*/
#include "utils/includes.h"
+#include <openssl/opensslv.h>
#include <openssl/err.h>
#include "utils/common.h"
#include "utils/base64.h"
+#include "utils/json.h"
#include "common/ieee802_11_common.h"
#include "common/ieee802_11_defs.h"
#include "common/wpa_ctrl.h"
#include "dpp.h"
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+/* Compatibility wrappers for older versions. */
+
+static int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
+{
+ sig->r = r;
+ sig->s = s;
+ return 1;
+}
+
+
+static void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr,
+ const BIGNUM **ps)
+{
+ if (pr)
+ *pr = sig->r;
+ if (ps)
+ *ps = sig->s;
+}
+
+#endif
+
+
static const struct dpp_curve_params dpp_curves[] = {
/* The mandatory to support and the default NIST P-256 curve needs to
* be the first entry on this list. */
}
+static const struct dpp_curve_params *
+dpp_get_curve_jwk_crv(const char *name)
+{
+ int i;
+
+ for (i = 0; dpp_curves[i].name; i++) {
+ if (dpp_curves[i].jwk_crv &&
+ os_strcmp(name, dpp_curves[i].jwk_crv) == 0)
+ return &dpp_curves[i];
+ }
+ return NULL;
+}
+
+
static EVP_PKEY * dpp_set_keypair(const struct dpp_curve_params **curve,
const u8 *privkey, size_t privkey_len)
{
}
+struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
+ const char *json)
+{
+ size_t nonce_len;
+ size_t json_len, clear_len;
+ struct wpabuf *clear = NULL, *msg = NULL;
+ u8 *wrapped;
+
+ wpa_printf(MSG_DEBUG, "DPP: Build configuration request");
+
+ nonce_len = auth->curve->nonce_len;
+ if (random_get_bytes(auth->e_nonce, nonce_len)) {
+ wpa_printf(MSG_ERROR, "DPP: Failed to generate E-nonce");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", auth->e_nonce, nonce_len);
+ json_len = os_strlen(json);
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: configAttr JSON", json, json_len);
+
+ /* { E-nonce, configAttrib }ke */
+ clear_len = 4 + nonce_len + 4 + json_len;
+ clear = wpabuf_alloc(clear_len);
+ msg = wpabuf_alloc(4 + clear_len + AES_BLOCK_SIZE);
+ if (!clear || !msg)
+ goto fail;
+
+ /* E-nonce */
+ wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
+ wpabuf_put_le16(clear, nonce_len);
+ wpabuf_put_data(clear, auth->e_nonce, nonce_len);
+
+ /* configAttrib */
+ wpabuf_put_le16(clear, DPP_ATTR_CONFIG_ATTR_OBJ);
+ wpabuf_put_le16(clear, json_len);
+ wpabuf_put_data(clear, json, json_len);
+
+ wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
+ wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
+ wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
+
+ /* No AES-SIV AD */
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
+ if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
+ wpabuf_head(clear), wpabuf_len(clear),
+ 0, NULL, NULL, wrapped) < 0)
+ goto fail;
+ wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
+ wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
+
+ wpa_hexdump_buf(MSG_DEBUG,
+ "DPP: Configuration Request frame attributes", msg);
+ wpabuf_free(clear);
+ return msg;
+
+fail:
+ wpabuf_free(clear);
+ wpabuf_free(msg);
+ return NULL;
+}
+
+
static void dpp_auth_success(struct dpp_authentication *auth)
{
wpa_printf(MSG_DEBUG,
}
+void dpp_configuration_free(struct dpp_configuration *conf)
+{
+ if (!conf)
+ return;
+ str_clear_free(conf->passphrase);
+ bin_clear_free(conf, sizeof(*conf));
+}
+
+
void dpp_auth_deinit(struct dpp_authentication *auth)
{
if (!auth)
return;
+ dpp_configuration_free(auth->conf_ap);
+ dpp_configuration_free(auth->conf_sta);
EVP_PKEY_free(auth->own_protocol_key);
EVP_PKEY_free(auth->peer_protocol_key);
wpabuf_free(auth->req_attr);
wpabuf_free(auth->resp_attr);
+ wpabuf_free(auth->conf_req);
+ os_free(auth->connector);
+ wpabuf_free(auth->net_access_key);
+ wpabuf_free(auth->c_sign_key);
+#ifdef CONFIG_TESTING_OPTIONS
+ os_free(auth->config_obj_override);
+ os_free(auth->discovery_override);
+ os_free(auth->groups_override);
+ os_free(auth->devices_override);
+#endif /* CONFIG_TESTING_OPTIONS */
bin_clear_free(auth, sizeof(*auth));
}
+
+
+static struct wpabuf *
+dpp_build_conf_start(struct dpp_authentication *auth,
+ struct dpp_configuration *conf, size_t tailroom)
+{
+ struct wpabuf *buf;
+ char ssid[6 * sizeof(conf->ssid) + 1];
+
+#ifdef CONFIG_TESTING_OPTIONS
+ if (auth->discovery_override)
+ tailroom += os_strlen(auth->discovery_override);
+#endif /* CONFIG_TESTING_OPTIONS */
+
+ buf = wpabuf_alloc(200 + tailroom);
+ if (!buf)
+ return NULL;
+ wpabuf_put_str(buf, "{\"wi-fi_tech\":\"infra\",\"discovery\":");
+#ifdef CONFIG_TESTING_OPTIONS
+ if (auth->discovery_override) {
+ wpa_printf(MSG_DEBUG, "DPP: TESTING - discovery override: '%s'",
+ auth->discovery_override);
+ wpabuf_put_str(buf, auth->discovery_override);
+ wpabuf_put_u8(buf, ',');
+ return buf;
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+ wpabuf_put_str(buf, "{\"ssid\":\"");
+ json_escape_string(ssid, sizeof(ssid),
+ (const char *) conf->ssid, conf->ssid_len);
+ wpabuf_put_str(buf, ssid);
+ wpabuf_put_str(buf, "\"");
+ /* TODO: optional channel information */
+ wpabuf_put_str(buf, "},");
+
+ return buf;
+}
+
+
+static int dpp_bn2bin_pad(const BIGNUM *bn, u8 *pos, size_t len)
+{
+ int num_bytes, offset;
+
+ num_bytes = BN_num_bytes(bn);
+ if ((size_t) num_bytes > len)
+ return -1;
+ offset = len - num_bytes;
+ os_memset(pos, 0, offset);
+ BN_bn2bin(bn, pos + offset);
+ return 0;
+}
+
+
+static int dpp_build_jwk(struct wpabuf *buf, const char *name, EVP_PKEY *key,
+ const char *kid, const struct dpp_curve_params *curve)
+{
+ struct wpabuf *pub;
+ const u8 *pos;
+ char *x = NULL, *y = NULL;
+ int ret = -1;
+
+ pub = dpp_get_pubkey_point(key, 0);
+ if (!pub)
+ goto fail;
+ pos = wpabuf_head(pub);
+ x = (char *) base64_url_encode(pos, curve->prime_len, NULL, 0);
+ pos += curve->prime_len;
+ y = (char *) base64_url_encode(pos, curve->prime_len, NULL, 0);
+
+ wpabuf_put_str(buf, "\"");
+ wpabuf_put_str(buf, name);
+ wpabuf_put_str(buf, "\":{\"kty\":\"EC\",\"crv\":\"");
+ wpabuf_put_str(buf, curve->jwk_crv);
+ wpabuf_put_str(buf, "\",\"x\":\"");
+ wpabuf_put_str(buf, x);
+ wpabuf_put_str(buf, "\",\"y\":\"");
+ wpabuf_put_str(buf, y);
+ if (kid) {
+ wpabuf_put_str(buf, "\",\"kid\":\"");
+ wpabuf_put_str(buf, kid);
+ }
+ wpabuf_put_str(buf, "\"}");
+ ret = 0;
+out:
+ wpabuf_free(pub);
+ os_free(x);
+ os_free(y);
+ return ret;
+fail:
+ goto out;
+}
+
+
+static struct wpabuf *
+dpp_build_conf_obj_dpp(struct dpp_authentication *auth, int ap,
+ struct dpp_configuration *conf)
+{
+ struct wpabuf *buf = NULL;
+ char *signed1 = NULL, *signed2 = NULL, *signed3 = NULL;
+ size_t tailroom;
+ const struct dpp_curve_params *curve;
+ char jws_prot_hdr[100];
+ size_t signed1_len, signed2_len, signed3_len;
+ struct wpabuf *dppcon = NULL;
+ unsigned char *signature = NULL;
+ const unsigned char *p;
+ size_t signature_len;
+ EVP_MD_CTX *md_ctx = NULL;
+ ECDSA_SIG *sig = NULL;
+ char *dot = ".";
+ const char *alg;
+ const EVP_MD *sign_md;
+ const BIGNUM *r, *s;
+ size_t extra_len = 1000;
+
+ if (!auth->conf) {
+ wpa_printf(MSG_INFO,
+ "DPP: No configurator specified - cannot generate DPP config object");
+ goto fail;
+ }
+ curve = auth->conf->curve;
+ if (curve->hash_len == SHA256_MAC_LEN) {
+ alg = "ES256";
+ sign_md = EVP_sha256();
+ } else if (curve->hash_len == SHA384_MAC_LEN) {
+ alg = "ES384";
+ sign_md = EVP_sha384();
+ } else if (curve->hash_len == SHA512_MAC_LEN) {
+ alg = "ES512";
+ sign_md = EVP_sha512();
+ } else {
+ wpa_printf(MSG_DEBUG, "DPP: Unknown signature algorithm");
+ goto fail;
+ }
+
+#ifdef CONFIG_TESTING_OPTIONS
+ if (auth->groups_override)
+ extra_len += os_strlen(auth->groups_override);
+ if (auth->devices_override)
+ extra_len += os_strlen(auth->devices_override);
+#endif /* CONFIG_TESTING_OPTIONS */
+
+ /* Connector (JSON dppCon object) */
+ dppcon = wpabuf_alloc(extra_len + 2 * auth->curve->prime_len * 4 / 3);
+ if (!dppcon)
+ goto fail;
+#ifdef CONFIG_TESTING_OPTIONS
+ if (auth->groups_override || auth->devices_override) {
+ wpabuf_put_u8(dppcon, '{');
+ if (auth->groups_override) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: TESTING - groups override: '%s'",
+ auth->groups_override);
+ wpabuf_put_str(dppcon, "\"groups\":");
+ wpabuf_put_str(dppcon, auth->groups_override);
+ wpabuf_put_u8(dppcon, ',');
+ }
+ if (auth->devices_override) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: TESTING - devices override: '%s'",
+ auth->devices_override);
+ wpabuf_put_str(dppcon, "\"devices\":");
+ wpabuf_put_str(dppcon, auth->devices_override);
+ wpabuf_put_u8(dppcon, ',');
+ }
+ goto skip_groups;
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+ wpabuf_put_str(dppcon, "{\"groups\":[{\"groupId\":\"*\",");
+ wpabuf_printf(dppcon, "\"netRole\":\"%s\"}],", ap ? "ap" : "sta");
+#ifdef CONFIG_TESTING_OPTIONS
+skip_groups:
+#endif /* CONFIG_TESTING_OPTIONS */
+ if (dpp_build_jwk(dppcon, "netAccessKey", auth->peer_protocol_key, NULL,
+ auth->curve) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Failed to build netAccessKey JWK");
+ goto fail;
+ }
+ if (conf->netaccesskey_expiry) {
+ struct os_tm tm;
+
+ if (os_gmtime(conf->netaccesskey_expiry, &tm) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to generate expiry string");
+ goto fail;
+ }
+ wpabuf_printf(dppcon,
+ ",\"expiry\":\"%04u-%02u-%02uT%02u:%02u:%02uZ\"",
+ tm.year, tm.month, tm.day,
