goto fail;
wpa_hexdump_key(MSG_DEBUG, "DPP: M.x", Mx, curve->prime_len);
- /* ke = HKDF(I-nonce, "dpp reconfig key", M.x) */
+ /* ke = HKDF(C-nonce, "dpp reconfig key", M.x) */
- /* HKDF-Extract(I-nonce, M.x) */
- if (dpp_hmac(curve->hash_len, auth->i_nonce, curve->nonce_len,
+ /* HKDF-Extract(C-nonce, M.x) */
+ if (dpp_hmac(curve->hash_len, auth->c_nonce, curve->nonce_len,
Mx, curve->prime_len, prk) < 0)
goto fail;
wpa_hexdump_key(MSG_DEBUG, "DPP: PRK", prk, curve->hash_len);
"dpp reconfig key", auth->ke, curve->hash_len) < 0)
goto fail;
wpa_hexdump_key(MSG_DEBUG,
- "DPP: ke = HKDF(I-nonce, \"dpp reconfig key\", M.x)",
+ "DPP: ke = HKDF(C-nonce, \"dpp reconfig key\", M.x)",
auth->ke, curve->hash_len);
res = 0;
wpa_hexdump_key(MSG_DEBUG, "DPP: M.x", Mx, curve->prime_len);
- /* ke = HKDF(I-nonce, "dpp reconfig key", M.x) */
+ /* ke = HKDF(C-nonce, "dpp reconfig key", M.x) */
- /* HKDF-Extract(I-nonce, M.x) */
- if (dpp_hmac(curve->hash_len, auth->i_nonce, curve->nonce_len,
+ /* HKDF-Extract(C-nonce, M.x) */
+ if (dpp_hmac(curve->hash_len, auth->c_nonce, curve->nonce_len,
Mx, curve->prime_len, prk) < 0)
goto fail;
wpa_hexdump_key(MSG_DEBUG, "DPP: PRK", prk, curve->hash_len);
"dpp reconfig key", auth->ke, curve->hash_len) < 0)
goto fail;
wpa_hexdump_key(MSG_DEBUG,
- "DPP: ke = HKDF(I-nonce, \"dpp reconfig key\", M.x)",
+ "DPP: ke = HKDF(C-nonce, \"dpp reconfig key\", M.x)",
auth->ke, curve->hash_len);
res = 0;
wpabuf_put_le16(msg, os_strlen(auth->conf->connector));
wpabuf_put_str(msg, auth->conf->connector);
- /* I-nonce */
- wpabuf_put_le16(msg, DPP_ATTR_I_NONCE);
+ /* C-nonce */
+ wpabuf_put_le16(msg, DPP_ATTR_CONFIGURATOR_NONCE);
wpabuf_put_le16(msg, auth->curve->nonce_len);
- wpabuf_put_data(msg, auth->i_nonce, auth->curve->nonce_len);
+ wpabuf_put_data(msg, auth->c_nonce, auth->curve->nonce_len);
wpa_hexdump_buf(MSG_DEBUG,
"DPP: Reconfig Authentication Request frame attributes",
if (dpp_configurator_build_own_connector(conf, curve) < 0)
goto fail;
- if (random_get_bytes(auth->i_nonce, auth->curve->nonce_len)) {
- wpa_printf(MSG_ERROR, "DPP: Failed to generate I-nonce");
+ if (random_get_bytes(auth->c_nonce, auth->curve->nonce_len)) {
+ wpa_printf(MSG_ERROR, "DPP: Failed to generate C-nonce");
goto fail;
}
if (!clear)
goto fail;
- /* I-nonce (wrapped) */
- wpabuf_put_le16(clear, DPP_ATTR_I_NONCE);
+ /* C-nonce (wrapped) */
+ wpabuf_put_le16(clear, DPP_ATTR_CONFIGURATOR_NONCE);
wpabuf_put_le16(clear, auth->curve->nonce_len);
- wpabuf_put_data(clear, auth->i_nonce, auth->curve->nonce_len);
+ wpabuf_put_data(clear, auth->c_nonce, auth->curve->nonce_len);
- /* R-nonce (wrapped) */
- wpabuf_put_le16(clear, DPP_ATTR_R_NONCE);
+ /* E-nonce (wrapped) */
+ wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
wpabuf_put_le16(clear, auth->curve->nonce_len);
- wpabuf_put_data(clear, auth->r_nonce, auth->curve->nonce_len);
+ wpabuf_put_data(clear, auth->e_nonce, auth->curve->nonce_len);
/* Connection Status (wrapped) */
wpabuf_put_le16(clear, DPP_ATTR_CONN_STATUS);
len[1] = attr_end - attr_start;
wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
- /* Wrapped Data: {I-nonce, R-nonce, Connection Status}ke */
+ /* Wrapped Data: {C-nonce, E-nonce, Connection Status}ke */
wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
const u8 *attr_start, size_t attr_len)
{
struct dpp_authentication *auth = NULL;
- const u8 *trans_id, *version, *i_connector, *i_nonce;
- u16 trans_id_len, version_len, i_connector_len, i_nonce_len;
