DPP: Remove unnecessary Wrapped Data checks from callers

author Jouni Malinen <jouni@qca.qualcomm.com>

Sun, 22 Oct 2017 08:46:12 +0000 (11:46 +0300)

committer Jouni Malinen <j@w1.fi>

Sun, 22 Oct 2017 14:21:57 +0000 (17:21 +0300)
author Jouni Malinen <jouni@qca.qualcomm.com>
Sun, 22 Oct 2017 08:46:12 +0000 (11:46 +0300)
committer Jouni Malinen <j@w1.fi>
Sun, 22 Oct 2017 14:21:57 +0000 (17:21 +0300)
diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c

index aae29104d6256337459103b6e5c82c332d821f97..825af9e3be1fc264c8840567e708e55a62096baa 100644 (file)
--- a/src/ap/dpp_hostapd.c
+++ b/src/ap/dpp_hostapd.c
@@ -536,27 +536,16 @@ static void hostapd_dpp_rx_auth_req(struct hostapd_data *hapd, const u8 *src,
                                     const u8 *hdr, const u8 *buf, size_t len,
                                     unsigned int freq)
  {
-       const u8 *r_bootstrap, *i_bootstrap, *wrapped_data;
-       u16 r_bootstrap_len, i_bootstrap_len, wrapped_data_len;
+       const u8 *r_bootstrap, *i_bootstrap;
+       u16 r_bootstrap_len, i_bootstrap_len;
         struct dpp_bootstrap_info *bi, *own_bi = NULL, *peer_bi = NULL;
  
         wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR,
                    MAC2STR(src));
  
-       wrapped_data = dpp_get_attr(buf, len, DPP_ATTR_WRAPPED_DATA,
-                                   &wrapped_data_len);
-       if (!wrapped_data) {
-               wpa_printf(MSG_DEBUG,
-                          "DPP: Missing required Wrapped data attribute");
-               return;
-       }
-       wpa_hexdump(MSG_MSGDUMP, "DPP: Wrapped data",
-                   wrapped_data, wrapped_data_len);
-
         r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
                                    &r_bootstrap_len);
-       if (!r_bootstrap || r_bootstrap > wrapped_data ||
-           r_bootstrap_len != SHA256_MAC_LEN) {
+       if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
                 wpa_printf(MSG_DEBUG,
                            "DPP: Missing or invalid required Responder Bootstrapping Key Hash attribute");
                 return;
@@ -566,8 +555,7 @@ static void hostapd_dpp_rx_auth_req(struct hostapd_data *hapd, const u8 *src,
  
         i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
                                    &i_bootstrap_len);
-       if (!i_bootstrap || i_bootstrap > wrapped_data ||
-           i_bootstrap_len != SHA256_MAC_LEN) {
+       if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) {
                 wpa_printf(MSG_DEBUG,
                            "DPP: Missing or invalid required Initiator Bootstrapping Key Hash attribute");
                 return;
@@ -614,8 +602,7 @@ static void hostapd_dpp_rx_auth_req(struct hostapd_data *hapd, const u8 *src,
         hapd->dpp_auth_ok_on_ack = 0;
         hapd->dpp_auth = dpp_auth_req_rx(hapd->msg_ctx, hapd->dpp_allowed_roles,
                                          hapd->dpp_qr_mutual,
-                                        peer_bi, own_bi, freq, hdr, buf,
-                                        wrapped_data, wrapped_data_len);
+                                        peer_bi, own_bi, freq, hdr, buf, len);
         if (!hapd->dpp_auth) {
                 wpa_printf(MSG_DEBUG, "DPP: No response generated");
                 return;
diff --git a/src/common/dpp.c b/src/common/dpp.c

index 596c81cb3aae4f31e9d33a90a26cb98e3eb96ad6..40b875087598ce525a27e707c5fc5215b113a65b 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -2225,7 +2225,7 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
                 struct dpp_bootstrap_info *peer_bi,
                 struct dpp_bootstrap_info *own_bi,
                 unsigned int freq, const u8 *hdr, const u8 *attr_start,
-               const u8 *wrapped_data, u16 wrapped_data_len)
+               size_t attr_len)
  {
         EVP_PKEY *pi = NULL;
         EVP_PKEY_CTX *ctx = NULL;
@@ -2234,14 +2234,20 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
         size_t len[2];
         u8 *unwrapped = NULL;
         size_t unwrapped_len = 0;
-       const u8 *i_proto, *i_nonce, *i_capab, *i_bootstrap;
-       u16 i_proto_len, i_nonce_len, i_capab_len, i_bootstrap_len;
+       const u8 *wrapped_data, *i_proto, *i_nonce, *i_capab, *i_bootstrap;
+       u16 wrapped_data_len, i_proto_len, i_nonce_len, i_capab_len,
+               i_bootstrap_len;
         struct dpp_authentication *auth = NULL;
-       size_t attr_len;
  
