SAE: Remove now unused password identifier argument from non-H2E case

IEEE Std 802.11-2020 mandates H2E to be used whenever an SAE password
identifier is used. While this was already covered in the
implementation, the sae_prepare_commit() function still included an
argument for specifying the password identifier since that was used in
an old test vector. Now that that test vector has been updated, there is
no more need for this argument anymore. Simplify the older non-H2E case
to not pass through a pointer to the (not really used) password
identifier.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index f7f07b4944bde2964e4f415f29a1058d30bf3ceb..7b96ba07d10831c86d0c78a337f72e12cd042ea2 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -572,7 +572,7 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd,
 
        if (update && !use_pt &&
            sae_prepare_commit(hapd->own_addr, sta->addr,
-                              (u8 *) password, os_strlen(password), rx_id,
+                              (u8 *) password, os_strlen(password),
                               sta->sae) < 0) {
                wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE");
                return NULL;

diff --git a/src/common/common_module_tests.c b/src/common/common_module_tests.c
index d7b2c05ac73fda1038477b5b7f35dc738ae5114d..8aba713f92bac6262ea4df2fdb12f7597cd02579 100644 (file)
--- a/src/common/common_module_tests.c
+++ b/src/common/common_module_tests.c
@@ -394,7 +394,7 @@ static int sae_tests(void)
        if (!buf ||
            sae_set_group(&sae, 19) < 0 ||
            sae_prepare_commit(addr1, addr2, (const u8 *) pw, os_strlen(pw),
-                              NULL, &sae) < 0)
+                              &sae) < 0)
                goto fail;
 
        /* Override local values based on SAE test vector */

diff --git a/src/common/sae.c b/src/common/sae.c
index 0f53c4df5e7aaf6ba9f66ea8f75f137fec08f4b3..74920a78e46a06157e3a3fa9e6ee99f7e87947e7 100644 (file)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -280,13 +280,12 @@ fail:
 
 static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1,
                              const u8 *addr2, const u8 *password,
-                             size_t password_len, const char *identifier)
+                             size_t password_len)
 {
        u8 counter, k;
        u8 addrs[2 * ETH_ALEN];
-       const u8 *addr[3];
-       size_t len[3];
-       size_t num_elem;
+       const u8 *addr[2];
+       size_t len[2];
        u8 *dummy_password, *tmp_password;
        int pwd_seed_odd = 0;
        u8 prime[SAE_MAX_ECC_PRIME_LEN];
@@ -324,13 +323,10 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1,
 
        wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password",
                              password, password_len);
-       if (identifier)
-               wpa_printf(MSG_DEBUG, "SAE: password identifier: %s",
-                          identifier);
 
        /*
         * H(salt, ikm) = HMAC-SHA256(salt, ikm)
-        * base = password [|| identifier]
+        * base = password
         * pwd-seed = H(MAX(STA-A-MAC, STA-B-MAC) || MIN(STA-A-MAC, STA-B-MAC),
         *              base || counter)
         */
@@ -338,15 +334,8 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1,
 
        addr[0] = tmp_password;
        len[0] = password_len;
-       num_elem = 1;
-       if (identifier) {
-               addr[num_elem] = (const u8 *) identifier;
-               len[num_elem] = os_strlen(identifier);
-               num_elem++;
-       }
-       addr[num_elem] = &counter;
-       len[num_elem] = sizeof(counter);
-       num_elem++;
+       addr[1] = &counter;
+       len[1] = sizeof(counter);
 
        /*
         * Continue for at least k iterations to protect against side-channel
@@ -367,7 +356,7 @@ static int sae_derive_pwe_ecc(struct sae_data *sae, const u8 *addr1,
                wpa_printf(MSG_DEBUG, "SAE: counter = %03u", counter);
                const_time_select_bin(found, dummy_password, password,
                                      password_len, tmp_password);
-               if (hmac_sha256_vector(addrs, sizeof(addrs), num_elem,
+               if (hmac_sha256_vector(addrs, sizeof(addrs), 2,
                                       addr, len, pwd_seed) < 0)
                        break;
 
