return 0;
return hapd->driver->dpp_listen(hapd->drv_priv, enable);
}
+
+
+#ifdef CONFIG_PASN
+int hostapd_drv_set_secure_ranging_ctx(struct hostapd_data *hapd,
+ const u8 *own_addr, const u8 *peer_addr,
+ u32 cipher, u8 tk_len, const u8 *tk,
+ u8 ltf_keyseed_len,
+ const u8 *ltf_keyseed, u32 action)
+{
+ struct secure_ranging_params params;
+
+ if (!hapd->driver || !hapd->driver->set_secure_ranging_ctx)
+ return 0;
+
+ os_memset(¶ms, 0, sizeof(params));
+ params.own_addr = own_addr;
+ params.peer_addr = peer_addr;
+ params.cipher = cipher;
+ params.tk_len = tk_len;
+ params.tk = tk;
+ params.ltf_keyseed_len = ltf_keyseed_len;
+ params.ltf_keyseed = ltf_keyseed;
+ params.action = action;
+
+ return hapd->driver->set_secure_ranging_ctx(hapd->drv_priv, ¶ms);
+}
+#endif /* CONFIG_PASN */
int hostapd_drv_update_dh_ie(struct hostapd_data *hapd, const u8 *peer,
u16 reason_code, const u8 *ie, size_t ielen);
int hostapd_drv_dpp_listen(struct hostapd_data *hapd, bool enable);
+int hostapd_drv_set_secure_ranging_ctx(struct hostapd_data *hapd,
+ const u8 *own_addr, const u8 *addr,
+ u32 cipher, u8 key_len, const u8 *key,
+ u8 ltf_keyseed_len,
+ const u8 *ltf_keyseed, u32 action);
#include "drivers/driver.h"
goto fail;
}
+ if (pasn->secure_ltf) {
+ ret = wpa_ltf_keyseed(&pasn->ptk, pasn->akmp, pasn->cipher);
+ if (ret) {
+ wpa_printf(MSG_DEBUG,
+ "PASN: FILS: Failed to derive LTF keyseed");
+ goto fail;
+ }
+ }
+
wpa_printf(MSG_DEBUG, "PASN: PTK successfully derived");
wpabuf_free(pasn->secret);
}
+static int pasn_set_keys_from_cache(struct hostapd_data *hapd,
+ const u8 *own_addr, const u8 *sta_addr,
+ int cipher, int akmp)
+{
+ struct ptksa_cache_entry *entry;
+
+ entry = ptksa_cache_get(hapd->ptksa, sta_addr, cipher);
+ if (!entry) {
+ wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR
+ " not present in PTKSA cache", MAC2STR(sta_addr));
+ return -1;
+ }
+
+ if (os_memcmp(entry->own_addr, own_addr, ETH_ALEN) != 0) {
+ wpa_printf(MSG_DEBUG,
+ "PASN: own addr " MACSTR " and PTKSA entry own addr "
+ MACSTR " differ",
+ MAC2STR(own_addr), MAC2STR(entry->own_addr));
+ return -1;
+ }
+
+ wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache",
+ MAC2STR(sta_addr));
+ hostapd_drv_set_secure_ranging_ctx(hapd, own_addr, sta_addr, cipher,
+ entry->ptk.tk_len, entry->ptk.tk,
+ entry->ptk.ltf_keyseed_len,
+ entry->ptk.ltf_keyseed, 0);
+
+ return 0;
+}
+
+
static int
pasn_derive_keys(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *cached_pmk, size_t cached_pmk_len,
return -1;
}
+ if (sta->pasn->secure_ltf) {
+ ret = wpa_ltf_keyseed(&sta->pasn->ptk, sta->pasn->akmp,
+ sta->pasn->cipher);
+ if (ret) {
+ wpa_printf(MSG_DEBUG,
+ "PASN: Failed to derive LTF keyseed");
+ return -1;
+ }
+ }
+
wpa_printf(MSG_DEBUG, "PASN: PTK successfully derived");
return 0;
}
sta->pasn->kdk_len = 0;
wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", sta->pasn->kdk_len);
+ if ((hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_AP) &&
+ ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len,
+ WLAN_RSNX_CAPAB_SECURE_LTF))
+ sta->pasn->secure_ltf = true;
+ else
+ sta->pasn->secure_ltf = false;
+
if (!elems.pasn_params || !elems.pasn_params_len) {
wpa_printf(MSG_DEBUG,
"PASN: No PASN Parameters element found");
ptksa_cache_add(hapd->ptksa, hapd->own_addr, sta->addr,
sta->pasn->cipher, 43200, &sta->pasn->ptk, NULL, NULL);
+ pasn_set_keys_from_cache(hapd, hapd->own_addr, sta->addr,
+ sta->pasn->cipher, sta->pasn->akmp);
fail:
ap_free_sta(hapd, sta);
}
projects / thirdparty / hostap.git / commitdiff
