This was removed in DPP tech spec v0.2.3.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
} else if (os_strcmp(buf, "dpp_csign") == 0) {
if (parse_wpabuf_hex(line, buf, &bss->dpp_csign, pos))
return 1;
- } else if (os_strcmp(buf, "dpp_csign_expiry") == 0) {
- bss->dpp_csign_expiry = strtol(pos, NULL, 0);
#endif /* CONFIG_DPP */
#ifdef CONFIG_OWE
} else if (os_strcmp(buf, "owe_transition_bssid") == 0) {
struct wpabuf *dpp_netaccesskey;
unsigned int dpp_netaccesskey_expiry;
struct wpabuf *dpp_csign;
- unsigned int dpp_csign_expiry;
#endif /* CONFIG_DPP */
#ifdef CONFIG_OWE
wpa_snprintf_hex(hex, hexlen,
wpabuf_head(auth->c_sign_key),
wpabuf_len(auth->c_sign_key));
- if (auth->c_sign_key_expiry)
- wpa_msg(hapd->msg_ctx, MSG_INFO,
- DPP_EVENT_C_SIGN_KEY "%s %lu", hex,
- (unsigned long)
- auth->c_sign_key_expiry);
- else
- wpa_msg(hapd->msg_ctx, MSG_INFO,
- DPP_EVENT_C_SIGN_KEY "%s", hex);
+ wpa_msg(hapd->msg_ctx, MSG_INFO,
+ DPP_EVENT_C_SIGN_KEY "%s", hex);
os_free(hex);
}
}
}
os_get_time(&now);
- if (hapd->conf->dpp_csign_expiry &&
- hapd->conf->dpp_csign_expiry < now.sec) {
- wpa_printf(MSG_DEBUG, "DPP: C-sign-key expired");
- return;
- }
if (hapd->conf->dpp_netaccesskey_expiry &&
hapd->conf->dpp_netaccesskey_expiry < now.sec) {
if (!expire || hapd->conf->dpp_netaccesskey_expiry < expire)
expire = hapd->conf->dpp_netaccesskey_expiry;
- if (!expire || hapd->conf->dpp_csign_expiry < expire)
- expire = hapd->conf->dpp_csign_expiry;
if (expire)
expiration = expire - now.sec;
else
int hostapd_dpp_configurator_add(struct hostapd_data *hapd, const char *cmd)
{
- char *expiry = NULL, *curve = NULL;
+ char *curve = NULL;
char *key = NULL;
u8 *privkey = NULL;
size_t privkey_len = 0;
int ret = -1;
struct dpp_configurator *conf = NULL;
- expiry = get_param(cmd, " expiry=");
curve = get_param(cmd, " curve=");
key = get_param(cmd, " key=");
if (!conf)
goto fail;
- if (expiry) {
- long int val;
-
- val = strtol(expiry, NULL, 0);
- if (val <= 0)
- goto fail;
- conf->csign_expiry = val;
- }
-
conf->id = hostapd_dpp_next_configurator_id(hapd);
dl_list_add(&hapd->dpp_configurator, &conf->list);
ret = conf->id;
conf = NULL;
fail:
os_free(curve);
- os_free(expiry);
str_clear_free(key);
bin_clear_free(privkey, privkey_len);
dpp_configurator_free(conf);
wpa_printf(MSG_DEBUG, "DPP: Failed to build csign JWK");
goto fail;
}
- if (auth->conf->csign_expiry) {
- struct os_tm tm;
-
- if (os_gmtime(auth->conf->csign_expiry, &tm) < 0) {
- wpa_printf(MSG_DEBUG,
- "DPP: Failed to generate expiry string");
- goto fail;
- }
- wpabuf_printf(buf,
- ",\"expiry\":\"%04u-%02u-%02uT%02u:%02u:%02uZ\"",
- tm.year, tm.month, tm.day,
- tm.hour, tm.min, tm.sec);
- }
wpabuf_put_str(buf, "}}");
}
dpp_debug_print_key("DPP: Received C-sign-key", csign_pub);
- token = json_get_member(cred, "expiry");
- if (!token || token->type != JSON_STRING) {
- wpa_printf(MSG_DEBUG,
- "DPP: No expiry string found - C-sign-key does not expire");
- } else {
- wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
- if (dpp_key_expired(token->string, &auth->c_sign_key_expiry)) {