-       if (wrapped_data_len < AES_BLOCK_SIZE)
+       wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
+                                   &wrapped_data_len);
+       if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
+               wpa_printf(MSG_DEBUG,
+                          "DPP: Missing or invalid required Wrapped Data attribute");
                 return NULL;
-
+       }
+       wpa_hexdump(MSG_MSGDUMP, "DPP: Wrapped Data",
+                   wrapped_data, wrapped_data_len);
         attr_len = wrapped_data - 4 - attr_start;
  
         auth = os_zalloc(sizeof(*auth));
diff --git a/src/common/dpp.h b/src/common/dpp.h

index f6bc5af0131573569d37319281a5e4fd6704c89d..ecad2d6e06c1a6dea6e93e5eb97987619880e395 100644 (file)
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -240,7 +240,7 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
                 struct dpp_bootstrap_info *peer_bi,
                 struct dpp_bootstrap_info *own_bi,
                 unsigned int freq, const u8 *hdr, const u8 *attr_start,
-               const u8 *wrapped_data, u16 wrapped_data_len);
+               size_t attr_len);
  struct wpabuf *
  dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
                  const u8 *attr_start, size_t attr_len);
diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c

index bf29f192da6399a4ac4dd9b89874229dac046e3c..e0638f3a7f3bd9babd6f5425a8b39c0ed30393bb 100644 (file)
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@@ -777,27 +777,16 @@ static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
                                  const u8 *hdr, const u8 *buf, size_t len,
                                  unsigned int freq)
  {
-       const u8 *r_bootstrap, *i_bootstrap, *wrapped_data;
-       u16 r_bootstrap_len, i_bootstrap_len, wrapped_data_len;
+       const u8 *r_bootstrap, *i_bootstrap;
+       u16 r_bootstrap_len, i_bootstrap_len;
         struct dpp_bootstrap_info *bi, *own_bi = NULL, *peer_bi = NULL;
  
         wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR,
                    MAC2STR(src));
  
-       wrapped_data = dpp_get_attr(buf, len, DPP_ATTR_WRAPPED_DATA,
-                                   &wrapped_data_len);
-       if (!wrapped_data) {
-               wpa_printf(MSG_DEBUG,
-                          "DPP: Missing required Wrapped data attribute");
-               return;
-       }
-       wpa_hexdump(MSG_MSGDUMP, "DPP: Wrapped data",
-                   wrapped_data, wrapped_data_len);
-
         r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
                                    &r_bootstrap_len);
-       if (!r_bootstrap || r_bootstrap > wrapped_data ||
-           r_bootstrap_len != SHA256_MAC_LEN) {
+       if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
                 wpa_printf(MSG_DEBUG,
                            "DPP: Missing or invalid required Responder Bootstrapping Key Hash attribute");
                 return;
@@ -807,8 +796,7 @@ static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
  
         i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
                                    &i_bootstrap_len);
-       if (!i_bootstrap || i_bootstrap > wrapped_data ||
-           i_bootstrap_len != SHA256_MAC_LEN) {
+       if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) {
                 wpa_printf(MSG_DEBUG,
                            "DPP: Missing or invalid required Initiator Bootstrapping Key Hash attribute");
                 return;
@@ -856,8 +844,7 @@ static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
         wpa_s->dpp_auth_ok_on_ack = 0;
         wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s, wpa_s->dpp_allowed_roles,
                                           wpa_s->dpp_qr_mutual,
-                                         peer_bi, own_bi, freq, hdr, buf,
-                                         wrapped_data, wrapped_data_len);
+                                         peer_bi, own_bi, freq, hdr, buf, len);
         if (!wpa_s->dpp_auth) {
                 wpa_printf(MSG_DEBUG, "DPP: No response generated");
                 return;
author	Jouni Malinen <jouni@qca.qualcomm.com>
	Sun, 22 Oct 2017 08:46:12 +0000 (11:46 +0300)
committer	Jouni Malinen <j@w1.fi>
	Sun, 22 Oct 2017 14:21:57 +0000 (17:21 +0300)
src/ap/dpp_hostapd.c		patch \| blob \| blame \| history
src/common/dpp.c		patch \| blob \| blame \| history
src/common/dpp.h		patch \| blob \| blame \| history
wpa_supplicant/dpp_supplicant.c		patch \| blob \| blame \| history