+ tm.hour, tm.min, tm.sec);
+ }
+ wpabuf_put_u8(dppcon, '}');
+ wpa_printf(MSG_DEBUG, "DPP: dppCon: %s",
+ (const char *) wpabuf_head(dppcon));
+
+ os_snprintf(jws_prot_hdr, sizeof(jws_prot_hdr),
+ "{\"typ\":\"dppCon\",\"kid\":\"%s\",\"alg\":\"%s\"}",
+ auth->conf->kid, alg);
+ signed1 = (char *) base64_url_encode((unsigned char *) jws_prot_hdr,
+ os_strlen(jws_prot_hdr),
+ &signed1_len, 0);
+ signed2 = (char *) base64_url_encode(wpabuf_head(dppcon),
+ wpabuf_len(dppcon),
+ &signed2_len, 0);
+ if (!signed1 || !signed2)
+ goto fail;
+
+ md_ctx = EVP_MD_CTX_create();
+ if (!md_ctx)
+ goto fail;
+
+ ERR_clear_error();
+ if (EVP_DigestSignInit(md_ctx, NULL, sign_md, NULL,
+ auth->conf->csign) != 1) {
+ wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignInit failed: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+ if (EVP_DigestSignUpdate(md_ctx, signed1, signed1_len) != 1 ||
+ EVP_DigestSignUpdate(md_ctx, dot, 1) != 1 ||
+ EVP_DigestSignUpdate(md_ctx, signed2, signed2_len) != 1) {
+ wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignUpdate failed: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+ if (EVP_DigestSignFinal(md_ctx, NULL, &signature_len) != 1) {
+ wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignFinal failed: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+ signature = os_malloc(signature_len);
+ if (!signature)
+ goto fail;
+ if (EVP_DigestSignFinal(md_ctx, signature, &signature_len) != 1) {
+ wpa_printf(MSG_DEBUG, "DPP: EVP_DigestSignFinal failed: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: signedConnector ECDSA signature (DER)",
+ signature, signature_len);
+ /* Convert to raw coordinates r,s */
+ p = signature;
+ sig = d2i_ECDSA_SIG(NULL, &p, signature_len);
+ if (!sig)
+ goto fail;
+ ECDSA_SIG_get0(sig, &r, &s);
+ if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 ||
+ dpp_bn2bin_pad(s, signature + curve->prime_len,
+ curve->prime_len) < 0)
+ goto fail;
+ signature_len = 2 * curve->prime_len;
+ wpa_hexdump(MSG_DEBUG, "DPP: signedConnector ECDSA signature (raw r,s)",
+ signature, signature_len);
+ signed3 = (char *) base64_url_encode(signature, signature_len,
+ &signed3_len, 0);
+ if (!signed3)
+ goto fail;
+
+ tailroom = 1000;
+ tailroom += 2 * curve->prime_len * 4 / 3 + os_strlen(auth->conf->kid);
+ tailroom += signed1_len + signed2_len + signed3_len;
+ buf = dpp_build_conf_start(auth, conf, tailroom);
+ if (!buf)
+ return NULL;
+
+ wpabuf_put_str(buf, "\"cred\":{\"akm\":\"dpp\",\"signedConnector\":\"");
+ wpabuf_put_str(buf, signed1);
+ wpabuf_put_u8(buf, '.');
+ wpabuf_put_str(buf, signed2);
+ wpabuf_put_u8(buf, '.');
+ wpabuf_put_str(buf, signed3);
+ wpabuf_put_str(buf, "\",");
+ if (dpp_build_jwk(buf, "csign", auth->conf->csign, auth->conf->kid,
+ curve) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Failed to build csign JWK");
+ goto fail;
+ }
+ if (auth->conf->csign_expiry) {
+ struct os_tm tm;
+
+ if (os_gmtime(auth->conf->csign_expiry, &tm) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to generate expiry string");
+ goto fail;
+ }
+ wpabuf_printf(buf,
+ ",\"expiry\":\"%04u-%02u-%02uT%02u:%02u:%02uZ\"",
+ tm.year, tm.month, tm.day,
+ tm.hour, tm.min, tm.sec);
+ }
+
+ wpabuf_put_str(buf, "}}");
+
+ wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object",
+ wpabuf_head(buf), wpabuf_len(buf));
+
+out:
+ EVP_MD_CTX_destroy(md_ctx);
+ ECDSA_SIG_free(sig);
+ os_free(signed1);
+ os_free(signed2);
+ os_free(signed3);
+ os_free(signature);
+ wpabuf_free(dppcon);
+ return buf;
+fail:
+ wpa_printf(MSG_DEBUG, "DPP: Failed to build configuration object");
+ wpabuf_free(buf);
+ buf = NULL;
+ goto out;
+}
+
+
+static struct wpabuf *
+dpp_build_conf_obj_legacy(struct dpp_authentication *auth, int ap,
+ struct dpp_configuration *conf)
+{
+ struct wpabuf *buf;
+
+ buf = dpp_build_conf_start(auth, conf, 1000);
+ if (!buf)
+ return NULL;
+
+ wpabuf_put_str(buf, "\"cred\":{\"akm\":\"psk\",");
+ if (conf->passphrase) {
+ char pass[63 * 6 + 1];
+
+ if (os_strlen(conf->passphrase) > 63) {
+ wpabuf_free(buf);
+ return NULL;
+ }
+
+ json_escape_string(pass, sizeof(pass), conf->passphrase,
+ os_strlen(conf->passphrase));
+ wpabuf_put_str(buf, "\"pass\":\"");
+ wpabuf_put_str(buf, pass);
+ wpabuf_put_str(buf, "\"");
+ } else {
+ char psk[2 * sizeof(conf->psk) + 1];
+
+ wpa_snprintf_hex(psk, sizeof(psk),
+ conf->psk, sizeof(conf->psk));
+ wpabuf_put_str(buf, "\"psk_hex\":\"");
+ wpabuf_put_str(buf, psk);
+ wpabuf_put_str(buf, "\"");
+ }
+ wpabuf_put_str(buf, "}}");
+
+ wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object (legacy)",
+ wpabuf_head(buf), wpabuf_len(buf));
+
+ return buf;
+}
+
+
+static struct wpabuf *
+dpp_build_conf_obj(struct dpp_authentication *auth, int ap)
+{
+ struct dpp_configuration *conf;
+
+#ifdef CONFIG_TESTING_OPTIONS
+ if (auth->config_obj_override) {
+ wpa_printf(MSG_DEBUG, "DPP: Testing - Config Object override");
+ return wpabuf_alloc_copy(auth->config_obj_override,
+ os_strlen(auth->config_obj_override));
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+
+ conf = ap ? auth->conf_ap : auth->conf_sta;
+ if (!conf) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: No configuration available for Enrollee(%s) - reject configuration request",
+ ap ? "ap" : "sta");
+ return NULL;
+ }
+
+ if (conf->dpp)
+ return dpp_build_conf_obj_dpp(auth, ap, conf);
+ return dpp_build_conf_obj_legacy(auth, ap, conf);
+}
+
+
+static struct wpabuf *
+dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce,
+ u16 e_nonce_len, int ap)
+{
+ struct wpabuf *conf;
+ size_t clear_len;
+ struct wpabuf *clear = NULL, *msg = NULL;
+ u8 *wrapped;
+ const u8 *addr[1];
+ size_t len[1];
+ enum dpp_status_error status;
+
+ conf = dpp_build_conf_obj(auth, ap);
+ if (conf) {
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON",
+ wpabuf_head(conf), wpabuf_len(conf));
+ }
+ status = conf ? DPP_STATUS_OK : DPP_STATUS_CONFIGURE_FAILURE;
+
+ /* { E-nonce, configurationObject}ke */
+ clear_len = 4 + e_nonce_len;
+ if (conf)
+ clear_len += 4 + wpabuf_len(conf);
+ clear = wpabuf_alloc(clear_len);
+ msg = wpabuf_alloc(4 + 1 + 4 + clear_len + AES_BLOCK_SIZE);
+ if (!clear || !msg)
+ goto fail;
+
+ /* E-nonce */
+ wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
+ wpabuf_put_le16(clear, e_nonce_len);
+ wpabuf_put_data(clear, e_nonce, e_nonce_len);
+
+ if (conf) {
+ wpabuf_put_le16(clear, DPP_ATTR_CONFIG_OBJ);
+ wpabuf_put_le16(clear, wpabuf_len(conf));
+ wpabuf_put_buf(clear, conf);
+ wpabuf_free(conf);
+ conf = NULL;
+ }
+
+ /* DPP Status */
+ wpabuf_put_le16(msg, DPP_ATTR_STATUS);
+ wpabuf_put_le16(msg, 1);
+ wpabuf_put_u8(msg, status);
+
+ addr[0] = wpabuf_head(msg);
+ len[0] = wpabuf_len(msg);
+ wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
+
+ wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
+ wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
+ wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
+
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
+ if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
+ wpabuf_head(clear), wpabuf_len(clear),
+ 1, addr, len, wrapped) < 0)
+ goto fail;
+ wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
+ wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
+ wpabuf_free(clear);
+ clear = NULL;
+
+ wpa_hexdump_buf(MSG_DEBUG,
+ "DPP: Configuration Response attributes", msg);
+ return msg;
+fail:
+ wpabuf_free(conf);
+ wpabuf_free(clear);
+ wpabuf_free(msg);
+ return NULL;
+}
+
+
+struct wpabuf *
+dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
+ size_t attr_len)
+{
+ const u8 *wrapped_data, *e_nonce, *config_attr;
+ u16 wrapped_data_len, e_nonce_len, config_attr_len;
+ u8 *unwrapped = NULL;
+ size_t unwrapped_len = 0;
+ struct wpabuf *resp = NULL;
+ struct json_token *root = NULL, *token;
+ int ap;
+
+ if (dpp_check_attrs(attr_start, attr_len) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid attribute in config request");
+ return NULL;
+ }
+
+ wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
+ &wrapped_data_len);
+ if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid required Wrapped data attribute");
+ return NULL;
+ }
+
+ wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
+ wrapped_data, wrapped_data_len);
+ unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
+ unwrapped = os_malloc(unwrapped_len);
+ if (!unwrapped)
+ return NULL;
+ if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
+ wrapped_data, wrapped_data_len,
+ 0, NULL, NULL, unwrapped) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: AES-SIV decryption failed");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
+ unwrapped, unwrapped_len);
+
+ if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid attribute in unwrapped data");
+ goto fail;
+ }
+
+ e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_ENROLLEE_NONCE,
+ &e_nonce_len);
+ if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid Enrollee Nonce attribute");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
+
+ config_attr = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_CONFIG_ATTR_OBJ,
+ &config_attr_len);
+ if (!config_attr) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid Config Attributes attribute");
+ goto fail;
+ }
