]> git.ipfire.org Git - thirdparty/hostap.git/log
thirdparty/hostap.git
7 years agoDPP: Add DPP_CONFIGURATOR_SIGN support to hostapd
Jouni Malinen [Mon, 27 Nov 2017 10:43:40 +0000 (12:43 +0200)] 
DPP: Add DPP_CONFIGURATOR_SIGN support to hostapd

Configurator signing its own Connector was previously supported only in
wpa_supplicant. This commit extends that to hostapd to allow an AP
acting as a Configurator to self-configure itself.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Move hostapd Configurator/bootstrap data into global context
Jouni Malinen [Mon, 27 Nov 2017 11:22:32 +0000 (13:22 +0200)] 
DPP: Move hostapd Configurator/bootstrap data into global context

This moves the Configurator and Bootstrapping Information data from
struct hostapd_data (per-BSS) to struct hapd_interfaces (per-hostapd
process). This allows the information to be maintained over interface
restarts and shared between interfaces.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP QR Code and mutual authentication with auto-generated key
Jouni Malinen [Sun, 26 Nov 2017 15:43:43 +0000 (17:43 +0200)] 
tests: DPP QR Code and mutual authentication with auto-generated key

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Auto-generate Initiator bootstrapping info if needed
Jouni Malinen [Sun, 26 Nov 2017 15:41:22 +0000 (17:41 +0200)] 
DPP: Auto-generate Initiator bootstrapping info if needed

Instead of using the all-zeros Initiator Bootstrapping Key Hash when no
local bootstrapping key is configuref for the Initiator, automatically
generate a temporary bootstrapping key for the same curve that the
Responder uses. If the Responder indicates that it wants to do mutual
authentication, provide the URI for the auto-generated bootstrapping key
in the DPP-RESPONSE-PENDING event for upper layers to display the QR
Code.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Allow ap_ft for remote tests
Janusz Dziedzic [Fri, 3 Nov 2017 19:07:33 +0000 (20:07 +0100)] 
tests: Allow ap_ft for remote tests

Fix problem when running ap_ft test cases with real HW using remote
tests and hwsim wrapper by using the newer hostapd.app_ap() API.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
7 years agotests: Split ap_vht160 into two test cases (ap_vht160 and ap_vht160b)
Jouni Malinen [Sun, 26 Nov 2017 11:27:25 +0000 (13:27 +0200)] 
tests: Split ap_vht160 into two test cases (ap_vht160 and ap_vht160b)

These VHT160 with DFS cases were in a single test case to optimize test
execution time with parallel wait for the 60 second CAC. However, this
design has become difficult to support with the kernel changes that
allow radar events to be shared between interfaces. To avoid need for
more workarounds here just for testing purposes, split this into two
test cases so that conflicting events from another interface do not
cause the test case to fail.

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agotests: Split dfs_radar into two test cases (dfs_radar1 and dfs_radar2)
Jouni Malinen [Sun, 26 Nov 2017 10:57:27 +0000 (12:57 +0200)] 
tests: Split dfs_radar into two test cases (dfs_radar1 and dfs_radar2)

These DFS radar detection cases were in a single test case to optimize
test execution time with parallel wait for the 60 second CAC. However,
this design has become difficult to support with the kernel changes that
allow radar events to be shared between interfaces. To avoid need for
more workarounds here just for testing purposes, split this into two
test cases so that conflicting events from another interface do not
cause the test case to fail.

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agonl80211: Filter global events based on wiphy
Sriram R [Mon, 20 Nov 2017 12:48:41 +0000 (18:18 +0530)] 
nl80211: Filter global events based on wiphy

Avoid same interface processing nl80211 events when at least one of
IFIDX, WDEV, or WIPHY index attribute is available in the nl80211 event
message.

Previously, a same interface processes events when ifidx and wdev id
attribute were not available in the nl80211 message. This is extended to
check the presence of wiphy index attribute as well since some radar
notifications include only WIPHY index attrbute in the nl80211 message.

Signed-off-by: Sriram R <srirrama@qti.qualcomm.com>
7 years agotests: Enable dynamic debugging for mac80211_hwsim
Lubomir Rintel [Mon, 16 Oct 2017 07:32:47 +0000 (09:32 +0200)] 
tests: Enable dynamic debugging for mac80211_hwsim

mac80211_hwsim module typically dumps a lot of details into the kernel
message buffer. While it's probably okay in a dedicated VM, it's way too
chatty in other setups.

