P2P2: Enable GCMP-256 as a pairwise cipher

Add GCMP-256 as a pairwise cipher based on PASN type during pairing.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index f4ba0eaa73f27fd6b99295dd1e7280b131472ab5..f9743b1a9e400d37cd22e1846c154e462109df40 100644 (file)
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -1858,6 +1858,10 @@ int p2p_go_params(struct p2p_data *p2p, struct p2p_go_neg_results *params)
        }
        p2p->ssid_set = 0;
 
+       params->cipher = WPA_CIPHER_CCMP;
+       if (p2p->cfg->pairing_config.pasn_type & 0xc)
+               params->cipher |= WPA_CIPHER_GCMP_256;
+
        p2p_random(params->passphrase, p2p->cfg->passphrase_len);
        params->passphrase[p2p->cfg->passphrase_len] = '\0';
        return 0;
@@ -1929,6 +1933,7 @@ void p2p_go_complete(struct p2p_data *p2p, struct p2p_device *peer)
        if (peer->p2p2 && peer->pasn) {
                res.p2p2 = peer->p2p2;
                res.akmp = peer->pasn->akmp;
+               res.cipher = peer->pasn->cipher;
 
                if (res.akmp == WPA_KEY_MGMT_PASN) {
                        if (go) {

diff --git a/src/p2p/p2p.h b/src/p2p/p2p.h
index afca5a4c7fec34e5f47d9c83880b43c7c4ecd228..5d6f41b3cde860d036248856065332808daa925d 100644 (file)
--- a/src/p2p/p2p.h
+++ b/src/p2p/p2p.h
@@ -193,6 +193,11 @@ struct p2p_go_neg_results {
         */
        int akmp;
 
+       /**
+        * cipher - Pairwise cipher(s) for the group for P2P2
+        */
+       int cipher;
+
        /**
         * pmkid - PMKID for P2P2 when PMK is derived as part of pairing
         */

diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 1f4c2fbfe7de79e9d98efa302fda51933df78f6c..7b00c88c1dcdf303069c3da35d0d6de4ff1f15e2 100644 (file)
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -1894,6 +1894,8 @@ static void wpas_start_gc(struct wpa_supplicant *wpa_s,
        ssid->key_mgmt = WPA_KEY_MGMT_SAE;
        ssid->pairwise_cipher = WPA_CIPHER_CCMP;
        ssid->group_cipher = WPA_CIPHER_CCMP;
+       if (res->cipher)
+               ssid->pairwise_cipher |= res->cipher;
        ssid->sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
        ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
        ssid->disabled = 0;
@@ -2342,6 +2344,8 @@ static void wpas_start_go(struct wpa_supplicant *wpa_s,
                ssid->sae_password = os_strdup(params->sae_password);
                ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
                ssid->sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
+               if (params->cipher)
+                       ssid->pairwise_cipher |= params->cipher;
        }
 
        wpa_s->ap_configured_cb = p2p_go_configured;