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: Config Attributes",
+ config_attr, config_attr_len);
+
+ root = json_parse((const char *) config_attr, config_attr_len);
+ if (!root) {
+ wpa_printf(MSG_DEBUG, "DPP: Could not parse Config Attributes");
+ goto fail;
+ }
+
+ token = json_get_member(root, "name");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No Config Attributes - name");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: Enrollee name = '%s'", token->string);
+
+ token = json_get_member(root, "wi-fi_tech");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No Config Attributes - wi-fi_tech");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: wi-fi_tech = '%s'", token->string);
+ if (os_strcmp(token->string, "infra") != 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech '%s'",
+ token->string);
+ goto fail;
+ }
+
+ token = json_get_member(root, "netRole");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No Config Attributes - netRole");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: netRole = '%s'", token->string);
+ if (os_strcmp(token->string, "sta") == 0) {
+ ap = 0;
+ } else if (os_strcmp(token->string, "ap") == 0) {
+ ap = 1;
+ } else {
+ wpa_printf(MSG_DEBUG, "DPP: Unsupported netRole '%s'",
+ token->string);
+ goto fail;
+ }
+
+ resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, ap);
+
+fail:
+ json_free(root);
+ os_free(unwrapped);
+ return resp;
+}
+
+
+static struct wpabuf *
+dpp_parse_jws_prot_hdr(const u8 *prot_hdr, u16 prot_hdr_len,
+ const EVP_MD **ret_md)
+{
+ struct json_token *root, *token;
+ struct wpabuf *kid = NULL;
+
+ root = json_parse((const char *) prot_hdr, prot_hdr_len);
+ if (!root) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: JSON parsing failed for JWS Protected Header");
+ goto fail;
+ }
+
+ if (root->type != JSON_OBJECT) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: JWS Protected Header root is not an object");
+ goto fail;
+ }
+
+ token = json_get_member(root, "typ");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No typ string value found");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: JWS Protected Header typ=%s",
+ token->string);
+ if (os_strcmp(token->string, "dppCon") != 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unsupported JWS Protected Header typ=%s",
+ token->string);
+ goto fail;
+ }
+
+ token = json_get_member(root, "alg");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No alg string value found");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: JWS Protected Header alg=%s",
+ token->string);
+ if (os_strcmp(token->string, "ES256") == 0)
+ *ret_md = EVP_sha256();
+ else if (os_strcmp(token->string, "ES384") == 0)
+ *ret_md = EVP_sha384();
+ else if (os_strcmp(token->string, "ES512") == 0)
+ *ret_md = EVP_sha512();
+ else
+ *ret_md = NULL;
+ if (!*ret_md) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unsupported JWS Protected Header alg=%s",
+ token->string);
+ goto fail;
+ }
+
+ kid = json_get_member_base64url(root, "kid");
+ if (!kid) {
+ wpa_printf(MSG_DEBUG, "DPP: No kid string value found");
+ goto fail;
+ }
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: JWS Protected Header kid (decoded)",
+ kid);
+
+fail:
+ json_free(root);
+ return kid;
+}
+
+
+static int dpp_parse_cred_legacy(struct dpp_authentication *auth,
+ struct json_token *cred)
+{
+ struct json_token *pass, *psk_hex;
+ u8 psk[32];
+
+ wpa_printf(MSG_DEBUG, "DPP: Legacy akm=psk credential");
+
+ pass = json_get_member(cred, "pass");
+ psk_hex = json_get_member(cred, "psk_hex");
+
+ if (pass && pass->type == JSON_STRING) {
+ wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Legacy passphrase",
+ pass->string, os_strlen(pass->string));
+ } else if (psk_hex && psk_hex->type == JSON_STRING) {
+ if (os_strlen(psk_hex->string) != sizeof(psk) * 2 ||
+ hexstr2bin(psk_hex->string, psk, sizeof(psk)) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Invalid psk_hex encoding");
+ return -1;
+ }
+ wpa_hexdump_key(MSG_DEBUG, "DPP: Legacy PSK", psk, sizeof(psk));
+ os_memset(psk, 0, sizeof(psk));
+ } else {
+ wpa_printf(MSG_DEBUG, "DPP: No pass or psk_hex strings found");
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static EVP_PKEY * dpp_parse_jwk(struct json_token *jwk,
+ const struct dpp_curve_params **key_curve)
+{
+ struct json_token *token;
+ const struct dpp_curve_params *curve;
+ struct wpabuf *x = NULL, *y = NULL;
+ EC_GROUP *group;
+ EVP_PKEY *pkey = NULL;
+
+ token = json_get_member(jwk, "kty");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No kty in JWK");
+ goto fail;
+ }
+ if (os_strcmp(token->string, "EC") != 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Unexpected JWK kty '%s",
+ token->string);
+ goto fail;
+ }
+
+ token = json_get_member(jwk, "crv");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No crv in JWK");
+ goto fail;
+ }
+ curve = dpp_get_curve_jwk_crv(token->string);
+ if (!curve) {
+ wpa_printf(MSG_DEBUG, "DPP: Unsupported JWK crv '%s'",
+ token->string);
+ goto fail;
+ }
+
+ x = json_get_member_base64url(jwk, "x");
+ if (!x) {
+ wpa_printf(MSG_DEBUG, "DPP: No x in JWK");
+ goto fail;
+ }
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: C-sign x", x);
+ if (wpabuf_len(x) != curve->prime_len) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unexpected C-sign x length %u (expected %u for curve %s)",
+ (unsigned int) wpabuf_len(x),
+ (unsigned int) curve->prime_len, curve->name);
+ goto fail;
+ }
+
+ y = json_get_member_base64url(jwk, "y");
+ if (!y) {
+ wpa_printf(MSG_DEBUG, "DPP: No y in JWK");
+ goto fail;
+ }
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: C-sign y", y);
+ if (wpabuf_len(y) != curve->prime_len) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unexpected C-sign y length %u (expected %u for curve %s)",
+ (unsigned int) wpabuf_len(y),
+ (unsigned int) curve->prime_len, curve->name);
+ goto fail;
+ }
+
+ group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name));
+ if (!group) {
+ wpa_printf(MSG_DEBUG, "DPP: Could not prepare group for JWK");
+ goto fail;
+ }
+
+ pkey = dpp_set_pubkey_point_group(group, wpabuf_head(x), wpabuf_head(y),
+ wpabuf_len(x));
+ *key_curve = curve;
+
+fail:
+ wpabuf_free(x);
+ wpabuf_free(y);
+
+ return pkey;
+}
+
+
+int dpp_key_expired(const char *timestamp, os_time_t *expiry)
+{
+ struct os_time now;
+ unsigned int year, month, day, hour, min, sec;
+ os_time_t utime;
+ const char *pos;
+
+ /* ISO 8601 date and time:
+ * <date>T<time>
+ * YYYY-MM-DDTHH:MM:SSZ
+ * YYYY-MM-DDTHH:MM:SS+03:00
+ */
+ if (os_strlen(timestamp) < 19) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Too short timestamp - assume expired key");
+ return 1;
+ }
+ if (sscanf(timestamp, "%04u-%02u-%02uT%02u:%02u:%02u",
+ &year, &month, &day, &hour, &min, &sec) != 6) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to parse expiration day - assume expired key");
+ return 1;
+ }
+
+ if (os_mktime(year, month, day, hour, min, sec, &utime) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid date/time information - assume expired key");
+ return 1;
+ }
+
+ pos = timestamp + 19;
+ if (*pos == 'Z' || *pos == '\0') {
+ /* In UTC - no need to adjust */
+ } else if (*pos == '-' || *pos == '+') {
+ int items;
+
+ /* Adjust local time to UTC */
+ items = sscanf(pos + 1, "%02u:%02u", &hour, &min);
+ if (items < 1) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid time zone designator (%s) - assume expired key",
+ pos);
+ return 1;
+ }
+ if (*pos == '-')
+ utime += 3600 * hour;
+ if (*pos == '+')
+ utime -= 3600 * hour;
+ if (items > 1) {
+ if (*pos == '-')
+ utime += 60 * min;
+ if (*pos == '+')
+ utime -= 60 * min;
+ }
+ } else {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid time zone designator (%s) - assume expired key",
+ pos);
+ return 1;
+ }
+ if (expiry)
+ *expiry = utime;
+
+ if (os_get_time(&now) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Cannot get current time - assume expired key");
+ return 1;
+ }
+
+ if (now.sec > utime) {
+ wpa_printf(MSG_DEBUG, "DPP: Key has expired (%lu < %lu)",
+ utime, now.sec);
+ return 1;
+ }
+
+ return 0;
+}
+
+
+static int dpp_parse_connector(struct dpp_authentication *auth,
+ const unsigned char *payload,
+ u16 payload_len)
+{
+ struct json_token *root, *groups, *devices, *netkey, *token;
+ int ret = -1;
+ EVP_PKEY *key = NULL;
+ const struct dpp_curve_params *curve;
+ unsigned int rules = 0;
+
+ root = json_parse((const char *) payload, payload_len);
+ if (!root) {
+ wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed");
+ goto fail;
+ }
+
+ groups = json_get_member(root, "groups");
+ if (!groups || groups->type != JSON_ARRAY) {
+ wpa_printf(MSG_DEBUG, "DPP: No groups array found");
+ goto skip_groups;
+ }
+ for (token = groups->child; token; token = token->sibling) {
+ struct json_token *id, *role;
+
+ id = json_get_member(token, "groupId");
+ if (!id || id->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: Missing groupId string");
+ goto fail;
+ }
+
+ role = json_get_member(token, "netRole");
+ if (!role || role->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: Missing netRole string");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG,
+ "DPP: connector group: groupId='%s' netRole='%s'",
+ id->string, role->string);
+ rules++;
+ }