The kernel allows fine-tuning logging via the dynamic debugging
facility. Let's enable all logging locations in the mac80211_hwsim
module so that we don't loose debugging output when the kernel adopts
the dynamic debug mechanism for the driver.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
7 years agotests: ap_ht40_scan to print STATUS and STA information to log
Jouni Malinen [Sat, 25 Nov 2017 11:26:13 +0000 (13:26 +0200)] 
tests: ap_ht40_scan to print STATUS and STA information to log

This can be used to check the supported rate information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agohostapd: Add supported rate information into STATUS and STA
Bhagavathi Perumal S [Fri, 3 Nov 2017 05:14:15 +0000 (10:44 +0530)] 
hostapd: Add supported rate information into STATUS and STA

These allow external programs to determine supported legacy, HT, and VHT
rates of an interface or a STA.

Signed-off-by: Bhagavathi Perumal S <bperumal@qti.qualcomm.com>
7 years agoFILS: Do not leave error value in left counter
Jouni Malinen [Fri, 24 Nov 2017 10:21:18 +0000 (12:21 +0200)] 
FILS: Do not leave error value in left counter

If fils_decrypt_assoc() were to fail on the AP side, the previous
implementation could have continued through the response generation
using left = -1. That could have resulted in unexpected processing if
this value were to be used as the length of the remaining (unencrypted)
IEs. Fix this by not updating left in the failure case.

Fixes: 78815f3dde6e ("FILS: Decrypt Association Request elements and check Key-Auth (AP)")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoWPA: Check wpa_eapol_key_mic() result on TX
Jouni Malinen [Fri, 24 Nov 2017 10:13:26 +0000 (12:13 +0200)] 
WPA: Check wpa_eapol_key_mic() result on TX

Verify that nothing unexpected happened with EAPOL-Key Key MIC
calculation when transmitting EAPOL-Key frames from the Authenticator.
This should not be able to happen in practice, but if if it does, there
is no point in sending out the frame without the correct Key MIC value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP and PKEX (P-256) test vector
Jouni Malinen [Thu, 23 Nov 2017 23:43:23 +0000 (01:43 +0200)] 
tests: DPP and PKEX (P-256) test vector

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Allow PKEX x/X and y/Y keypairs to be overridden
Jouni Malinen [Thu, 23 Nov 2017 23:41:50 +0000 (01:41 +0200)] 
DPP: Allow PKEX x/X and y/Y keypairs to be overridden

This is for testing purposes to allow a test vector with specific values
to be generated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Print more interim EC_POINT results into debug log
Jouni Malinen [Thu, 23 Nov 2017 23:02:59 +0000 (01:02 +0200)] 
DPP: Print more interim EC_POINT results into debug log

This makes it easier to debug issues related to DPP/PKEX EC operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Allow PKEX own/peer MAC addresses to be overridden
Jouni Malinen [Thu, 23 Nov 2017 21:47:52 +0000 (23:47 +0200)] 
DPP: Allow PKEX own/peer MAC addresses to be overridden

This is for testing purposes to allow a test vector with specific values
to be generated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Provide peer_mac to PKEX Initiator through function argument
Jouni Malinen [Thu, 23 Nov 2017 21:32:33 +0000 (23:32 +0200)] 
DPP: Provide peer_mac to PKEX Initiator through function argument

Avoid unnecessary direct write to a struct dpp_pkex member from outside
dpp.c.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Work around missing EVP_PKEY_CTX_set_ec_param_enc()
Jouni Malinen [Thu, 23 Nov 2017 18:28:57 +0000 (20:28 +0200)] 
DPP: Work around missing EVP_PKEY_CTX_set_ec_param_enc()

This allows compilation with older OpenSSL 1.0.1.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Remove compiler warnings about signed/unsigned comparisons
Jouni Malinen [Thu, 23 Nov 2017 18:24:37 +0000 (20:24 +0200)] 
DPP: Remove compiler warnings about signed/unsigned comparisons

These timestamp comparisons did not use matching signedness.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Fix error return value in dpp_auth_conf_rx()
Jouni Malinen [Thu, 23 Nov 2017 18:20:39 +0000 (20:20 +0200)] 
DPP: Fix error return value in dpp_auth_conf_rx()

Commit 03abb6b5416d472d473c7017802236f8397d0278 ('DPP: Reject unexpected
Req/Resp message based on Auth/PKEX role') used incorrect type of error
value (NULL vs. -1). Fix that.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agohostapd: Disassoc STA without WPA/RSN IE if AP proto is WPA/RSN
Hu Wang [Wed, 25 Oct 2017 11:51:09 +0000 (19:51 +0800)] 
hostapd: Disassoc STA without WPA/RSN IE if AP proto is WPA/RSN

With the AP proto configured being WPA/RSN and SME in the
driver, the previous implementation in hostapd is to not
process hostapd_notif_assoc() due to "No WPA/RSN IE from STA",
if the (Re)Association Request frame is without the WPA/RSN IEs.

