Share common SAE and EAP-pwd functionality: suitable groups

Start sharing common SAE and EAP-pwd functionality by adding a new
source code file that can be included into both. This first step is
bringing in a shared function to check whether a group is suitable.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index 57a894cc7f8c64889f75095a0e42d4a038611077..e082cab8228a3c2a2dbdef4b4df536ad8c1d1a3d 100644 (file)
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -269,6 +269,7 @@ L_CFLAGS += -DCONFIG_SAE
 OBJS += src/common/sae.c
 NEED_ECC=y
 NEED_DH_GROUPS=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_OWE
@@ -462,6 +463,7 @@ L_CFLAGS += -DEAP_SERVER_PWD
 OBJS += src/eap_server/eap_server_pwd.c src/eap_common/eap_pwd_common.c
 NEED_SHA256=y
 NEED_ECC=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_EAP_EKE
@@ -595,6 +597,10 @@ ifdef CONFIG_PKCS12
 L_CFLAGS += -DPKCS12_FUNCS
 endif
 
+ifdef NEED_DRAGONFLY
+OBJS += src/common/dragonfly.c
+endif
+
 ifdef MS_FUNCS
 OBJS += src/crypto/ms_funcs.c
 NEED_DES=y

diff --git a/hostapd/Makefile b/hostapd/Makefile
index 6e263c5a4afcb110e244f3209721425751bb4ce5..2b33d57c22ddd81f360ad8401a3f49cc469dad40 100644 (file)
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -313,6 +313,7 @@ OBJS += ../src/common/sae.o
 NEED_ECC=y
 NEED_DH_GROUPS=y
 NEED_AP_MLME=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_OWE
@@ -496,6 +497,7 @@ CFLAGS += -DEAP_SERVER_PWD
 OBJS += ../src/eap_server/eap_server_pwd.o ../src/eap_common/eap_pwd_common.o
 NEED_SHA256=y
 NEED_ECC=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_EAP_EKE
@@ -629,6 +631,10 @@ ifdef CONFIG_PKCS12
 CFLAGS += -DPKCS12_FUNCS
 endif
 
+ifdef NEED_DRAGONFLY
+OBJS += ../src/common/dragonfly.o
+endif
+
 ifdef MS_FUNCS
 OBJS += ../src/crypto/ms_funcs.o
 NEED_DES=y

diff --git a/src/common/dragonfly.c b/src/common/dragonfly.c
new file mode 100644 (file)
index 0000000..1e80404
--- /dev/null
+++ b/src/common/dragonfly.c
@@ -0,0 +1,27 @@
+/*
+ * Shared Dragonfly functionality
+ * Copyright (c) 2012-2016, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2019, The Linux Foundation
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "utils/includes.h"
+
+#include "utils/common.h"
+#include "dragonfly.h"
+
+
+int dragonfly_suitable_group(int group, int ecc_only)
+{
+       /* Enforce REVmd rules on which SAE groups are suitable for production
+        * purposes: FFC groups whose prime is >= 3072 bits and ECC groups
+        * defined over a prime field whose prime is >= 256 bits. Furthermore,
+        * ECC groups defined over a characteristic 2 finite field and ECC
+        * groups with a co-factor greater than 1 are not suitable. */
+       return group == 19 || group == 20 || group == 21 ||
+               group == 28 || group == 29 || group == 30 ||
+               (!ecc_only &&
+                (group == 15 || group == 16 || group == 17 || group == 18));
+}

diff --git a/src/common/dragonfly.h b/src/common/dragonfly.h
new file mode 100644 (file)
index 0000000..9f3c428
--- /dev/null
+++ b/src/common/dragonfly.h
@@ -0,0 +1,15 @@
+/*
+ * Shared Dragonfly functionality
+ * Copyright (c) 2012-2016, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2019, The Linux Foundation
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#ifndef DRAGONFLY_H
+#define DRAGONFLY_H
+
+int dragonfly_suitable_group(int group, int ecc_only);
+
+#endif /* DRAGONFLY_H */

diff --git a/src/common/sae.c b/src/common/sae.c
index 466d0a8530370aa2ef648e9f2f9b002be7171e45..205395868c09f0216df4c32d2dc277eca9ae5713 100644 (file)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -15,35 +15,22 @@
 #include "crypto/random.h"
 #include "crypto/dh_groups.h"
 #include "ieee802_11_defs.h"
+#include "dragonfly.h"
 #include "sae.h"
 