+skip_groups:
+
+ devices = json_get_member(root, "devices");
+ if (!devices || devices->type != JSON_ARRAY) {
+ wpa_printf(MSG_DEBUG, "DPP: No devices array found");
+ goto skip_devices;
+ }
+ for (token = devices->child; token; token = token->sibling) {
+ struct wpabuf *id;
+ struct json_token *role;
+
+ id = json_get_member_base64url(token, "deviceId");
+ if (!id) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid deviceId string");
+ goto fail;
+ }
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: deviceId", id);
+ if (wpabuf_len(id) != SHA256_MAC_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unexpected deviceId length");
+ wpabuf_free(id);
+ goto fail;
+ }
+ wpabuf_free(id);
+
+ role = json_get_member(token, "netRole");
+ if (!role || role->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: Missing netRole string");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: connector device netRole='%s'",
+ role->string);
+ rules++;
+ }
+
+skip_devices:
+ if (!rules) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Connector includes no groups or devices");
+ goto fail;
+ }
+
+ token = json_get_member(root, "expiry");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: No expiry string found - connector does not expire");
+ } else {
+ wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
+ if (dpp_key_expired(token->string,
+ &auth->net_access_key_expiry)) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Connector (netAccessKey) has expired");
+ goto fail;
+ }
+ }
+
+ netkey = json_get_member(root, "netAccessKey");
+ if (!netkey || netkey->type != JSON_OBJECT) {
+ wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found");
+ goto fail;
+ }
+
+ key = dpp_parse_jwk(netkey, &curve);
+ if (!key)
+ goto fail;
+ dpp_debug_print_key("DPP: Received netAccessKey", key);
+
+ if (EVP_PKEY_cmp(key, auth->own_protocol_key) != 1) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: netAccessKey in connector does not match own protocol key");
+#ifdef CONFIG_TESTING_OPTIONS
+ if (auth->ignore_netaccesskey_mismatch) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: TESTING - skip netAccessKey mismatch");
+ } else {
+ goto fail;
+ }
+#else /* CONFIG_TESTING_OPTIONS */
+ goto fail;
+#endif /* CONFIG_TESTING_OPTIONS */
+ }
+
+ ret = 0;
+fail:
+ EVP_PKEY_free(key);
+ json_free(root);
+ return ret;
+}
+
+
+static int dpp_check_pubkey_match(EVP_PKEY *pub, struct wpabuf *r_hash)
+{
+ struct wpabuf *uncomp;
+ int res;
+ u8 hash[SHA256_MAC_LEN];
+ const u8 *addr[1];
+ size_t len[1];
+
+ if (wpabuf_len(r_hash) != SHA256_MAC_LEN)
+ return -1;
+ uncomp = dpp_get_pubkey_point(pub, 1);
+ if (!uncomp)
+ return -1;
+ addr[0] = wpabuf_head(uncomp);
+ len[0] = wpabuf_len(uncomp);
+ wpa_hexdump(MSG_DEBUG, "DPP: Uncompressed public key",
+ addr[0], len[0]);
+ res = sha256_vector(1, addr, len, hash);
+ wpabuf_free(uncomp);
+ if (res < 0)
+ return -1;
+ if (os_memcmp(hash, wpabuf_head(r_hash), SHA256_MAC_LEN) != 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Received hash value does not match calculated public key hash value");
+ wpa_hexdump(MSG_DEBUG, "DPP: Calculated hash",
+ hash, SHA256_MAC_LEN);
+ return -1;
+ }
+ return 0;
+}
+
+
+static void dpp_copy_csign(struct dpp_authentication *auth, EVP_PKEY *csign)
+{
+ unsigned char *der = NULL;
+ int der_len;
+
+ der_len = i2d_PUBKEY(csign, &der);
+ if (der_len <= 0)
+ return;
+ wpabuf_free(auth->c_sign_key);
+ auth->c_sign_key = wpabuf_alloc_copy(der, der_len);
+ OPENSSL_free(der);
+}
+
+
+static void dpp_copy_netaccesskey(struct dpp_authentication *auth)
+{
+ unsigned char *der = NULL;
+ int der_len;
+ EC_KEY *eckey;
+
+ eckey = EVP_PKEY_get1_EC_KEY(auth->own_protocol_key);
+ if (!eckey)
+ return;
+
+ der_len = i2d_ECPrivateKey(eckey, &der);
+ if (der_len <= 0) {
+ EC_KEY_free(eckey);
+ return;
+ }
+ wpabuf_free(auth->net_access_key);
+ auth->net_access_key = wpabuf_alloc_copy(der, der_len);
+ OPENSSL_free(der);
+ EC_KEY_free(eckey);
+}
+
+
+struct dpp_signed_connector_info {
+ unsigned char *payload;
+ size_t payload_len;
+};
+
+static int
+dpp_process_signed_connector(struct dpp_signed_connector_info *info,
+ EVP_PKEY *csign_pub, const char *connector)
+{
+ int ret = -1;
+ const char *pos, *end, *signed_start, *signed_end;
+ struct wpabuf *kid = NULL;
+ unsigned char *prot_hdr = NULL, *signature = NULL;
+ size_t prot_hdr_len = 0, signature_len = 0;
+ const EVP_MD *sign_md = NULL;
+ unsigned char *der = NULL;
+ int der_len;
+ int res;
+ EVP_MD_CTX *md_ctx = NULL;
+ ECDSA_SIG *sig = NULL;
+ BIGNUM *r = NULL, *s = NULL;
+
+ os_memset(info, 0, sizeof(*info));
+
+ signed_start = pos = connector;
+ end = os_strchr(pos, '.');
+ if (!end) {
+ wpa_printf(MSG_DEBUG, "DPP: Missing dot(1) in signedConnector");
+ goto fail;
+ }
+ prot_hdr = base64_url_decode((const unsigned char *) pos,
+ end - pos, &prot_hdr_len);
+ if (!prot_hdr) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to base64url decode signedConnector JWS Protected Header");
+ goto fail;
+ }
+ wpa_hexdump_ascii(MSG_DEBUG,
+ "DPP: signedConnector - JWS Protected Header",
+ prot_hdr, prot_hdr_len);
+ kid = dpp_parse_jws_prot_hdr(prot_hdr, prot_hdr_len, &sign_md);
+ if (!kid)
+ goto fail;
+ if (wpabuf_len(kid) != SHA256_MAC_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unexpected signedConnector JWS Protected Header kid length: %u (expected %u)",
+ (unsigned int) wpabuf_len(kid), SHA256_MAC_LEN);
+ goto fail;
+ }
+
+ pos = end + 1;
+ end = os_strchr(pos, '.');
+ if (!end) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing dot(2) in signedConnector");
+ goto fail;
+ }
+ signed_end = end - 1;
+ info->payload = base64_url_decode((const unsigned char *) pos,
+ end - pos, &info->payload_len);
+ if (!info->payload) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to base64url decode signedConnector JWS Payload");
+ goto fail;
+ }
+ wpa_hexdump_ascii(MSG_DEBUG,
+ "DPP: signedConnector - JWS Payload",
+ info->payload, info->payload_len);
+ pos = end + 1;
+ signature = base64_url_decode((const unsigned char *) pos,
+ os_strlen(pos), &signature_len);
+ if (!signature) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to base64url decode signedConnector signature");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: signedConnector - signature",
+ signature, signature_len);
+
+ if (dpp_check_pubkey_match(csign_pub, kid) < 0)
+ goto fail;
+
+ if (signature_len & 0x01) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unexpected signedConnector signature length (%d)",
+ (int) signature_len);
+ goto fail;
+ }
+
+ /* JWS Signature encodes the signature (r,s) as two octet strings. Need
+ * to convert that to DER encoded ECDSA_SIG for OpenSSL EVP routines. */
+ r = BN_bin2bn(signature, signature_len / 2, NULL);
+ s = BN_bin2bn(signature + signature_len / 2, signature_len / 2, NULL);
+ sig = ECDSA_SIG_new();
+ if (!r || !s || !sig || ECDSA_SIG_set0(sig, r, s) != 1)
+ goto fail;
+ r = NULL;
+ s = NULL;
+
+ der_len = i2d_ECDSA_SIG(sig, &der);
+ if (der_len <= 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Could not DER encode signature");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: DER encoded signature", der, der_len);
+ md_ctx = EVP_MD_CTX_create();
+ if (!md_ctx)
+ goto fail;
+
+ ERR_clear_error();
+ if (EVP_DigestVerifyInit(md_ctx, NULL, sign_md, NULL, csign_pub) != 1) {
+ wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyInit failed: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+ if (EVP_DigestVerifyUpdate(md_ctx, signed_start,
+ signed_end - signed_start + 1) != 1) {
+ wpa_printf(MSG_DEBUG, "DPP: EVP_DigestVerifyUpdate failed: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+ res = EVP_DigestVerifyFinal(md_ctx, der, der_len);
+ if (res != 1) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: EVP_DigestVerifyFinal failed (res=%d): %s",
+ res, ERR_error_string(ERR_get_error(), NULL));
+ goto fail;
+ }
+
+ ret = 0;
+fail:
+ EVP_MD_CTX_destroy(md_ctx);
+ os_free(prot_hdr);
+ wpabuf_free(kid);
+ os_free(signature);
+ ECDSA_SIG_free(sig);
+ BN_free(r);
+ BN_free(s);
+ OPENSSL_free(der);
+ return ret;
+}
+
+
+static int dpp_parse_cred_dpp(struct dpp_authentication *auth,
+ struct json_token *cred)
+{
+ struct dpp_signed_connector_info info;
+ struct json_token *token, *csign;
+ int ret = -1;
+ EVP_PKEY *csign_pub = NULL;
+ const struct dpp_curve_params *key_curve = NULL;
+ const char *signed_connector;
+
+ os_memset(&info, 0, sizeof(info));
+
+ wpa_printf(MSG_DEBUG, "DPP: Connector credential");
+
+ csign = json_get_member(cred, "csign");
+ if (!csign || csign->type != JSON_OBJECT) {
+ wpa_printf(MSG_DEBUG, "DPP: No csign JWK in JSON");
+ goto fail;
+ }
+
+ csign_pub = dpp_parse_jwk(csign, &key_curve);
+ if (!csign_pub) {
+ wpa_printf(MSG_DEBUG, "DPP: Failed to parse csign JWK");
+ goto fail;
+ }
+ dpp_debug_print_key("DPP: Received C-sign-key", csign_pub);
+
+ token = json_get_member(cred, "expiry");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: No expiry string found - C-sign-key does not expire");
+ } else {
+ wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
+ if (dpp_key_expired(token->string, &auth->c_sign_key_expiry)) {
+ wpa_printf(MSG_DEBUG, "DPP: C-sign-key has expired");
+ goto fail;
+ }
+ }
+