Enhance that to disassociate such station provided the AP is not using
WPS.

Signed-off-by: Hu Wang <huw@codeaurora.org>
7 years agotests: Probe Request frame RX events from hostapd
Jouni Malinen [Thu, 23 Nov 2017 17:46:35 +0000 (19:46 +0200)] 
tests: Probe Request frame RX events from hostapd

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agohostapd: Add wpa_msg_ctrl() to report Probe Request frames from STA
bhagavathi perumal s [Wed, 1 Nov 2017 17:09:55 +0000 (22:39 +0530)] 
hostapd: Add wpa_msg_ctrl() to report Probe Request frames from STA

This allows external applications to get event indication for Probe
Request frames. Extend ctrl iface cmd "ATTACH" to enable this event on
per-request basis. For example, user has to send ctrl iface cmd "ATTACH
probe_rx_events=1" to enable the Probe Request frame events.

Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
7 years agotests: Fix dpp_auth_req_retries* check for DPP capability
Jouni Malinen [Thu, 23 Nov 2017 18:11:38 +0000 (20:11 +0200)] 
tests: Fix dpp_auth_req_retries* check for DPP capability

Need to do this before trying to set the DPP test parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP Auth Req retry behavior
Jouni Malinen [Thu, 23 Nov 2017 11:15:40 +0000 (13:15 +0200)] 
tests: DPP Auth Req retry behavior

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Fix number of Authentication Request retry cases
Jouni Malinen [Thu, 23 Nov 2017 11:08:45 +0000 (13:08 +0200)] 
DPP: Fix number of Authentication Request retry cases

Previous implementation did not handle number of sequences correctly.
Make sure the iteration continues in both unicast and broadcast cases
until the five attempts have been made. In addition, improve timing by
checking 10 second time from the beginning of each iteration round and
not the last channel on which the Auth Req frame has been transmitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Take response wait time into account for init retries
Jouni Malinen [Wed, 22 Nov 2017 22:42:20 +0000 (00:42 +0200)] 
DPP: Take response wait time into account for init retries

Previously, the Authentication Request frame was retried after 2+10 = 12
seconds since the wait for the response was not accounted for. Substract
that wait from the 10 second wait time to start the retries more quickly
based on the 10 second timer described in the tech spec.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Stop Authentication Request attempts if no response after ACK
Jouni Malinen [Wed, 22 Nov 2017 22:22:13 +0000 (00:22 +0200)] 
DPP: Stop Authentication Request attempts if no response after ACK

If unicast Authentication Request frame is used and the peer ACKs such a
frame, but does not reply within the two second limit, there is no need
to continue trying to retransmit the request frames since the peer was
found, but not responsive.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP with SAE
Jouni Malinen [Wed, 22 Nov 2017 19:22:10 +0000 (21:22 +0200)] 
tests: DPP with SAE

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Add SAE credential support to Configurator
Jouni Malinen [Wed, 22 Nov 2017 19:22:23 +0000 (21:22 +0200)] 
DPP: Add SAE credential support to Configurator

The new conf={sta,ap}-{sae,psk-sae} parameter values can now be used to
specify that the legacy configuration object is for SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Add akm=sae and akm=psk+sae support in Enrollee role
Jouni Malinen [Wed, 22 Nov 2017 19:04:41 +0000 (21:04 +0200)] 
DPP: Add akm=sae and akm=psk+sae support in Enrollee role

This allows DPP to be used for enrolling credentials for SAE networks in
addition to the legacy PSK (WPA-PSK) case. In addition, enable FT-PSK
and FT-SAE cases automatically.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP protocol testing - invalid I-nonce in Auth Req
Jouni Malinen [Wed, 22 Nov 2017 15:34:05 +0000 (17:34 +0200)] 
tests: DPP protocol testing - invalid I-nonce in Auth Req

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Protocol testing capability to send invalid I-Nonce in Auth Req
Jouni Malinen [Wed, 22 Nov 2017 14:23:42 +0000 (16:23 +0200)] 
DPP: Protocol testing capability to send invalid I-Nonce in Auth Req

Extend dpp_test to cover one more invalid behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP and PKEX retry behavior
Jouni Malinen [Wed, 22 Nov 2017 13:55:51 +0000 (15:55 +0200)] 
tests: DPP and PKEX retry behavior