+ const u8 *trans_id, *version, *i_connector, *c_nonce;
+ u16 trans_id_len, version_len, i_connector_len, c_nonce_len;
struct dpp_signed_connector_info info;
enum dpp_status_error res;
struct json_token *root = NULL, *own_root = NULL, *token;
wpa_hexdump_ascii(MSG_DEBUG, "DPP: I-Connector",
i_connector, i_connector_len);
- i_nonce = dpp_get_attr(attr_start, attr_len, DPP_ATTR_I_NONCE,
- &i_nonce_len);
- if (!i_nonce || i_nonce_len > DPP_MAX_NONCE_LEN) {
+ c_nonce = dpp_get_attr(attr_start, attr_len,
+ DPP_ATTR_CONFIGURATOR_NONCE, &c_nonce_len);
+ if (!c_nonce || c_nonce_len > DPP_MAX_NONCE_LEN) {
wpa_printf(MSG_DEBUG,
- "DPP: Missing or invalid I-Nonce attribute");
+ "DPP: Missing or invalid C-nonce attribute");
goto fail;
}
- wpa_hexdump(MSG_DEBUG, "DPP: I-Nonce", i_nonce, i_nonce_len);
+ wpa_hexdump(MSG_DEBUG, "DPP: C-nonce", c_nonce, c_nonce_len);
res = dpp_check_signed_connector(&info, csign_key, csign_key_len,
i_connector, i_connector_len);
wpa_printf(MSG_DEBUG, "DPP: Peer protocol version %u",
auth->peer_version);
- os_memcpy(auth->i_nonce, i_nonce, i_nonce_len);
+ os_memcpy(auth->c_nonce, c_nonce, c_nonce_len);
if (dpp_reconfig_derive_ke_responder(auth, net_access_key,
net_access_key_len, token) < 0)
goto fail;
- if (i_nonce_len != auth->curve->nonce_len) {
+ if (c_nonce_len != auth->curve->nonce_len) {
wpa_printf(MSG_DEBUG,
- "DPP: Unexpected I-nonce length %u (curve nonce len %zu)",
- i_nonce_len, auth->curve->nonce_len);
+ "DPP: Unexpected C-nonce length %u (curve nonce len %zu)",
+ c_nonce_len, auth->curve->nonce_len);
goto fail;
}
- if (random_get_bytes(auth->r_nonce, auth->curve->nonce_len)) {
- wpa_printf(MSG_ERROR, "DPP: Failed to generate R-nonce");
+ if (random_get_bytes(auth->e_nonce, auth->curve->nonce_len)) {
+ wpa_printf(MSG_ERROR, "DPP: Failed to generate E-nonce");
goto fail;
}
- wpa_hexdump_key(MSG_DEBUG, "DPP: R-nonce",
- auth->r_nonce, auth->curve->nonce_len);
+ wpa_hexdump_key(MSG_DEBUG, "DPP: E-nonce",
+ auth->e_nonce, auth->curve->nonce_len);
/* Build Connection Status object */
/* TODO: Get appropriate result value */
wpabuf_put_le16(clear, 1);
wpabuf_put_u8(clear, auth->peer_version);
- /* I-nonce (wrapped) */
- wpabuf_put_le16(clear, DPP_ATTR_I_NONCE);
+ /* C-nonce (wrapped) */
+ wpabuf_put_le16(clear, DPP_ATTR_CONFIGURATOR_NONCE);
wpabuf_put_le16(clear, auth->curve->nonce_len);
- wpabuf_put_data(clear, auth->i_nonce, auth->curve->nonce_len);
+ wpabuf_put_data(clear, auth->c_nonce, auth->curve->nonce_len);
- /* R-nonce (wrapped) */
- wpabuf_put_le16(clear, DPP_ATTR_R_NONCE);
+ /* E-nonce (wrapped) */
+ wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
wpabuf_put_le16(clear, auth->curve->nonce_len);
- wpabuf_put_data(clear, auth->r_nonce, auth->curve->nonce_len);
+ wpabuf_put_data(clear, auth->e_nonce, auth->curve->nonce_len);
/* Reconfig-Flags (wrapped) */
flags = DPP_CONFIG_REPLACEKEY;
const u8 *attr_start, size_t attr_len)
{
const u8 *trans_id, *version, *r_connector, *r_proto, *wrapped_data,
- *i_nonce, *r_nonce, *conn_status;
+ *c_nonce, *e_nonce, *conn_status;
u16 trans_id_len, version_len, r_connector_len, r_proto_len,
- wrapped_data_len, i_nonce_len, r_nonce_len, conn_status_len;
+ wrapped_data_len, c_nonce_len, e_nonce_len, conn_status_len;
struct wpabuf *conf = NULL;
char *signed_connector = NULL;
struct dpp_signed_connector_info info;
goto fail;
}
- i_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_NONCE,