@@ -438,13 +427,12 @@ fail:
 
 static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1,
                              const u8 *addr2, const u8 *password,
-                             size_t password_len, const char *identifier)
+                             size_t password_len)
 {
        u8 counter, k, sel_counter = 0;
        u8 addrs[2 * ETH_ALEN];
-       const u8 *addr[3];
-       size_t len[3];
-       size_t num_elem;
+       const u8 *addr[2];
+       size_t len[2];
        u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_*
                       * mask */
        u8 mask;
@@ -468,21 +456,14 @@ static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1,
        /*
         * H(salt, ikm) = HMAC-SHA256(salt, ikm)
         * pwd-seed = H(MAX(STA-A-MAC, STA-B-MAC) || MIN(STA-A-MAC, STA-B-MAC),
-        *              password [|| identifier] || counter)
+        *              password || counter)
         */
        sae_pwd_seed_key(addr1, addr2, addrs);
 
        addr[0] = password;
        len[0] = password_len;
-       num_elem = 1;
-       if (identifier) {
-               addr[num_elem] = (const u8 *) identifier;
-               len[num_elem] = os_strlen(identifier);
-               num_elem++;
-       }
-       addr[num_elem] = &counter;
-       len[num_elem] = sizeof(counter);
-       num_elem++;
+       addr[1] = &counter;
+       len[1] = sizeof(counter);
 
        k = dragonfly_min_pwe_loop_iter(sae->group);
 
@@ -497,7 +478,7 @@ static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1,
                }
 
                wpa_printf(MSG_DEBUG, "SAE: counter = %02u", counter);
-               if (hmac_sha256_vector(addrs, sizeof(addrs), num_elem,
+               if (hmac_sha256_vector(addrs, sizeof(addrs), 2,
                                       addr, len, pwd_seed) < 0)
                        break;
                res = sae_test_pwd_seed_ffc(sae, pwd_seed, pwe);
@@ -1354,15 +1335,13 @@ static int sae_derive_commit(struct sae_data *sae)
 
 int sae_prepare_commit(const u8 *addr1, const u8 *addr2,
                       const u8 *password, size_t password_len,
-                      const char *identifier, struct sae_data *sae)
+                      struct sae_data *sae)
 {
        if (sae->tmp == NULL ||
            (sae->tmp->ec && sae_derive_pwe_ecc(sae, addr1, addr2, password,
-                                               password_len,
-                                               identifier) < 0) ||
+                                               password_len) < 0) ||
            (sae->tmp->dh && sae_derive_pwe_ffc(sae, addr1, addr2, password,
-                                               password_len,
-                                               identifier) < 0))
+                                               password_len) < 0))
                return -1;
 
        sae->h2e = 0;

diff --git a/src/common/sae.h b/src/common/sae.h
index 2243c0f339b0beb3b0b6d8af0bbea8bdb8fe8b68..93fc5fb39712b76fa104b773f8a40842ad581e32 100644 (file)
--- a/src/common/sae.h
+++ b/src/common/sae.h
@@ -122,7 +122,7 @@ void sae_clear_data(struct sae_data *sae);
 
 int sae_prepare_commit(const u8 *addr1, const u8 *addr2,
                       const u8 *password, size_t password_len,
-                      const char *identifier, struct sae_data *sae);
+                      struct sae_data *sae);
 int sae_prepare_commit_pt(struct sae_data *sae, const struct sae_pt *pt,
                          const u8 *addr1, const u8 *addr2,
                          int *rejected_groups, const struct sae_pk *pk);

diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index 834c7a1ccc887ff58ed321f8a8caf4f444c23ac6..65daa77c2c98a64841aa112fd8af6c1e0530b49a 100644 (file)
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -344,7 +344,6 @@ static int mesh_rsn_build_sae_commit(struct wpa_supplicant *wpa_s,
        }
        return sae_prepare_commit(wpa_s->own_addr, sta->addr,
                                  (u8 *) password, os_strlen(password),
-                                 ssid->sae_password_id,
                                  sta->sae);
 }
 

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index dde80863a988ce4d64e3e77864cad5507dfba7b3..72aa9b5b8f18b8618788f97b4bc9e1fb723784e8 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -186,7 +186,6 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
        if (!use_pt &&
            sae_prepare_commit(wpa_s->own_addr, bssid,
                               (u8 *) password, os_strlen(password),
-                              ssid->sae_password_id,
                               &wpa_s->sme.sae) < 0) {
                wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE");
                return NULL;