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Retry PKEX Exchange Request frame up to five times
Jouni Malinen [Wed, 22 Nov 2017 13:54:35 +0000 (15:54 +0200)] 
DPP: Retry PKEX Exchange Request frame up to five times

Retransmit the PKEX Exchange Request frame if no response from a peer is
received. This makes the exchange more robust since this frame is sent
to a broadcast address and has no link layer retries.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut DPP/QR initiator as Configurator (neg_freq)
Jouni Malinen [Mon, 20 Nov 2017 23:12:58 +0000 (01:12 +0200)] 
tests: sigma_dut DPP/QR initiator as Configurator (neg_freq)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut DPP/QR initiator as Configurator or Enrollee
Jouni Malinen [Mon, 20 Nov 2017 23:02:37 +0000 (01:02 +0200)] 
tests: sigma_dut DPP/QR initiator as Configurator or Enrollee

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Double TPK M2 during TDLS setup initiation
Jouni Malinen [Mon, 20 Nov 2017 22:49:17 +0000 (00:49 +0200)] 
tests: Double TPK M2 during TDLS setup initiation

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoTDLS: Add testing capability to send TPK M2 twice
Jouni Malinen [Mon, 20 Nov 2017 22:48:52 +0000 (00:48 +0200)] 
TDLS: Add testing capability to send TPK M2 twice

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Open AP and STA reassociating back without auth exchange
Jouni Malinen [Mon, 20 Nov 2017 19:31:36 +0000 (21:31 +0200)] 
tests: Open AP and STA reassociating back without auth exchange

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Additional DPP protocol testing for Peer Discovery Req/Resp
Jouni Malinen [Sun, 19 Nov 2017 15:15:48 +0000 (17:15 +0200)] 
tests: Additional DPP protocol testing for Peer Discovery Req/Resp

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Protocol testing for invalid Peer Discovery Req/Resp values
Jouni Malinen [Sun, 19 Nov 2017 15:15:02 +0000 (17:15 +0200)] 
DPP: Protocol testing for invalid Peer Discovery Req/Resp values

Extend dpp_test to allow more invalid attribute values to be written
into Peer Discovery Request/Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Fix ap_cipher_tkip_countermeasures_sta2
Jouni Malinen [Sun, 19 Nov 2017 14:02:07 +0000 (16:02 +0200)] 
tests: Fix ap_cipher_tkip_countermeasures_sta2

hostapd implementation was changed to use a valid Status Code when
rejecting the connection. This test case was forgotten at the time, but
it needs a matching change to allow the new value (1 instead of 14).

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agotests: DPP protocol testing - invalid Config Attr Obj in Conf Req
Jouni Malinen [Sun, 19 Nov 2017 12:12:55 +0000 (14:12 +0200)] 
tests: DPP protocol testing - invalid Config Attr Obj in Conf Req

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Protocol testing for invalid Config Attrib Object value
Jouni Malinen [Sun, 19 Nov 2017 12:12:10 +0000 (14:12 +0200)] 
DPP: Protocol testing for invalid Config Attrib Object value

Extend dpp_test to cover a case where Config Attrib Object value is
invalid in Configuration Request frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP protocol testing - invalid Status in Auth Resp/Conf
Jouni Malinen [Sun, 19 Nov 2017 10:53:50 +0000 (12:53 +0200)] 
tests: DPP protocol testing - invalid Status in Auth Resp/Conf

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Protocol testing for invalid DPP Status value
Jouni Malinen [Sun, 19 Nov 2017 10:53:04 +0000 (12:53 +0200)] 
DPP: Protocol testing for invalid DPP Status value

Extend dpp_test to cover cases where DPP Status value is invalid in
Authentication Response/Confirm frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Use helper functions to build Bootstrap Key Hash attributes
Jouni Malinen [Sun, 19 Nov 2017 10:41:57 +0000 (12:41 +0200)] 
DPP: Use helper functions to build Bootstrap Key Hash attributes

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Replace custom undefined attr with DPP Status in after-wrapped data
Jouni Malinen [Sun, 19 Nov 2017 10:32:00 +0000 (12:32 +0200)] 
DPP: Replace custom undefined attr with DPP Status in after-wrapped data

This has the same impact and is needed for some testing needs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Use a helper function to build DPP Status attribute
Jouni Malinen [Sun, 19 Nov 2017 10:27:14 +0000 (12:27 +0200)] 
DPP: Use a helper function to build DPP Status attribute