 
-static int sae_suitable_group(int group)
-{
-#ifdef CONFIG_TESTING_OPTIONS
-       /* Allow all groups for testing purposes in non-production builds. */
-       return 1;
-#else /* CONFIG_TESTING_OPTIONS */
-       /* Enforce REVmd rules on which SAE groups are suitable for production
-        * purposes: FFC groups whose prime is >= 3072 bits and ECC groups
-        * defined over a prime field whose prime is >= 256 bits. Furthermore,
-        * ECC groups defined over a characteristic 2 finite field and ECC
-        * groups with a co-factor greater than 1 are not suitable. */
-       return group == 19 || group == 20 || group == 21 ||
-               group == 28 || group == 29 || group == 30 ||
-               group == 15 || group == 16 || group == 17 || group == 18;
-#endif /* CONFIG_TESTING_OPTIONS */
-}
-
-
 int sae_set_group(struct sae_data *sae, int group)
 {
        struct sae_temporary_data *tmp;
 
-       if (!sae_suitable_group(group)) {
+#ifdef CONFIG_TESTING_OPTIONS
+       /* Allow all groups for testing purposes in non-production builds. */
+#else /* CONFIG_TESTING_OPTIONS */
+       if (!dragonfly_suitable_group(group, 0)) {
                wpa_printf(MSG_DEBUG, "SAE: Reject unsuitable group %d", group);
                return -1;
        }
+#endif /* CONFIG_TESTING_OPTIONS */
 
        sae_clear_data(sae);
        tmp = sae->tmp = os_zalloc(sizeof(*tmp));

diff --git a/src/eap_common/eap_pwd_common.c b/src/eap_common/eap_pwd_common.c
index 2efcfc7f95ad0113463c77c210bc09cb45f7f58d..abee3daa9febcffba7e5d887339c94ba520868d1 100644 (file)
--- a/src/eap_common/eap_pwd_common.c
+++ b/src/eap_common/eap_pwd_common.c
@@ -9,6 +9,7 @@
 #include "includes.h"
 #include "common.h"
 #include "utils/const_time.h"
+#include "common/dragonfly.h"
 #include "crypto/sha256.h"
 #include "crypto/crypto.h"
 #include "eap_defs.h"
@@ -85,20 +86,11 @@ static int eap_pwd_kdf(const u8 *key, size_t keylen, const u8 *label,
 }
 
 
-static int eap_pwd_suitable_group(u16 num)
-{
-       /* Do not allow ECC groups with prime under 256 bits based on guidance
-        * for the similar design in SAE. */
-       return num == 19 || num == 20 || num == 21 ||
-               num == 28 || num == 29 || num == 30;
-}
-
-
 EAP_PWD_group * get_eap_pwd_group(u16 num)
 {
        EAP_PWD_group *grp;
 
-       if (!eap_pwd_suitable_group(num)) {
+       if (!dragonfly_suitable_group(num, 1)) {
                wpa_printf(MSG_INFO, "EAP-pwd: unsuitable group %u", num);
                return NULL;
        }

diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 529693131308f4971c6337c6778bc8ca08562fc0..c0d68b807750357c0298435739a285e90a02574c 100644 (file)
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -243,6 +243,7 @@ L_CFLAGS += -DCONFIG_SAE
 OBJS += src/common/sae.c
 NEED_ECC=y
 NEED_DH_GROUPS=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_DPP
@@ -690,6 +691,7 @@ OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c
 CONFIG_IEEE8021X_EAPOL=y
 NEED_SHA256=y
 NEED_ECC=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_EAP_EKE
@@ -979,6 +981,10 @@ ifdef CONFIG_SMARTCARD
 L_CFLAGS += -DCONFIG_SMARTCARD
 endif
 
+ifdef NEED_DRAGONFLY
+OBJS += src/common/dragonfly.c
+endif
+
 ifdef MS_FUNCS
 OBJS += src/crypto/ms_funcs.c
 NEED_DES=y

diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index e81238e3924e00431ba3978928285e35a0c9440d..3e5610457c924ad45d02d53a04d7d478f4578a2e 100644 (file)
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -275,6 +275,7 @@ CFLAGS += -DCONFIG_SAE
 OBJS += ../src/common/sae.o
 NEED_ECC=y
 NEED_DH_GROUPS=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_DPP
@@ -720,6 +721,7 @@ OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o
 CONFIG_IEEE8021X_EAPOL=y
 NEED_SHA256=y
 NEED_ECC=y
+NEED_DRAGONFLY=y
 endif
 
 ifdef CONFIG_EAP_EKE
@@ -1023,6 +1025,10 @@ ifdef CONFIG_SMARTCARD
 CFLAGS += -DCONFIG_SMARTCARD
 endif
 
+ifdef NEED_DRAGONFLY
+OBJS += ../src/common/dragonfly.o
+endif
+
 ifdef MS_FUNCS
 OBJS += ../src/crypto/ms_funcs.o
 NEED_DES=y