa_supplicant *wpa_s, const char *cmd)
dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
wpa_s->dpp_reconfig_id = dpp_gen_reconfig_id(ssid->dpp_csign,
ssid->dpp_csign_len);
ssid->dpp_csign_len,
ssid->dpp_pp_key,
ssid->dpp_pp_key_len);
if (!wpa_s->dpp_reconfig_id) {
wpa_printf(MSG_DEBUG,
"DPP: Failed to generate E-id for reconfiguration");