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut DPP/QR (mutual) initiator (response pending)
Jouni Malinen [Sun, 19 Nov 2017 10:07:07 +0000 (12:07 +0200)] 
tests: sigma_dut DPP/QR (mutual) initiator (response pending)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP protocol testing for invalid I/R-bootstrap key hash
Jouni Malinen [Sun, 19 Nov 2017 09:33:22 +0000 (11:33 +0200)] 
tests: DPP protocol testing for invalid I/R-bootstrap key hash

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Protocol testing for writing invalid I/R Bootstrap Key Hash
Jouni Malinen [Sun, 19 Nov 2017 09:32:02 +0000 (11:32 +0200)] 
DPP: Protocol testing for writing invalid I/R Bootstrap Key Hash

Extend dpp_test to cover cases where Initiator/Responder Bootstrap Key
Hash value in DPP Authentication frames is invalid (flip one bit).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP protocol testing - invalid I/R-proto key in Auth Req/Resp
Jouni Malinen [Sat, 18 Nov 2017 22:12:37 +0000 (00:12 +0200)] 
tests: DPP protocol testing - invalid I/R-proto key in Auth Req/Resp

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Protocol testing capability to generate invalid Protocol Key
Jouni Malinen [Sat, 18 Nov 2017 22:11:44 +0000 (00:11 +0200)] 
DPP: Protocol testing capability to generate invalid Protocol Key

This extends dpp_test to allow invalid Initiator/Responder Protocol Key
to be written into the Authentication Request/Response frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut controlled AP and PSKHEX
Jouni Malinen [Sat, 18 Nov 2017 15:48:27 +0000 (17:48 +0200)] 
tests: sigma_dut controlled AP and PSKHEX

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoStronger GTK derivation routine
Jouni Malinen [Sat, 18 Nov 2017 15:08:11 +0000 (17:08 +0200)] 
Stronger GTK derivation routine

If the build include SHA384, use that to derive GTK from GMK. In
addition, add more random bytes bytes to the PRF-X() context data for
longer GTK to reduce dependency on the randomness of the GMK.

GMK is 256 bits of random data and it was used with SHA256, so the
previous design was likely sufficient for all needs even with 128 bits
of additional randomness in GTK derivation. Anyway, adding up to 256
bits of new randomness and using SHA384 can be helpful extra protection
particularly for the cases using GCMP-256 or CCMP-256 as the group
cipher.

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agotests: Use group 26 instead of 25 in mesh test cases
Jouni Malinen [Sat, 18 Nov 2017 11:57:59 +0000 (13:57 +0200)] 
tests: Use group 26 instead of 25 in mesh test cases

This allows mesh_sae_groups_invalid and
wpas_mesh_secure_sae_group_negotiation to be run with BoringSSL (group
25 not available anymore).

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agotests: Skip fils_sk_pfs_25 with BoringSSL
Jouni Malinen [Sat, 18 Nov 2017 11:55:41 +0000 (13:55 +0200)] 
tests: Skip fils_sk_pfs_25 with BoringSSL

It looks like BoringSSL has dropped support for group 25 (192-bit Random
ECP Group).

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agotests: Skip ap_wpa2_eap_fast_eap_sim if no EAP-FAST support
Jouni Malinen [Sat, 18 Nov 2017 11:49:19 +0000 (13:49 +0200)] 
tests: Skip ap_wpa2_eap_fast_eap_sim if no EAP-FAST support

Signed-off-by: Jouni Malinen <j@w1.fi>
7 years agoDPP: Fix dpp_test_gen_invalid_key() with BoringSSL
Jouni Malinen [Sat, 18 Nov 2017 11:22:17 +0000 (13:22 +0200)] 
DPP: Fix dpp_test_gen_invalid_key() with BoringSSL

Unlike OpenSSL, BoringSSL returns an error from
EC_POINT_set_affine_coordinates_GFp() is not on the curve. As such, need
to behave differently here depending on which library is used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Skip DPP tests with Brainpool curves when using BoringSSL
Jouni Malinen [Sat, 18 Nov 2017 11:07:44 +0000 (13:07 +0200)] 
tests: Skip DPP tests with Brainpool curves when using BoringSSL

BoringSSL does not include these EC curves.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Build bootstrapping key DER encoding using custom routine
Jouni Malinen [Sat, 18 Nov 2017 10:19:43 +0000 (12:19 +0200)] 
DPP: Build bootstrapping key DER encoding using custom routine