+ token = json_get_member(cred, "signedConnector");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No signedConnector string found");
+ goto fail;
+ }
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: signedConnector",
+ token->string, os_strlen(token->string));
+ signed_connector = token->string;
+
+ if (os_strchr(signed_connector, '"') ||
+ os_strchr(signed_connector, '\n')) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Unexpected character in signedConnector");
+ goto fail;
+ }
+
+ if (dpp_process_signed_connector(&info, csign_pub,
+ signed_connector) < 0)
+ goto fail;
+
+ if (dpp_parse_connector(auth, info.payload, info.payload_len) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Failed to parse connector");
+ goto fail;
+ }
+
+ os_free(auth->connector);
+ auth->connector = os_strdup(signed_connector);
+
+ dpp_copy_csign(auth, csign_pub);
+ dpp_copy_netaccesskey(auth);
+
+ ret = 0;
+fail:
+ EVP_PKEY_free(csign_pub);
+ os_free(info.payload);
+ return ret;
+}
+
+
+static int dpp_parse_conf_obj(struct dpp_authentication *auth,
+ const u8 *conf_obj, u16 conf_obj_len)
+{
+ int ret = -1;
+ struct json_token *root, *token, *discovery, *cred;
+
+ root = json_parse((const char *) conf_obj, conf_obj_len);
+ if (!root)
+ return -1;
+ if (root->type != JSON_OBJECT) {
+ wpa_printf(MSG_DEBUG, "DPP: JSON root is not an object");
+ goto fail;
+ }
+
+ token = json_get_member(root, "wi-fi_tech");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG, "DPP: No wi-fi_tech string value found");
+ goto fail;
+ }
+ if (os_strcmp(token->string, "infra") != 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech value: '%s'",
+ token->string);
+ goto fail;
+ }
+
+ discovery = json_get_member(root, "discovery");
+ if (!discovery || discovery->type != JSON_OBJECT) {
+ wpa_printf(MSG_DEBUG, "DPP: No discovery object in JSON");
+ goto fail;
+ }
+
+ token = json_get_member(discovery, "ssid");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: No discovery::ssid string value found");
+ goto fail;
+ }
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: discovery::ssid",
+ token->string, os_strlen(token->string));
+ if (os_strlen(token->string) > SSID_MAX_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Too long discovery::ssid string value");
+ goto fail;
+ }
+ auth->ssid_len = os_strlen(token->string);
+ os_memcpy(auth->ssid, token->string, auth->ssid_len);
+
+ cred = json_get_member(root, "cred");
+ if (!cred || cred->type != JSON_OBJECT) {
+ wpa_printf(MSG_DEBUG, "DPP: No cred object in JSON");
+ goto fail;
+ }
+
+ token = json_get_member(cred, "akm");
+ if (!token || token->type != JSON_STRING) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: No cred::akm string value found");
+ goto fail;
+ }
+ if (os_strcmp(token->string, "psk") == 0) {
+ if (dpp_parse_cred_legacy(auth, cred) < 0)
+ goto fail;
+ } else if (os_strcmp(token->string, "dpp") == 0) {
+ if (dpp_parse_cred_dpp(auth, cred) < 0)
+ goto fail;
+ } else {
+ wpa_printf(MSG_DEBUG, "DPP: Unsupported akm: %s",
+ token->string);
+ goto fail;
+ }
+
+ wpa_printf(MSG_DEBUG, "DPP: JSON parsing completed successfully");
+ ret = 0;
+fail:
+ json_free(root);
+ return ret;
+}
+
+
+int dpp_conf_resp_rx(struct dpp_authentication *auth,
+ const struct wpabuf *resp)
+{
+ const u8 *wrapped_data, *e_nonce, *status, *conf_obj;
+ u16 wrapped_data_len, e_nonce_len, status_len, conf_obj_len;
+ const u8 *addr[1];
+ size_t len[1];
+ u8 *unwrapped = NULL;
+ size_t unwrapped_len = 0;
+ int ret = -1;
+
+ if (dpp_check_attrs(wpabuf_head(resp), wpabuf_len(resp)) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid attribute in config response");
+ return -1;
+ }
+
+ wrapped_data = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp),
+ DPP_ATTR_WRAPPED_DATA,
+ &wrapped_data_len);
+ if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid required Wrapped data attribute");
+ return -1;
+ }
+
+ wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
+ wrapped_data, wrapped_data_len);
+ unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
+ unwrapped = os_malloc(unwrapped_len);
+ if (!unwrapped)
+ return -1;
+
+ addr[0] = wpabuf_head(resp);
+ len[0] = wrapped_data - 4 - (const u8 *) wpabuf_head(resp);
+ wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
+
+ if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
+ wrapped_data, wrapped_data_len,
+ 1, addr, len, unwrapped) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: AES-SIV decryption failed");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
+ unwrapped, unwrapped_len);
+
+ if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Invalid attribute in unwrapped data");
+ goto fail;
+ }
+
+ e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_ENROLLEE_NONCE,
+ &e_nonce_len);
+ if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid Enrollee Nonce attribute");
+ goto fail;
+ }
+ wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
+ if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
+ wpa_printf(MSG_DEBUG, "Enrollee Nonce mismatch");
+ goto fail;
+ }
+
+ status = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp),
+ DPP_ATTR_STATUS, &status_len);
+ if (!status || status_len < 1) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing or invalid required DPP Status attribute");
+ goto fail;
+ }
+ wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]);
+ if (status[0] != DPP_STATUS_OK) {
+ wpa_printf(MSG_DEBUG, "DPP: Configuration failed");
+ goto fail;
+ }
+
+ conf_obj = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_CONFIG_OBJ, &conf_obj_len);
+ if (!conf_obj) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Missing required Configuration Object attribute");
+ goto fail;
+ }
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON",
+ conf_obj, conf_obj_len);
+ if (dpp_parse_conf_obj(auth, conf_obj, conf_obj_len) < 0)
+ goto fail;
+
+ ret = 0;
+
+fail:
+ os_free(unwrapped);
+ return ret;
+}
+
+
+void dpp_configurator_free(struct dpp_configurator *conf)
+{
+ if (!conf)
+ return;
+ EVP_PKEY_free(conf->csign);
+ os_free(conf->kid);
+ os_free(conf);
+}
+
+
+struct dpp_configurator *
+dpp_keygen_configurator(const char *curve, const u8 *privkey,
+ size_t privkey_len)
+{
+ struct dpp_configurator *conf;
+ struct wpabuf *csign_pub = NULL;
+ u8 kid_hash[SHA256_MAC_LEN];
+ const u8 *addr[1];
+ size_t len[1];
+
+ conf = os_zalloc(sizeof(*conf));
+ if (!conf)
+ return NULL;
+
+ if (!curve) {
+ conf->curve = &dpp_curves[0];
+ } else {
+ conf->curve = dpp_get_curve_name(curve);
+ if (!conf->curve) {
+ wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s",
+ curve);
+ return NULL;
+ }
+ }
+ if (privkey)
+ conf->csign = dpp_set_keypair(&conf->curve, privkey,
+ privkey_len);
+ else
+ conf->csign = dpp_gen_keypair(conf->curve);
+ if (!conf->csign)
+ goto fail;
+ conf->own = 1;
+
+ csign_pub = dpp_get_pubkey_point(conf->csign, 1);
+ if (!csign_pub) {
+ wpa_printf(MSG_INFO, "DPP: Failed to extract C-sign-key");
+ goto fail;
+ }
+
+ /* kid = SHA256(ANSI X9.63 uncompressed C-sign-key) */
+ addr[0] = wpabuf_head(csign_pub);
+ len[0] = wpabuf_len(csign_pub);
+ if (sha256_vector(1, addr, len, kid_hash) < 0) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Failed to derive kid for C-sign-key");
+ goto fail;
+ }
+
+ conf->kid = (char *) base64_url_encode(kid_hash, sizeof(kid_hash),
+ NULL, 0);
+ if (!conf->kid)
+ goto fail;
+out:
+ wpabuf_free(csign_pub);
+ return conf;
+fail:
+ dpp_configurator_free(conf);
+ conf = NULL;
+ goto out;
+}
--- /dev/null
+/*
+ * Generic advertisement service (GAS) server
+ * Copyright (c) 2017, Qualcomm Atheros, Inc.
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "includes.h"
+
+#include "utils/common.h"
+#include "utils/list.h"
+#include "utils/eloop.h"
+#include "ieee802_11_defs.h"
+#include "gas.h"
+#include "gas_server.h"
+
+
+#define MAX_ADV_PROTO_ID_LEN 10
+#define GAS_QUERY_TIMEOUT 10
+
+struct gas_server_handler {
+ struct dl_list list;
+ u8 adv_proto_id[MAX_ADV_PROTO_ID_LEN];
+ u8 adv_proto_id_len;
+ struct wpabuf * (*req_cb)(void *ctx, const u8 *sa,
+ const u8 *query, size_t query_len);
+ void (*status_cb)(void *ctx, struct wpabuf *resp, int ok);
+ void *ctx;
+ struct gas_server *gas;
+};
+
+struct gas_server_response {
+ struct dl_list list;
+ size_t offset;
+ u8 frag_id;
+ struct wpabuf *resp;
+ int freq;
+ u8 dst[ETH_ALEN];
+ u8 dialog_token;
+ struct gas_server_handler *handler;
+};
+
+struct gas_server {
+ struct dl_list handlers; /* struct gas_server_handler::list */
+ struct dl_list responses; /* struct gas_server_response::list */
+ void (*tx)(void *ctx, int freq, const u8 *da, struct wpabuf *resp,
+ unsigned int wait_time);
+ void *ctx;
+};
+
+static void gas_server_free_response(struct gas_server_response *response);
+
+
+static void gas_server_response_timeout(void *eloop_ctx, void *user_ctx)
+{
+ struct gas_server_response *response = eloop_ctx;
+
+ wpa_printf(MSG_DEBUG, "GAS: Response @%p timeout for " MACSTR
+ " (dialog_token=%u freq=%d frag_id=%u sent=%lu/%lu) - drop pending data",
+ response, MAC2STR(response->dst), response->dialog_token,
+ response->freq, response->frag_id,
+ (unsigned long) response->offset,
+ (unsigned long) wpabuf_len(response->resp));
+ response->handler->status_cb(response->handler->ctx,
+ response->resp, 0);
+ response->resp = NULL;
