DPP: Add the crypto suite field to the frames

This additional field was added to DPP Public Action frames in DPP tech
spec v0.2.3 to support cryptographic agility in the future.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c
index d18d31fd3e8a721c490626939000db71924ba695..df0231ae2a328a088fa039f7317c18393996ca76 100644 (file)
--- a/src/ap/dpp_hostapd.c
+++ b/src/ap/dpp_hostapd.c
@@ -1204,18 +1204,24 @@ hostapd_dpp_rx_pkex_commit_reveal_resp(struct hostapd_data *hapd, const u8 *src,
 void hostapd_dpp_rx_action(struct hostapd_data *hapd, const u8 *src,
                           const u8 *buf, size_t len, unsigned int freq)
 {
+       u8 crypto_suite;
        enum dpp_public_action_frame_type type;
 
-       if (len < 1)
+       if (len < 2)
                return;
-       type = buf[0];
-       buf++;
-       len--;
+       crypto_suite = *buf++;
+       type = *buf++;
+       len -= 2;
 
        wpa_printf(MSG_DEBUG,
-                  "DPP: Received DPP Public Action frame type %d from "
+                  "DPP: Received DPP Public Action frame crypto suite %u type %d from "
                   MACSTR " freq=%u",
-                  type, MAC2STR(src), freq);
+                  crypto_suite, type, MAC2STR(src), freq);
+       if (crypto_suite != 1) {
+               wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u",
+                          crypto_suite);
+               return;
+       }
        wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len);
        if (dpp_check_attrs(buf, len) < 0)
                return;

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 85b97fb4fe01d0a15ae57bfd8fed2a7f777ca76c..649464bcea2847d352d8a6b7fc6bd2f336b5e67d 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -484,13 +484,14 @@ struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type,
 {
        struct wpabuf *msg;
 
-       msg = wpabuf_alloc(7 + len);
+       msg = wpabuf_alloc(8 + len);
        if (!msg)
                return NULL;
        wpabuf_put_u8(msg, WLAN_ACTION_PUBLIC);
        wpabuf_put_u8(msg, WLAN_PA_VENDOR_SPECIFIC);
        wpabuf_put_be24(msg, OUI_WFA);
        wpabuf_put_u8(msg, DPP_OUI_TYPE);
+       wpabuf_put_u8(msg, 1); /* Crypto Suite */
        wpabuf_put_u8(msg, type);
        return msg;
 }

diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c
index 2492749fed07fdc8b9730a733c05471000a729d5..50003e87e6b298a04a3e4d7e546147709f8c8153 100644 (file)
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@@ -1587,18 +1587,24 @@ wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src,
                        const u8 *buf, size_t len, unsigned int freq)
 {
+       u8 crypto_suite;
        enum dpp_public_action_frame_type type;
 
-       if (len < 1)
+       if (len < 2)
                return;
-       type = buf[0];
-       buf++;
-       len--;
+       crypto_suite = *buf++;
+       type = *buf++;
+       len -= 2;
 
        wpa_printf(MSG_DEBUG,
-                  "DPP: Received DPP Public Action frame type %d from "
+                  "DPP: Received DPP Public Action frame crypto suite %u type %d from "
                   MACSTR " freq=%u",
-                  type, MAC2STR(src), freq);
+                  crypto_suite, type, MAC2STR(src), freq);
+       if (crypto_suite != 1) {
+               wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u",
+                          crypto_suite);
+               return;
+       }
        wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len);
        if (dpp_check_attrs(buf, len) < 0)
                return;