atheros: Add FILS AAD parameters in sta_auth() handler

This is needed to allow the driver SME to perform the needed AES-SIV operations during FILS association. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2024-11-25 00:38:24 -05:00 · 2017-04-21 19:39:55 +03:00 · 2017-04-21 19:39:55 +03:00 · f46c154c59
commit f46c154c59
parent 6b128fb2af
2 changed files with 55 additions and 0 deletions
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@ -21,6 +21,7 @@

 #include "common/defs.h"
 #include "common/ieee802_11_defs.h"
+#include "common/wpa_common.h"
 #ifdef CONFIG_MACSEC
 #include "pae/ieee802_1x_kay.h"
 #endif /* CONFIG_MACSEC */
@ -719,6 +720,31 @@ struct wpa_driver_sta_auth_params {
 	 * len - ie buffer length
 	 */
 	size_t len;
+
+	/**
+	 * fils_auth - Indicates whether FILS authentication is being performed
+	 */
+	int fils_auth;
+
+	/**
+	 * fils_anonce - ANonce (required for FILS)
+	 */
+	u8 fils_anonce[WPA_NONCE_LEN];
+
+	/**
+	 * fils_snonce - SNonce (required for FILS)
+	*/
+	u8 fils_snonce[WPA_NONCE_LEN];
+
+	/**
+	 * fils_kek - key for encryption (required for FILS)
+	 */
+	u8 fils_kek[WPA_KEK_MAX_LEN];
+
+	/**
+	 * fils_kek_len - Length of the fils_kek in octets (required for FILS)
+	 */
+	size_t fils_kek_len;
 };

 /**
--- a/src/drivers/driver_atheros.c
+++ b/src/drivers/driver_atheros.c
@ -36,6 +36,10 @@

 #include "ieee80211_external.h"

+/* Avoid conflicting definition from the driver header files with
+ * common/wpa_common.h */
+#undef WPA_OUI_TYPE
+

 #ifdef CONFIG_WPS
 #include <netpacket/packet.h>
@ -1065,7 +1069,32 @@ atheros_sta_auth(void *priv, struct wpa_driver_sta_auth_params *params)
 	wpa_printf(MSG_DEBUG, "%s: addr=%s status_code=%d",
 		   __func__, ether_sprintf(params->addr), params->status);

+#ifdef CONFIG_FILS
+	/* Copy FILS AAD parameters if the driver supports FILS */
+	if (params->fils_auth && drv->fils_en) {
+		wpa_printf(MSG_DEBUG, "%s: im_op IEEE80211_MLME_AUTH_FILS",
+			   __func__);
+		os_memcpy(mlme.fils_aad.ANonce, params->fils_anonce,
+			  IEEE80211_FILS_NONCE_LEN);
+		os_memcpy(mlme.fils_aad.SNonce, params->fils_snonce,
+			  IEEE80211_FILS_NONCE_LEN);
+		os_memcpy(mlme.fils_aad.kek, params->fils_kek,
+			  IEEE80211_MAX_WPA_KEK_LEN);
+		mlme.fils_aad.kek_len = params->fils_kek_len;
+		mlme.im_op = IEEE80211_MLME_AUTH_FILS;
+		wpa_hexdump(MSG_DEBUG, "FILS: ANonce",
+			    mlme.fils_aad.ANonce, FILS_NONCE_LEN);
+		wpa_hexdump(MSG_DEBUG, "FILS: SNonce",
+			    mlme.fils_aad.SNonce, FILS_NONCE_LEN);
+		wpa_hexdump_key(MSG_DEBUG, "FILS: KEK",
+				mlme.fils_aad.kek, mlme.fils_aad.kek_len);
+	} else {
+		mlme.im_op = IEEE80211_MLME_AUTH;
+	}
+#else /* CONFIG_FILS */
 	mlme.im_op = IEEE80211_MLME_AUTH;
+#endif /* CONFIG_FILS */
+
 	mlme.im_reason = params->status;
 	mlme.im_seq = params->seq;
 	os_memcpy(mlme.im_macaddr, params->addr, IEEE80211_ADDR_LEN);