+ dl_list_del(&response->list);
+ gas_server_free_response(response);
+}
+
+
+static void gas_server_free_response(struct gas_server_response *response)
+{
+ if (!response)
+ return;
+ wpa_printf(MSG_DEBUG, "DPP: Free GAS response @%p", response);
+ eloop_cancel_timeout(gas_server_response_timeout, response, NULL);
+ wpabuf_free(response->resp);
+ os_free(response);
+}
+
+
+static void
+gas_server_send_resp(struct gas_server *gas, struct gas_server_handler *handler,
+ const u8 *da, int freq, u8 dialog_token,
+ struct wpabuf *query_resp)
+{
+ size_t max_len = (freq > 56160) ? 928 : 1400;
+ size_t hdr_len = 24 + 2 + 5 + 3 + handler->adv_proto_id_len + 2;
+ size_t resp_frag_len;
+ struct wpabuf *resp;
+ u16 comeback_delay;
+ struct gas_server_response *response;
+
+ if (!query_resp)
+ return;
+
+ response = os_zalloc(sizeof(*response));
+ if (!response)
+ return;
+ wpa_printf(MSG_DEBUG, "DPP: Allocated GAS response @%p", response);
+ response->freq = freq;
+ response->handler = handler;
+ os_memcpy(response->dst, da, ETH_ALEN);
+ response->dialog_token = dialog_token;
+ if (hdr_len + wpabuf_len(query_resp) > max_len) {
+ /* Need to use comeback to initiate fragmentation */
+ comeback_delay = 1;
+ resp_frag_len = 0;
+ } else {
+ /* Full response fits into the initial response */
+ comeback_delay = 0;
+ resp_frag_len = wpabuf_len(query_resp);
+ }
+
+ resp = gas_build_initial_resp(dialog_token, WLAN_STATUS_SUCCESS,
+ comeback_delay,
+ handler->adv_proto_id_len +
+ resp_frag_len);
+ if (!resp) {
+ gas_server_free_response(response);
+ return;
+ }
+
+ /* Advertisement Protocol element */
+ wpabuf_put_u8(resp, WLAN_EID_ADV_PROTO);
+ wpabuf_put_u8(resp, 1 + handler->adv_proto_id_len); /* Length */
+ wpabuf_put_u8(resp, 0x7f);
+ /* Advertisement Protocol ID */
+ wpabuf_put_data(resp, handler->adv_proto_id, handler->adv_proto_id_len);
+
+ /* Query Response Length */
+ wpabuf_put_le16(resp, resp_frag_len);
+ if (!comeback_delay)
+ wpabuf_put_buf(resp, query_resp);
+
+ if (comeback_delay) {
+ wpa_printf(MSG_DEBUG,
+ "GAS: Need to fragment query response");
+ } else {
+ wpa_printf(MSG_DEBUG,
+ "GAS: Full query response fits in the GAS Initial Response frame");
+ }
+ response->offset = resp_frag_len;
+ response->resp = query_resp;
+ dl_list_add(&gas->responses, &response->list);
+ gas->tx(gas->ctx, freq, da, resp, comeback_delay ? 2000 : 0);
+ wpabuf_free(resp);
+ eloop_register_timeout(GAS_QUERY_TIMEOUT, 0,
+ gas_server_response_timeout, response, NULL);
+}
+
+
+static int
+gas_server_rx_initial_req(struct gas_server *gas, const u8 *da, const u8 *sa,
+ const u8 *bssid, int freq, u8 dialog_token,
+ const u8 *data, size_t len)
+{
+ const u8 *pos, *end, *adv_proto, *query_req;
+ u8 adv_proto_len;
+ u16 query_req_len;
+ struct gas_server_handler *handler;
+ struct wpabuf *resp;
+
+ wpa_hexdump(MSG_MSGDUMP, "GAS: Received GAS Initial Request frame",
+ data, len);
+ pos = data;
+ end = data + len;
+
+ if (end - pos < 2 || pos[0] != WLAN_EID_ADV_PROTO) {
+ wpa_printf(MSG_DEBUG,
+ "GAS: No Advertisement Protocol element found");
+ return -1;
+ }
+ pos++;
+ adv_proto_len = *pos++;
+ if (end - pos < adv_proto_len || adv_proto_len < 2) {
+ wpa_printf(MSG_DEBUG,
+ "GAS: Truncated Advertisement Protocol element");
+ return -1;
+ }
+
+ adv_proto = pos;
+ pos += adv_proto_len;
+ wpa_hexdump(MSG_MSGDUMP, "GAS: Advertisement Protocol element",
+ adv_proto, adv_proto_len);
+
+ if (end - pos < 2) {
+ wpa_printf(MSG_DEBUG, "GAS: No Query Request Length field");
+ return -1;
+ }
+ query_req_len = WPA_GET_LE16(pos);
+ pos += 2;
+ if (end - pos < query_req_len) {
+ wpa_printf(MSG_DEBUG, "GAS: Truncated Query Request field");
+ return -1;
+ }
+ query_req = pos;
+ pos += query_req_len;
+ wpa_hexdump(MSG_MSGDUMP, "GAS: Query Request",
+ query_req, query_req_len);
+
+ if (pos < end) {
+ wpa_hexdump(MSG_MSGDUMP,
+ "GAS: Ignored extra data after Query Request field",
+ pos, end - pos);
+ }
+
+ dl_list_for_each(handler, &gas->handlers, struct gas_server_handler,
+ list) {
+ if (adv_proto_len < 1 + handler->adv_proto_id_len ||
+ os_memcmp(adv_proto + 1, handler->adv_proto_id,
+ handler->adv_proto_id_len) != 0)
+ continue;
+
+ wpa_printf(MSG_DEBUG,
+ "GAS: Calling handler for the requested Advertisement Protocol ID");
+ resp = handler->req_cb(handler->ctx, sa, query_req,
+ query_req_len);
+ wpa_hexdump_buf(MSG_MSGDUMP, "GAS: Response from the handler",
+ resp);
+ gas_server_send_resp(gas, handler, sa, freq, dialog_token,
+ resp);
+ return 0;
+ }
+
+ wpa_printf(MSG_DEBUG,
+ "GAS: No registered handler for the requested Advertisement Protocol ID");
+ return -1;
+}
+
+
+static void
+gas_server_handle_rx_comeback_req(struct gas_server_response *response)
+{
+ struct gas_server_handler *handler = response->handler;
+ struct gas_server *gas = handler->gas;
+ size_t max_len = (response->freq > 56160) ? 928 : 1400;
+ size_t hdr_len = 24 + 2 + 6 + 3 + handler->adv_proto_id_len + 2;
+ size_t remaining, resp_frag_len;
+ struct wpabuf *resp;
+
+ remaining = wpabuf_len(response->resp) - response->offset;
+ if (hdr_len + remaining > max_len)
+ resp_frag_len = max_len - hdr_len;
+ else
+ resp_frag_len = remaining;
+ wpa_printf(MSG_DEBUG,
+ "GAS: Sending out %u/%u remaining Query Response octets",
+ (unsigned int) resp_frag_len, (unsigned int) remaining);
+
+ resp = gas_build_comeback_resp(response->dialog_token,
+ WLAN_STATUS_SUCCESS,
+ response->frag_id++,
+ resp_frag_len < remaining, 0,
+ handler->adv_proto_id_len +
+ resp_frag_len);
+ if (!resp) {
+ gas_server_free_response(response);
+ return;
+ }
+
+ /* Advertisement Protocol element */
+ wpabuf_put_u8(resp, WLAN_EID_ADV_PROTO);
+ wpabuf_put_u8(resp, 1 + handler->adv_proto_id_len); /* Length */
+ wpabuf_put_u8(resp, 0x7f);
+ /* Advertisement Protocol ID */
+ wpabuf_put_data(resp, handler->adv_proto_id, handler->adv_proto_id_len);
+
+ /* Query Response Length */
+ wpabuf_put_le16(resp, resp_frag_len);
+ wpabuf_put_data(resp, wpabuf_head_u8(response->resp) + response->offset,
+ resp_frag_len);
+
+ response->offset += resp_frag_len;
+
+ gas->tx(gas->ctx, response->freq, response->dst, resp,
+ remaining > resp_frag_len ? 2000 : 0);
+ wpabuf_free(resp);
+}
+
+
+static int
+gas_server_rx_comeback_req(struct gas_server *gas, const u8 *da, const u8 *sa,
+ const u8 *bssid, int freq, u8 dialog_token)
+{
+ struct gas_server_response *response;
+
+ dl_list_for_each(response, &gas->responses, struct gas_server_response,
+ list) {
+ if (response->dialog_token != dialog_token ||
+ os_memcmp(sa, response->dst, ETH_ALEN) != 0)
+ continue;
+ gas_server_handle_rx_comeback_req(response);
+ return 0;
+ }
+
+ wpa_printf(MSG_DEBUG, "GAS: No pending GAS response for " MACSTR
+ " (dialog token %u)", MAC2STR(sa), dialog_token);
+ return -1;
+}
+
+
+/**
+ * gas_query_rx - Indicate reception of a Public Action or Protected Dual frame
+ * @gas: GAS query data from gas_server_init()
+ * @da: Destination MAC address of the Action frame
+ * @sa: Source MAC address of the Action frame
+ * @bssid: BSSID of the Action frame
+ * @categ: Category of the Action frame
+ * @data: Payload of the Action frame
+ * @len: Length of @data
+ * @freq: Frequency (in MHz) on which the frame was received
+ * Returns: 0 if the Public Action frame was a GAS request frame or -1 if not
+ */
+int gas_server_rx(struct gas_server *gas, const u8 *da, const u8 *sa,
+ const u8 *bssid, u8 categ, const u8 *data, size_t len,
+ int freq)
+{
+ u8 action, dialog_token;
+ const u8 *pos, *end;
+
+ if (!gas || len < 2)
+ return -1;
+
+ if (categ == WLAN_ACTION_PROTECTED_DUAL)
+ return -1; /* Not supported for now */
+
+ pos = data;
+ end = data + len;
+ action = *pos++;
+ dialog_token = *pos++;
+
+ if (action != WLAN_PA_GAS_INITIAL_REQ &&
+ action != WLAN_PA_GAS_COMEBACK_REQ)
+ return -1; /* Not a GAS request */
+
+ wpa_printf(MSG_DEBUG, "GAS: Received GAS %s Request frame DA=" MACSTR
+ " SA=" MACSTR " BSSID=" MACSTR
+ " freq=%d dialog_token=%u len=%u",
+ action == WLAN_PA_GAS_INITIAL_REQ ? "Initial" : "Comeback",
+ MAC2STR(da), MAC2STR(sa), MAC2STR(bssid), freq, dialog_token,
+ (unsigned int) len);
+
+ if (action == WLAN_PA_GAS_INITIAL_REQ)
+ return gas_server_rx_initial_req(gas, da, sa, bssid,
+ freq, dialog_token,
+ pos, end - pos);
+ return gas_server_rx_comeback_req(gas, da, sa, bssid,
+ freq, dialog_token);
+}
+
+
+static void gas_server_handle_tx_status(struct gas_server_response *response,
+ int ack)
+{
+ if (ack && response->offset < wpabuf_len(response->resp)) {
+ wpa_printf(MSG_DEBUG,
+ "GAS: More fragments remaining - keep pending entry");
+ return;
+ }
+
+ if (!ack)
+ wpa_printf(MSG_DEBUG,
+ "GAS: No ACK received - drop pending entry");
+ else
+ wpa_printf(MSG_DEBUG,
+ "GAS: Last fragment of the response sent out - drop pending entry");
+
+ response->handler->status_cb(response->handler->ctx,
+ response->resp, ack);
+ response->resp = NULL;
+ dl_list_del(&response->list);
+ gas_server_free_response(response);
+}
+
+
+void gas_server_tx_status(struct gas_server *gas, const u8 *dst, const u8 *data,
+ size_t data_len, int ack)
+{
+ const u8 *pos;
+ u8 action, code, dialog_token;
+ struct gas_server_response *response;
+
+ if (data_len < 24 + 3)
+ return;
+ pos = data + 24;
+ action = *pos++;
+ code = *pos++;
+ dialog_token = *pos++;