While the OpenSSL version of i2d_EC_PUBKEY() seemed to be able to use
the POINT_CONVERSION_COMPRESSED setting on the EC key, that did not seem
to work with BoringSSL. Since this is not exactly robust design, replace
use of i2d_EC_PUBKEY() with a custom routine that enforces the DPP rules
on SubjectPublicKeyInfo (compressed format of the public key,
ecPublicKey OID, parameters present and indicating the curve by OID).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Use a helper function to DER encode bootstrapping key
Jouni Malinen [Sat, 18 Nov 2017 10:14:21 +0000 (12:14 +0200)] 
DPP: Use a helper function to DER encode bootstrapping key

This routine was previously implemented twice using i2d_EC_PUBKEY().
There is no need to duplicate that implementation and especially since
it looks like this implementation needs to be replaced for BoringSSL,
start by using a shared helper function for both locations so that there
is only a single place that uses i2d_EC_PUBKEY() to build the special
DPP bootstrapping key DER encoding.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoBoringSSL: Add AES support with 192-bit keys
Jouni Malinen [Fri, 17 Nov 2017 19:03:04 +0000 (21:03 +0200)] 
BoringSSL: Add AES support with 192-bit keys

BoringSSL restored the previously removed AES-192 ECB support in ("Add
AES-192 ECB.") commit. Since this is needed for DPP with the P-384
curve, restore support for this through EVP_aes_192_ecb().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoOpenSSL: Debug message if requested AES key length is not supported
Jouni Malinen [Fri, 17 Nov 2017 18:57:56 +0000 (20:57 +0200)] 
OpenSSL: Debug message if requested AES key length is not supported

This makes it clearer why some AES operations fail especially with
BoringSSL where the 192-bit case is not supported.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoBoringSSL: Add DPP special cases regardless of claimed version number
Jouni Malinen [Fri, 17 Nov 2017 18:44:42 +0000 (20:44 +0200)] 
BoringSSL: Add DPP special cases regardless of claimed version number

It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide ECDSA_SIG_set0() or
ECDSA_SIG_get0(). For now, add the helper functions regardless of the
version BoringSSL claims to be. Similarly, include the X509_ALGOR_get0()
workaround unconditionally for BoringSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoBoringSSL: Implement crypto_ecdh_init()
Jouni Malinen [Fri, 17 Nov 2017 18:41:25 +0000 (20:41 +0200)] 
BoringSSL: Implement crypto_ecdh_init()

BoringSSL does not provide some of the OpenSSL API that was used here,
so update this to use similar design to what was already done with DPP
key derivation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoBoringSSL: Comment out SSL_set_default_passwd_cb*() calls
Jouni Malinen [Fri, 17 Nov 2017 18:34:17 +0000 (20:34 +0200)] 
BoringSSL: Comment out SSL_set_default_passwd_cb*() calls

It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide SSL_set_default_passwd_cb*(). For
now, comment out this regardless of the version BoringSSL claims to be.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoBoringSSL: Comment out SSL_set1_sigalgs_list() call
Jouni Malinen [Fri, 17 Nov 2017 18:30:37 +0000 (20:30 +0200)] 
BoringSSL: Comment out SSL_set1_sigalgs_list() call

It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide SSL_set1_sigalgs_list(). For now,
comment out this regardless of the version BoringSSL claims to be.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoBoringSSL: Define RSA_bits() helper
Jouni Malinen [Fri, 17 Nov 2017 18:24:46 +0000 (20:24 +0200)] 
BoringSSL: Define RSA_bits() helper

It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide RSA_bits(). For now, add this
backwards compatibility wrapper for BoringSSL regardless of the version
it claims to be.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut DPP Configurator and self-configuration
Jouni Malinen [Fri, 17 Nov 2017 17:14:21 +0000 (19:14 +0200)] 
tests: sigma_dut DPP Configurator and self-configuration

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Fix spelling of sigma_dut DPPConfEnrolleeRole argument
Jouni Malinen [Fri, 17 Nov 2017 17:13:50 +0000 (19:13 +0200)] 
tests: Fix spelling of sigma_dut DPPConfEnrolleeRole argument

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: Fix ap_config_reload_on_sighup test
Sriram R [Fri, 17 Nov 2017 09:43:36 +0000 (15:13 +0530)] 
tests: Fix ap_config_reload_on_sighup test

Use absolute path name for configuration file to ensure the file can be
succesfully reloaded and read on SIGHUP signal. This is needed when
running the test case on host (i.e., not using a VM).