- &i_nonce_len);
- if (!i_nonce || i_nonce_len != auth->curve->nonce_len ||
- os_memcmp(i_nonce, auth->i_nonce, i_nonce_len) != 0) {
- dpp_auth_fail(auth, "Missing or invalid I-nonce");
+ c_nonce = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_CONFIGURATOR_NONCE, &c_nonce_len);
+ if (!c_nonce || c_nonce_len != auth->curve->nonce_len ||
+ os_memcmp(c_nonce, auth->c_nonce, c_nonce_len) != 0) {
+ dpp_auth_fail(auth, "Missing or invalid C-nonce");
goto fail;
}
- wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", i_nonce, i_nonce_len);
+ wpa_hexdump(MSG_DEBUG, "DPP: C-nonce", c_nonce, c_nonce_len);
- r_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_R_NONCE,
- &r_nonce_len);
- if (!r_nonce || r_nonce_len != auth->curve->nonce_len) {
- dpp_auth_fail(auth, "Missing or invalid R-nonce");
+ e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_ENROLLEE_NONCE, &e_nonce_len);
+ if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
+ dpp_auth_fail(auth, "Missing or invalid E-nonce");
goto fail;
}
- wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", r_nonce, r_nonce_len);
- os_memcpy(auth->r_nonce, r_nonce, r_nonce_len);
+ wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", e_nonce, e_nonce_len);
+ os_memcpy(auth->e_nonce, e_nonce, e_nonce_len);
conn_status = dpp_get_attr(unwrapped, unwrapped_len,
DPP_ATTR_CONN_STATUS, &conn_status_len);
int dpp_reconfig_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
const u8 *attr_start, size_t attr_len)
{
- const u8 *trans_id, *version, *wrapped_data, *i_nonce, *r_nonce,
+ const u8 *trans_id, *version, *wrapped_data, *c_nonce, *e_nonce,
*reconfig_flags, *status;
- u16 trans_id_len, version_len, wrapped_data_len, i_nonce_len,
- r_nonce_len, reconfig_flags_len, status_len;
+ u16 trans_id_len, version_len, wrapped_data_len, c_nonce_len,
+ e_nonce_len, reconfig_flags_len, status_len;
const u8 *addr[2];
size_t len[2];
u8 *unwrapped = NULL;
goto fail;
}
- i_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_I_NONCE,
- &i_nonce_len);
- if (!i_nonce || i_nonce_len != auth->curve->nonce_len ||
- os_memcmp(i_nonce, auth->i_nonce, i_nonce_len) != 0) {
- dpp_auth_fail(auth, "Missing or invalid I-nonce");
+ c_nonce = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_CONFIGURATOR_NONCE, &c_nonce_len);
+ if (!c_nonce || c_nonce_len != auth->curve->nonce_len ||
+ os_memcmp(c_nonce, auth->c_nonce, c_nonce_len) != 0) {
+ dpp_auth_fail(auth, "Missing or invalid C-nonce");
goto fail;
}
- wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", i_nonce, i_nonce_len);
+ wpa_hexdump(MSG_DEBUG, "DPP: C-nonce", c_nonce, c_nonce_len);
- r_nonce = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_R_NONCE,
- &r_nonce_len);
- if (!r_nonce || r_nonce_len != auth->curve->nonce_len ||
- os_memcmp(r_nonce, auth->r_nonce, r_nonce_len) != 0) {
- dpp_auth_fail(auth, "Missing or invalid R-nonce");
+ e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
+ DPP_ATTR_ENROLLEE_NONCE, &e_nonce_len);
+ if (!e_nonce || e_nonce_len != auth->curve->nonce_len ||
+ os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
+ dpp_auth_fail(auth, "Missing or invalid E-nonce");
goto fail;
}
- wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", r_nonce, r_nonce_len);
+ wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", e_nonce, e_nonce_len);
reconfig_flags = dpp_get_attr(unwrapped, unwrapped_len,
DPP_ATTR_RECONFIG_FLAGS,
projects / thirdparty / hostap.git / commitdiff