+ if (action != WLAN_ACTION_PUBLIC ||
+ (code != WLAN_PA_GAS_INITIAL_RESP &&
+ code != WLAN_PA_GAS_COMEBACK_RESP))
+ return;
+ wpa_printf(MSG_DEBUG, "GAS: TX status dst=" MACSTR
+ " ack=%d %s dialog_token=%u",
+ MAC2STR(dst), ack,
+ code == WLAN_PA_GAS_INITIAL_RESP ? "initial" : "comeback",
+ dialog_token);
+ dl_list_for_each(response, &gas->responses, struct gas_server_response,
+ list) {
+ if (response->dialog_token != dialog_token ||
+ os_memcmp(dst, response->dst, ETH_ALEN) != 0)
+ continue;
+ gas_server_handle_tx_status(response, ack);
+ return;
+ }
+
+ wpa_printf(MSG_DEBUG, "GAS: No pending response matches TX status");
+}
+
+
+struct gas_server * gas_server_init(void *ctx,
+ void (*tx)(void *ctx, int freq,
+ const u8 *da,
+ struct wpabuf *buf,
+ unsigned int wait_time))
+{
+ struct gas_server *gas;
+
+ gas = os_zalloc(sizeof(*gas));
+ if (!gas)
+ return NULL;
+ gas->ctx = ctx;
+ gas->tx = tx;
+ dl_list_init(&gas->handlers);
+ dl_list_init(&gas->responses);
+ return gas;
+}
+
+
+void gas_server_deinit(struct gas_server *gas)
+{
+ struct gas_server_handler *handler, *tmp;
+ struct gas_server_response *response, *tmp_r;
+
+ if (!gas)
+ return;
+
+ dl_list_for_each_safe(handler, tmp, &gas->handlers,
+ struct gas_server_handler, list) {
+ dl_list_del(&handler->list);
+ os_free(handler);
+ }
+
+ dl_list_for_each_safe(response, tmp_r, &gas->responses,
+ struct gas_server_response, list) {
+ dl_list_del(&response->list);
+ gas_server_free_response(response);
+ }
+
+ os_free(gas);
+}
+
+
+int gas_server_register(struct gas_server *gas,
+ const u8 *adv_proto_id, u8 adv_proto_id_len,
+ struct wpabuf *
+ (*req_cb)(void *ctx, const u8 *sa,
+ const u8 *query, size_t query_len),
+ void (*status_cb)(void *ctx, struct wpabuf *resp,
+ int ok),
+ void *ctx)
+{
+ struct gas_server_handler *handler;
+
+ if (!gas || adv_proto_id_len > MAX_ADV_PROTO_ID_LEN)
+ return -1;
+ handler = os_zalloc(sizeof(*handler));
+ if (!handler)
+ return -1;
+
+ os_memcpy(handler->adv_proto_id, adv_proto_id, adv_proto_id_len);
+ handler->adv_proto_id_len = adv_proto_id_len;
+ handler->req_cb = req_cb;
+ handler->status_cb = status_cb;
+ handler->ctx = ctx;
+ handler->gas = gas;
+ dl_list_add(&gas->handlers, &handler->list);
+
+ return 0;
+}
#include "utils/common.h"
#include "utils/eloop.h"
#include "common/dpp.h"
+#include "common/gas.h"
+#include "common/gas_server.h"
#include "wpa_supplicant_i.h"
#include "driver_i.h"
#include "offchannel.h"
+#include "gas_query.h"
#include "dpp_supplicant.h"
static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
unsigned int freq);
+static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx);
+static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator);
static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
unsigned int freq, const u8 *dst,
const u8 *src, const u8 *bssid,
static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+static struct dpp_configurator *
+dpp_configurator_get_id(struct wpa_supplicant *wpa_s, unsigned int id)
+{
+ struct dpp_configurator *conf;
+
+ dl_list_for_each(conf, &wpa_s->dpp_configurator,
+ struct dpp_configurator, list) {
+ if (conf->id == id)
+ return conf;
+ }
+ return NULL;
+}
+
+
static unsigned int wpas_dpp_next_id(struct wpa_supplicant *wpa_s)
{
struct dpp_bootstrap_info *bi;
if (wpa_s->dpp_auth->remove_on_tx_status) {
wpa_printf(MSG_DEBUG,
"DPP: Terminate authentication exchange due to an earlier error");
+ eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
+ offchannel_send_action_done(wpa_s);
dpp_auth_deinit(wpa_s->dpp_auth);
wpa_s->dpp_auth = NULL;
return;
}
+ if (wpa_s->dpp_auth_ok_on_ack)
+ wpas_dpp_auth_success(wpa_s, 1);
+
if (!is_broadcast_ether_addr(dst) &&
result != OFFCHANNEL_SEND_ACTION_SUCCESS) {
wpa_printf(MSG_DEBUG,
}
+static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s,
+ struct dpp_authentication *auth)
+{
+#ifdef CONFIG_TESTING_OPTIONS
+ if (wpa_s->dpp_config_obj_override)
+ auth->config_obj_override =
+ os_strdup(wpa_s->dpp_config_obj_override);
+ if (wpa_s->dpp_discovery_override)
+ auth->discovery_override =
+ os_strdup(wpa_s->dpp_discovery_override);
+ if (wpa_s->dpp_groups_override)
+ auth->groups_override =
+ os_strdup(wpa_s->dpp_groups_override);
+ if (wpa_s->dpp_devices_override)
+ auth->devices_override =
+ os_strdup(wpa_s->dpp_devices_override);
+ auth->ignore_netaccesskey_mismatch =
+ wpa_s->dpp_ignore_netaccesskey_mismatch;
+#endif /* CONFIG_TESTING_OPTIONS */
+}
+
+
int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
{
const char *pos;
int res;
int configurator = 1;
unsigned int wait_time;
+ struct dpp_configuration *conf_sta = NULL, *conf_ap = NULL;
+ struct dpp_configurator *conf = NULL;
+
+ wpa_s->dpp_gas_client = 0;
pos = os_strstr(cmd, " peer=");
if (!pos)
else if (os_strncmp(pos, "enrollee", 8) == 0)
configurator = 0;
else
- return -1;
+ goto fail;
+ }
+
+ pos = os_strstr(cmd, " netrole=");
+ if (pos) {
+ pos += 9;
+ wpa_s->dpp_netrole_ap = os_strncmp(pos, "ap", 2) == 0;
+ }
+
+ if (os_strstr(cmd, " conf=sta-")) {
+ conf_sta = os_zalloc(sizeof(struct dpp_configuration));
+ if (!conf_sta)
+ goto fail;
+ /* TODO: Configuration of network parameters from upper layers
+ */
+ os_memcpy(conf_sta->ssid, "test", 4);
+ conf_sta->ssid_len = 4;
+ if (os_strstr(cmd, " conf=sta-psk")) {
+ conf_sta->dpp = 0;
+ conf_sta->passphrase = os_strdup("secret passphrase");
+ if (!conf_sta->passphrase)
+ goto fail;
+ } else if (os_strstr(cmd, " conf=sta-dpp")) {
+ conf_sta->dpp = 1;
+ } else {
+ goto fail;
+ }
+ }
+
+ if (os_strstr(cmd, " conf=ap-")) {
+ conf_ap = os_zalloc(sizeof(struct dpp_configuration));
+ if (!conf_ap)
+ goto fail;
+ /* TODO: Configuration of network parameters from upper layers
+ */
+ os_memcpy(conf_ap->ssid, "test", 4);
+ conf_ap->ssid_len = 4;
+ if (os_strstr(cmd, " conf=ap-psk")) {
+ conf_ap->dpp = 0;
+ conf_ap->passphrase = os_strdup("secret passphrase");
+ if (!conf_ap->passphrase)
+ goto fail;
+ } else if (os_strstr(cmd, " conf=ap-dpp")) {
+ conf_ap->dpp = 1;
+ } else {
+ goto fail;
+ }
+ }
+
+ pos = os_strstr(cmd, " expiry=");
+ if (pos) {
+ long int val;
+
+ pos += 8;
+ val = strtol(pos, NULL, 0);
+ if (val <= 0)
+ goto fail;
+ if (conf_sta)
+ conf_sta->netaccesskey_expiry = val;
+ if (conf_ap)
+ conf_ap->netaccesskey_expiry = val;
+ }
+
+ pos = os_strstr(cmd, " configurator=");
+ if (pos) {
+ pos += 14;
+ conf = dpp_configurator_get_id(wpa_s, atoi(pos));
+ if (!conf) {
+ wpa_printf(MSG_INFO,
+ "DPP: Could not find the specified configurator");
+ goto fail;
+ }
}
if (wpa_s->dpp_auth) {
}
wpa_s->dpp_auth = dpp_auth_init(wpa_s, peer_bi, own_bi, configurator);
if (!wpa_s->dpp_auth)
- return -1;
+ goto fail;
+ wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth);
+ wpa_s->dpp_auth->conf_sta = conf_sta;
+ wpa_s->dpp_auth->conf_ap = conf_ap;
+ wpa_s->dpp_auth->conf = conf;
/* TODO: Support iteration over all frequencies and filtering of
* frequencies based on locally enabled channels that allow initiation
os_memcpy(wpa_s->dpp_auth->peer_mac_addr, peer_bi->mac_addr,
ETH_ALEN);
}
+ wpa_s->dpp_auth_ok_on_ack = 0;
eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
wait_time = wpa_s->max_remain_on_chan;
if (wait_time > 2000)
wpabuf_free(msg);
return res;
+fail:
+ dpp_configuration_free(conf_sta);
+ dpp_configuration_free(conf_ap);
+ return -1;
}
wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR |
DPP_CAPAB_ENROLLEE;
wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
+ wpa_s->dpp_netrole_ap = os_strstr(cmd, " netrole=ap") != NULL;
if (wpa_s->dpp_listen_freq == (unsigned int) freq) {
wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz",
freq);
{
wpas_dpp_listen_work_done(wpa_s);
- if (wpa_s->dpp_auth) {
+ if (wpa_s->dpp_auth && !wpa_s->dpp_gas_client) {
/* Continue listen with a new remain-on-channel */
wpa_printf(MSG_DEBUG,
"DPP: Continue wait on %u MHz for the ongoing DPP provisioning session",
return;
}
+ wpa_s->dpp_gas_client = 0;
+ wpa_s->dpp_auth_ok_on_ack = 0;
wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s, wpa_s->dpp_allowed_roles,
wpa_s->dpp_qr_mutual,
peer_bi, own_bi, freq, buf,
wpa_printf(MSG_DEBUG, "DPP: No response generated");
return;
}
+ wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth);
os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN);
msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_RESP,
}
+static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s)
+{
+ /* TODO: stop wait and start ROC */
+}
+
+
+static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token,
+ enum gas_query_result result,
+ const struct wpabuf *adv_proto,
+ const struct wpabuf *resp, u16 status_code)
+{
+ struct wpa_supplicant *wpa_s = ctx;
+ const u8 *pos;
+ struct dpp_authentication *auth = wpa_s->dpp_auth;
+
+ if (!auth || !auth->auth_success) {
+ wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
+ return;
+ }
+ if (!resp || status_code != WLAN_STATUS_SUCCESS) {
+ wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed");
+ goto fail;
+ }
+
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto",
+ adv_proto);
+ wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)",
+ resp);
+
+ if (wpabuf_len(adv_proto) != 10 ||
+ !(pos = wpabuf_head(adv_proto)) ||
+ pos[0] != WLAN_EID_ADV_PROTO ||
+ pos[1] != 8 ||
+ pos[3] != WLAN_EID_VENDOR_SPECIFIC ||