Signed-off-by: Sriram R <srirrama@qti.qualcomm.com>
7 years agotests: sigma_dut and group cipher override on AP
Jouni Malinen [Fri, 17 Nov 2017 10:44:50 +0000 (12:44 +0200)] 
tests: sigma_dut and group cipher override on AP

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut and AP enabling two pairwise ciphers
Jouni Malinen [Fri, 17 Nov 2017 10:33:08 +0000 (12:33 +0200)] 
tests: sigma_dut and AP enabling two pairwise ciphers

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: hostapd group_cipher override
Jouni Malinen [Fri, 17 Nov 2017 10:33:33 +0000 (12:33 +0200)] 
tests: hostapd group_cipher override

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoAllow group cipher selection to be overridden
Jouni Malinen [Fri, 17 Nov 2017 10:31:41 +0000 (12:31 +0200)] 
Allow group cipher selection to be overridden

The new hostapd configuration parameter group_cipher can now be used to
override the automatic cipher selection based on enabled pairwise
ciphers. It should be noted that selecting an unexpected group cipher
can result in interoperability issues and this new capability is mainly
for testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agowlantest: Search bss/sta entry more thoroughly for 4-address frames
Jouni Malinen [Wed, 15 Nov 2017 00:12:20 +0000 (02:12 +0200)] 
wlantest: Search bss/sta entry more thoroughly for 4-address frames

Previous design worked for the case where only one of the devices was
beaconing, but failed in one direction to find the PTK if both devices
beaconed. Fix this by checking the A1/A2 fields in both directions if
the first pick fails to find the sta entry.

In addition, select the proper rsc value (rsc_tods vs. rsc_fromds) based
on A2 (TA) value for ToDS+FromDS frames to avoid reporting incorrect
replay issues.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoFix block comment style in QCA vendor attribute definition
Edayilliam Jayadev [Wed, 8 Nov 2017 05:52:40 +0000 (11:22 +0530)] 
Fix block comment style in QCA vendor attribute definition

Fix the block comment style issue introduced as part of commit
fbfceef3af7f8d454926548f6a7ebe7f9bb4848a ("Add QCA vendor commands for
spectral scan").

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoAdd QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING
tinlin [Tue, 14 Nov 2017 03:37:03 +0000 (11:37 +0800)] 
Add QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING

Add sub-command QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING to flush
pending packets in firmware. The attributes are listed in enum
qca_wlan_vendor_attr_flush_pending. The QCA_WLAN_VENDOR_ATTR_PEER_ADDR
specifies the peer MAC address and the QCA_WLAN_VENDOR_ATTR_AC specifies
the access category of the pending packets.

Signed-off-by: Lin Tingting <tinlin@qti.qualcomm.com>
7 years agoAdd new QCA vendor attribute for LL stats
Zhang Qian [Wed, 8 Nov 2017 08:49:04 +0000 (16:49 +0800)] 
Add new QCA vendor attribute for LL stats

A new vendor attribute QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_PENDING_MSDU
is added for vendor sub-command QCA_NL80211_VENDOR_SUBCMD_LL_STATS_GET.
This attribute is for pending MSDUs corresponding to respective AC.

Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
7 years agoatheros: Process SAE authentication frames using EVENT_RX_MGMT
Ashok Kumar Ponnaiah [Tue, 14 Nov 2017 16:47:07 +0000 (18:47 +0200)] 
atheros: Process SAE authentication frames using EVENT_RX_MGMT

This adds support for SAE in AP mode with the atheros driver interface.
EVENT_RX_MGMT includes SAE processing while EVENT_AUTH would require
more changes to make this work.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoatheros: Generate EVENT_TX_STATUS events for management frames
Ashok Kumar Ponnaiah [Tue, 14 Nov 2017 16:44:05 +0000 (18:44 +0200)] 
atheros: Generate EVENT_TX_STATUS events for management frames

This is needed for DPP functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agocommon: Avoid conflict with __bitwise macro from linux/types.h
Beniamino Galvani [Mon, 30 Oct 2017 10:14:40 +0000 (11:14 +0100)] 
common: Avoid conflict with __bitwise macro from linux/types.h

Undefine the __bitwise macro before defining it to avoid conflicts
with the one from linux/types.h; the same is done some lines above
when __CHECKER__ is defined. Fixes the following warning:

  In file included from ../src/l2_packet/l2_packet_linux.c:15:0:
  hostap/src/utils/common.h:438:0: warning: "__bitwise" redefined
   #define __bitwise

  In file included from /usr/include/linux/filter.h:9:0,
                   from ../src/l2_packet/l2_packet_linux.c:13:
  /usr/include/linux/types.h:21:0: note: this is the location of the previous definition
   #define __bitwise __bitwise__

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
7 years agoDPP: Fix compiler warning of testing code
Masashi Honma [Thu, 9 Nov 2017 20:13:21 +0000 (05:13 +0900)] 
DPP: Fix compiler warning of testing code

