DPP2: Replace OneAsymmetricKey version number (v2 to v1)

DPP tech spec was modified to use v1(0) instead of v2(1) for the
OneAsymmetricKey in the Configurator backup structure to match the
description in RFC 5958 Section 2 which indicates v2 to be used when any
items tagged as version 2 are included. No such items are actually
included in this case, so v1 should be used instead.

Change OneAsymmetricKey generation to use v1(0) instead of v2(1) and
parsing to accept either version to be used. This is not backwards
compatible with the earlier implementation which requires v2(1) when
parsing the received value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/common/dpp_backup.c b/src/common/dpp_backup.c
index e12bc6d7ca0f7947dfe60c39612909b44a851157..67ca1a5d227db84af021cb9b51039d3280c476be 100644 (file)
--- a/src/common/dpp_backup.c
+++ b/src/common/dpp_backup.c
@@ -189,7 +189,7 @@ static struct wpabuf * dpp_build_key_pkg(struct dpp_authentication *auth)
        if (!key)
                goto fail;
 
-       asn1_put_integer(key, 1); /* version = v2(1) */
+       asn1_put_integer(key, 0); /* version = v1(0) */
 
        /* PrivateKeyAlgorithmIdentifier */
        wpabuf_put_buf(key, alg);
@@ -908,7 +908,7 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len)
        /* Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2) */
        if (asn1_get_integer(pos, end - pos, &val, &pos) < 0)
                goto fail;
-       if (val != 1) {
+       if (val != 0 && val != 1) {
                wpa_printf(MSG_DEBUG,
                           "DPP: Unsupported DPPAsymmetricKeyPackage version %d",
                           val);