+ pos[4] != 5 ||
+ WPA_GET_BE24(&pos[5]) != OUI_WFA ||
+ pos[8] != 0x1a ||
+ pos[9] != 1) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: Not a DPP Advertisement Protocol ID");
+ goto fail;
+ }
+
+ if (dpp_conf_resp_rx(auth, resp) < 0) {
+ wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed");
+ goto fail;
+ }
+
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
+ if (auth->ssid_len)
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s",
+ wpa_ssid_txt(auth->ssid, auth->ssid_len));
+ if (auth->connector) {
+ /* TODO: Save the Connector and consider using a command
+ * to fetch the value instead of sending an event with
+ * it. The Connector could end up being larger than what
+ * most clients are ready to receive as an event
+ * message. */
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s",
+ auth->connector);
+ }
+ if (auth->c_sign_key) {
+ char *hex;
+ size_t hexlen;
+
+ hexlen = 2 * wpabuf_len(auth->c_sign_key) + 1;
+ hex = os_malloc(hexlen);
+ if (hex) {
+ wpa_snprintf_hex(hex, hexlen,
+ wpabuf_head(auth->c_sign_key),
+ wpabuf_len(auth->c_sign_key));
+ if (auth->c_sign_key_expiry)
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY
+ "%s %lu", hex,
+ (long unsigned)
+ auth->c_sign_key_expiry);
+ else
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY
+ "%s", hex);
+ os_free(hex);
+ }
+ }
+ if (auth->net_access_key) {
+ char *hex;
+ size_t hexlen;
+
+ hexlen = 2 * wpabuf_len(auth->net_access_key) + 1;
+ hex = os_malloc(hexlen);
+ if (hex) {
+ wpa_snprintf_hex(hex, hexlen,
+ wpabuf_head(auth->net_access_key),
+ wpabuf_len(auth->net_access_key));
+ if (auth->net_access_key_expiry)
+ wpa_msg(wpa_s, MSG_INFO,
+ DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex,
+ (long unsigned)
+ auth->net_access_key_expiry);
+ else
+ wpa_msg(wpa_s, MSG_INFO,
+ DPP_EVENT_NET_ACCESS_KEY "%s", hex);
+ os_free(hex);
+ }
+ }
+ dpp_auth_deinit(wpa_s->dpp_auth);
+ wpa_s->dpp_auth = NULL;
+ return;
+
+fail:
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
+ dpp_auth_deinit(wpa_s->dpp_auth);
+ wpa_s->dpp_auth = NULL;
+}
+
+
+static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
+{
+ struct dpp_authentication *auth = wpa_s->dpp_auth;
+ struct wpabuf *buf, *conf_req;
+ char json[100];
+ int res;
+
+ wpa_s->dpp_gas_client = 1;
+ os_snprintf(json, sizeof(json),
+ "{\"name\":\"Test\","
+ "\"wi-fi_tech\":\"infra\","
+ "\"netRole\":\"%s\"}",
+ wpa_s->dpp_netrole_ap ? "ap" : "sta");
+ wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json);
+
+ offchannel_send_action_done(wpa_s);
+ wpas_dpp_listen_stop(wpa_s);
+
+ conf_req = dpp_build_conf_req(auth, json);
+ if (!conf_req) {
+ wpa_printf(MSG_DEBUG,
+ "DPP: No configuration request data available");
+ return;
+ }
+
+ buf = gas_build_initial_req(0, 10 + 2 + wpabuf_len(conf_req));
+ if (!buf) {
+ wpabuf_free(conf_req);
+ return;
+ }
+
+ /* Advertisement Protocol IE */
+ wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO);
+ wpabuf_put_u8(buf, 8); /* Length */
+ wpabuf_put_u8(buf, 0x7f);
+ wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
+ wpabuf_put_u8(buf, 5);
+ wpabuf_put_be24(buf, OUI_WFA);
+ wpabuf_put_u8(buf, DPP_OUI_TYPE);
+ wpabuf_put_u8(buf, 0x01);
+
+ /* GAS Query */
+ wpabuf_put_le16(buf, wpabuf_len(conf_req));
+ wpabuf_put_buf(buf, conf_req);
+ wpabuf_free(conf_req);
+
+ wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)",
+ MAC2STR(auth->peer_mac_addr), auth->curr_freq);
+
+ res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq,
+ buf, wpas_dpp_gas_resp_cb, wpa_s);
+ if (res < 0) {
+ wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request");
+ wpabuf_free(buf);
+ } else {
+ wpa_printf(MSG_DEBUG,
+ "DPP: GAS query started with dialog token %u", res);
+ }
+}
+
+
+static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator)
+{
+ wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator);
+
+ if (wpa_s->dpp_auth->configurator)
+ wpas_dpp_start_gas_server(wpa_s);
+ else
+ wpas_dpp_start_gas_client(wpa_s);
+}
+
+
static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
const u8 *buf, size_t len)
{
wpabuf_head(msg), wpabuf_len(msg),
500, wpas_dpp_tx_status, 0);
wpabuf_free(msg);
-
- wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
- wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=1");
+ wpa_s->dpp_auth_ok_on_ack = 1;
}
return;
}
- wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
- wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=0");
+ wpas_dpp_auth_success(wpa_s, 0);
}
}
+static struct wpabuf *
+wpas_dpp_gas_req_handler(void *ctx, const u8 *sa, const u8 *query,
+ size_t query_len)
+{
+ struct wpa_supplicant *wpa_s = ctx;
+ struct dpp_authentication *auth = wpa_s->dpp_auth;
+ struct wpabuf *resp;
+
+ wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR,
+ MAC2STR(sa));
+ if (!auth || !auth->auth_success ||
+ os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) {
+ wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
+ return NULL;
+ }
+ wpa_hexdump(MSG_DEBUG,
+ "DPP: Received Configuration Request (GAS Query Request)",
+ query, query_len);
+ resp = dpp_conf_req_rx(auth, query, query_len);
+ if (!resp)
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
+ return resp;
+}
+
+
+static void
+wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok)
+{
+ struct wpa_supplicant *wpa_s = ctx;
+ struct dpp_authentication *auth = wpa_s->dpp_auth;
+
+ if (!auth) {
+ wpabuf_free(resp);
+ return;
+ }
+
+ wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)",
+ ok);
+ eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
+ offchannel_send_action_done(wpa_s);
+ wpas_dpp_listen_stop(wpa_s);
+ if (ok)
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
+ else
+ wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
+ dpp_auth_deinit(wpa_s->dpp_auth);
+ wpa_s->dpp_auth = NULL;
+ wpabuf_free(resp);
+}
+
+
+static unsigned int wpas_dpp_next_configurator_id(struct wpa_supplicant *wpa_s)
+{
+ struct dpp_configurator *conf;
+ unsigned int max_id = 0;
+
+ dl_list_for_each(conf, &wpa_s->dpp_configurator,
+ struct dpp_configurator, list) {
+ if (conf->id > max_id)
+ max_id = conf->id;
+ }
+ return max_id + 1;
+}
+
+
+int wpas_dpp_configurator_add(struct wpa_supplicant *wpa_s, const char *cmd)
+{
+ char *expiry = NULL, *curve = NULL;
+ char *key = NULL;
+ u8 *privkey = NULL;
+ size_t privkey_len = 0;
+ int ret = -1;
+ struct dpp_configurator *conf = NULL;
+
+ expiry = get_param(cmd, " expiry=");
+ curve = get_param(cmd, " curve=");
+ key = get_param(cmd, " key=");
+
+ if (key) {
+ privkey_len = os_strlen(key) / 2;
+ privkey = os_malloc(privkey_len);
+ if (!privkey ||
+ hexstr2bin(key, privkey, privkey_len) < 0)
+ goto fail;
+ }
+
+ conf = dpp_keygen_configurator(curve, privkey, privkey_len);
+ if (!conf)
+ goto fail;
+
+ if (expiry) {
+ long int val;
+
+ val = strtol(expiry, NULL, 0);
+ if (val <= 0)
+ goto fail;
+ conf->csign_expiry = val;
+ }
+
+ conf->id = wpas_dpp_next_configurator_id(wpa_s);
+ dl_list_add(&wpa_s->dpp_configurator, &conf->list);
+ ret = conf->id;
+ conf = NULL;
+fail:
+ os_free(curve);
+ os_free(expiry);
+ str_clear_free(key);
+ bin_clear_free(privkey, privkey_len);
+ dpp_configurator_free(conf);
+ return ret;
+}
+
+
+static int dpp_configurator_del(struct wpa_supplicant *wpa_s, unsigned int id)
+{
+ struct dpp_configurator *conf, *tmp;
+ int found = 0;
+
+ dl_list_for_each_safe(conf, tmp, &wpa_s->dpp_configurator,
+ struct dpp_configurator, list) {
+ if (id && conf->id != id)
+ continue;
+ found = 1;
+ dl_list_del(&conf->list);
+ dpp_configurator_free(conf);
+ }
+
+ if (id == 0)
+ return 0; /* flush succeeds regardless of entries found */
+ return found ? 0 : -1;
+}
+
+
+int wpas_dpp_configurator_remove(struct wpa_supplicant *wpa_s, const char *id)
+{
+ unsigned int id_val;
+
+ if (os_strcmp(id, "*") == 0) {
+ id_val = 0;
+ } else {
+ id_val = atoi(id);
+ if (id_val == 0)
+ return -1;
+ }
+
+ return dpp_configurator_del(wpa_s, id_val);
+}
+
+
int wpas_dpp_init(struct wpa_supplicant *wpa_s)
{
+ u8 adv_proto_id[7];
+
+ adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC;
+ adv_proto_id[1] = 5;
+ WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA);
+ adv_proto_id[5] = DPP_OUI_TYPE;
+ adv_proto_id[6] = 0x01;
+
+ if (gas_server_register(wpa_s->gas_server, adv_proto_id,
+ sizeof(adv_proto_id), wpas_dpp_gas_req_handler,
+ wpas_dpp_gas_status_handler, wpa_s) < 0)
+ return -1;
dl_list_init(&wpa_s->dpp_bootstrap);
+ dl_list_init(&wpa_s->dpp_configurator);
wpa_s->dpp_init_done = 1;
return 0;
}
void wpas_dpp_deinit(struct wpa_supplicant *wpa_s)
{
+#ifdef CONFIG_TESTING_OPTIONS
+ os_free(wpa_s->dpp_config_obj_override);
+ wpa_s->dpp_config_obj_override = NULL;
+ os_free(wpa_s->dpp_discovery_override);
+ wpa_s->dpp_discovery_override = NULL;
+ os_free(wpa_s->dpp_groups_override);
+ wpa_s->dpp_groups_override = NULL;
+ os_free(wpa_s->dpp_devices_override);
+ wpa_s->dpp_devices_override = NULL;
+ wpa_s->dpp_ignore_netaccesskey_mismatch = 0;
+#endif /* CONFIG_TESTING_OPTIONS */
if (!wpa_s->dpp_init_done)
return;
eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
offchannel_send_action_done(wpa_s);
wpas_dpp_listen_stop(wpa_s);
dpp_bootstrap_del(wpa_s, 0);
+ dpp_configurator_del(wpa_s, 0);
dpp_auth_deinit(wpa_s->dpp_auth);
wpa_s->dpp_auth = NULL;
}