../src/common/dpp.c: In function 'dpp_test_gen_invalid_key':
../src/common/dpp.c:5531:10: warning: return makes integer from pointer without a cast [-Wint-conversion]
   return NULL;
          ^

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
7 years agowlantest: Do not ignore RSN/WPA/OSEN element before full BSS info
Jouni Malinen [Tue, 14 Nov 2017 10:55:48 +0000 (12:55 +0200)] 
wlantest: Do not ignore RSN/WPA/OSEN element before full BSS info

wlantest used to ignore RSN/WPA/OSEN element in (Re)Association Request
frame if no Beacon frame had been seen from the AP before the
association exchange. This could result in not being able to derive keys
properly. Work around this by skipping that step if the BSS entry is not
yet complete.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agowlantest: Remove unnecessary duplication of tk_len from STA entries
Jouni Malinen [Tue, 14 Nov 2017 10:54:45 +0000 (12:54 +0200)] 
wlantest: Remove unnecessary duplication of tk_len from STA entries

The length of the TK is available within struct wpa_ptk, so there is no
need to try to maintain it separately in wlantest.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoReject PMK-to-PTK derivation with unsupported cipher
Jouni Malinen [Tue, 14 Nov 2017 10:50:30 +0000 (12:50 +0200)] 
Reject PMK-to-PTK derivation with unsupported cipher

There should be no wpa_pmk_to_ptk() calls with the cipher argument
indicating a cipher that is not allowed as a pairwise cipher. However,
it looks like that was possible to happen with wlantest. Check for this
corner case explicitly to avoid generating confusing debug logs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut DPP/QR (mutual) responder (response pending sequence)
Jouni Malinen [Mon, 13 Nov 2017 17:16:35 +0000 (19:16 +0200)] 
tests: sigma_dut DPP/QR (mutual) responder (response pending sequence)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: sigma_dut DPP/QR responder (channel list override)
Jouni Malinen [Mon, 13 Nov 2017 16:44:24 +0000 (18:44 +0200)] 
tests: sigma_dut DPP/QR responder (channel list override)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP protocol testing - Auth Conf replaced by Res
Jouni Malinen [Mon, 13 Nov 2017 10:55:34 +0000 (12:55 +0200)] 
tests: DPP protocol testing - Auth Conf replaced by Res

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Testing capability to send unexpected Authentication Response
Jouni Malinen [Mon, 13 Nov 2017 10:47:30 +0000 (12:47 +0200)] 
DPP: Testing capability to send unexpected Authentication Response

This is for protocol testing to check what happens if the Responser
receives an unexpected Authentication Response instead of Authentication
Confirm.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Reject unexpected Req/Resp message based on Auth/PKEX role
Jouni Malinen [Mon, 13 Nov 2017 10:54:20 +0000 (12:54 +0200)] 
DPP: Reject unexpected Req/Resp message based on Auth/PKEX role

This prevents issues where an unexpected message in the DPP
Authentication exchange or PKEX could result in undefined behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP Authentication Response retries
Jouni Malinen [Mon, 13 Nov 2017 10:33:45 +0000 (12:33 +0200)] 
tests: DPP Authentication Response retries

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Retransmit DPP Authentication Response frame if it is not ACKed
Jouni Malinen [Mon, 13 Nov 2017 10:34:17 +0000 (12:34 +0200)] 
DPP: Retransmit DPP Authentication Response frame if it is not ACKed

This extends wpa_supplicant DPP implementation to retransmit DPP
Authentication Response frame every 10 seconds up to 5 times if the peer
does not reply with DPP Authentication Confirm frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Stop authentication exchange of DPP_STOP_LISTEN
Jouni Malinen [Mon, 13 Nov 2017 10:12:08 +0000 (12:12 +0200)] 
DPP: Stop authentication exchange of DPP_STOP_LISTEN

Previously, this command stopped listen operation immediately, but if
there was an ongoing authentication exchange, a new listen operation was
started. This is not really expected behavior, so stop the
authentication exchange first with this command to avoid restarting
listen operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agotests: DPP with Initiator in either role
Jouni Malinen [Mon, 13 Nov 2017 09:29:21 +0000 (11:29 +0200)] 
tests: DPP with Initiator in either role

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
7 years agoDPP: Allowed initiator to indicate either role
Jouni Malinen [Mon, 13 Nov 2017 09:29:45 +0000 (11:29 +0200)] 
DPP: Allowed initiator to indicate either role

The new role=either parameter can now be used with DPP_AUTH_INIT to
indicate that the initiator can take either the Configurator or Enrollee
role.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>