- wpa_printf(MSG_DEBUG, "DPP: C-sign-key has expired");
- goto fail;
- }
- }
-
token = json_get_member(cred, "signedConnector");
if (!token || token->type != JSON_STRING) {
wpa_printf(MSG_DEBUG, "DPP: No signedConnector string found");
struct wpabuf *net_access_key;
os_time_t net_access_key_expiry;
struct wpabuf *c_sign_key;
- os_time_t c_sign_key_expiry;
#ifdef CONFIG_TESTING_OPTIONS
char *config_obj_override;
char *discovery_override;
EVP_PKEY *csign;
char *kid;
const struct dpp_curve_params *curve;
- os_time_t csign_expiry;
};
struct dpp_introduction {
{ STR_LEN(dpp_netaccesskey) },
{ INT(dpp_netaccesskey_expiry) },
{ STR_LEN(dpp_csign) },
- { INT(dpp_csign_expiry) },
#endif /* CONFIG_DPP */
{ INT_RANGE(owe_group, 0, 65535) },
};
STR(dpp_netaccesskey);
INT(dpp_netaccesskey_expiry);
STR(dpp_csign);
- INT(dpp_csign_expiry);
#endif /* CONFIG_DPP */
INT(owe_group);
#ifdef CONFIG_HT_OVERRIDES
*/
size_t dpp_csign_len;
- /**
- * dpp_csign_expiry - C-sign-key expiry in UNIX time stamp
- *
- * 0 indicates no expiration.
- */
- unsigned int dpp_csign_expiry;
-
/**
* owe_group - OWE DH Group
*
os_memcpy(ssid->dpp_csign, wpabuf_head(auth->c_sign_key),
wpabuf_len(auth->c_sign_key));
ssid->dpp_csign_len = wpabuf_len(auth->c_sign_key);
- ssid->dpp_csign_expiry = auth->c_sign_key_expiry;
}
if (auth->net_access_key) {
wpa_snprintf_hex(hex, hexlen,
wpabuf_head(auth->c_sign_key),
wpabuf_len(auth->c_sign_key));
- if (auth->c_sign_key_expiry)
- wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY
- "%s %lu", hex,
- (long unsigned)
- auth->c_sign_key_expiry);
- else
- wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY
- "%s", hex);
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s",
+ hex);
os_free(hex);
}
}
os_memcpy(entry->pmk, intro.pmk, intro.pmk_len);
entry->pmk_len = intro.pmk_len;
entry->akmp = WPA_KEY_MGMT_DPP;
- if (!expiry || expiry > ssid->dpp_csign_expiry)
- expiry = ssid->dpp_csign_expiry;
if (expiry) {
os_get_time(&now);
seconds = expiry - now.sec;
int wpas_dpp_configurator_add(struct wpa_supplicant *wpa_s, const char *cmd)
{
- char *expiry = NULL, *curve = NULL;
+ char *curve = NULL;
char *key = NULL;
u8 *privkey = NULL;
size_t privkey_len = 0;
int ret = -1;
struct dpp_configurator *conf = NULL;
- expiry = get_param(cmd, " expiry=");
curve = get_param(cmd, " curve=");
key = get_param(cmd, " key=");
if (!conf)
goto fail;
- if (expiry) {
- long int val;
-
- val = strtol(expiry, NULL, 0);
- if (val <= 0)
- goto fail;
- conf->csign_expiry = val;
- }
-
conf->id = wpas_dpp_next_configurator_id(wpa_s);
dl_list_add(&wpa_s->dpp_configurator, &conf->list);
ret = conf->id;
conf = NULL;
fail:
os_free(curve);
- os_free(expiry);
str_clear_free(key);
bin_clear_free(privkey, privkey_len);
dpp_configurator_free(conf);
os_get_time(&now);
- if (ssid->dpp_csign_expiry && ssid->dpp_csign_expiry < now.sec) {
- wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
- "C-sign-key expired");
- return -1;
- }
-
if (ssid->dpp_netaccesskey_expiry &&
ssid->dpp_netaccesskey_expiry < now.sec) {
wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR