P2P2: Add a SAE password in PASN Encrypted Data element

This is added for opportunistic bootstrapping cases. In addition,
generate a random SAE password for pairing when needed, i.e., when the
request is not for an existing GO.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index cfb2273c7f5e925f0c27ba0653b6f2eb65a743bb..4a03c0603c9a2d751a86d69d720685dfb14e7bf1 100644 (file)
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -249,6 +249,7 @@ void p2p_go_neg_failed(struct p2p_data *p2p, int status)
 #ifdef CONFIG_PASN
        if (peer->p2p2 && peer->pasn)
                wpa_pasn_reset(peer->pasn);
+       os_memset(p2p->dev_sae_password, 0, sizeof(p2p->dev_sae_password));
        os_memset(p2p->peer_sae_password, 0, sizeof(p2p->peer_sae_password));
 #endif /* CONFIG_PASN */
 
@@ -6366,6 +6367,27 @@ static int p2p_pasn_add_encrypted_data(struct p2p_data *p2p,
                             (u8 *) wpabuf_put(p2p2_ie, 0) - dika_len - 2);
        }
 
+       if (dev->req_bootstrap_method == P2P_PBMA_OPPORTUNISTIC) {
+               if (!p2p->dev_sae_password[0]) {
+                       int password_len;
+
+                       /* SAE password is not available as the request is not
+                        * for an existing GO. Pick a random SAE password of
+                        * length between 10 and 20. */
+                       password_len = 10 + os_random() % 10;
+                       if (p2p_random(p2p->dev_sae_password,
+                                      password_len) < 0) {
+                               wpabuf_free(p2p2_ie);
+                               return -1;
+                       }
+                       p2p->dev_sae_password[password_len] = '\0';
+               }
+
+               wpabuf_put_u8(p2p2_ie, P2P_ATTR_PASSWORD);
+               wpabuf_put_le16(p2p2_ie, os_strlen(p2p->dev_sae_password));
+               wpabuf_put_str(p2p2_ie, p2p->dev_sae_password);
+       }
+
        p2p_buf_update_ie_hdr(p2p2_ie, p2p2_ie_len);
 
        ret = pasn_add_encrypted_data(pasn, buf, wpabuf_mhead_u8(p2p2_ie),

diff --git a/src/p2p/p2p_i.h b/src/p2p/p2p_i.h
index e7aeb4197f1b48b9b4313d7987380cdae9e6a6f5..89e5eeab40913e54b2a774c42bf29a10afa87f78 100644 (file)
--- a/src/p2p/p2p_i.h
+++ b/src/p2p/p2p_i.h
@@ -660,6 +660,7 @@ struct p2p_data {
         * PASN authentication or while joining an existing group. This will be
         * moved to a more permanent location from struct p2p_data at the
         * conclusion of a successful pairing. */
+       char dev_sae_password[100];
        char peer_sae_password[100];
 };