DPP: Move PKEX Commit-Reveal Request building to a helper function

author Jouni Malinen <jouni@qca.qualcomm.com>

Thu, 2 Nov 2017 19:21:55 +0000 (21:21 +0200)

committer Jouni Malinen <j@w1.fi>

Thu, 2 Nov 2017 19:34:50 +0000 (21:34 +0200)
author Jouni Malinen <jouni@qca.qualcomm.com>
Thu, 2 Nov 2017 19:21:55 +0000 (21:21 +0200)
committer Jouni Malinen <j@w1.fi>
Thu, 2 Nov 2017 19:34:50 +0000 (21:34 +0200)
diff --git a/src/common/dpp.c b/src/common/dpp.c

index c1ec2d04128b84d4a15c7aec4703c7ca256845fa..ca4e6bf36e20a0576703449cdabc2d53dc2a20b3 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -5905,6 +5905,80 @@ static int dpp_pkex_derive_z(const u8 *mac_init, const u8 *mac_resp,
  }
  
  
+static struct wpabuf *
+dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex,
+                                const struct wpabuf *A_pub, const u8 *u)
+{
+       const struct dpp_curve_params *curve = pkex->own_bi->curve;
+       struct wpabuf *msg = NULL;
+       size_t clear_len, attr_len;
+       struct wpabuf *clear = NULL;
+       u8 *wrapped;
+       u8 octet;
+       const u8 *addr[2];
+       size_t len[2];
+
+       /* {A, u, [bootstrapping info]}z */
+       clear_len = 4 + 2 * curve->prime_len + 4 + curve->hash_len;
+       clear = wpabuf_alloc(clear_len);
+       attr_len = 4 + clear_len + AES_BLOCK_SIZE;
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ)
+               attr_len += 4;
+#endif /* CONFIG_TESTING_OPTIONS */
+       msg = dpp_alloc_msg(DPP_PA_PKEX_COMMIT_REVEAL_REQ, attr_len);
+       if (!clear || !msg)
+               goto fail;
+
+       /* A in Bootstrap Key attribute */
+       wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY);
+       wpabuf_put_le16(clear, wpabuf_len(A_pub));
+       wpabuf_put_buf(clear, A_pub);
+
+       /* u in I-Auth tag attribute */
+       wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG);
+       wpabuf_put_le16(clear, curve->hash_len);
+       wpabuf_put_data(clear, u, curve->hash_len);
+
+       addr[0] = wpabuf_head_u8(msg) + 2;
+       len[0] = DPP_HDR_LEN;
+       octet = 0;
+       addr[1] = &octet;
+       len[1] = sizeof(octet);
+       wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
+       wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
+
+       wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
+       wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
+       wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
+
+       wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
+       if (aes_siv_encrypt(pkex->z, curve->hash_len,
+                           wpabuf_head(clear), wpabuf_len(clear),
+                           2, addr, len, wrapped) < 0)
+               goto fail;
+       wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
+                   wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
+
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data");
+               wpabuf_put_le16(msg, DPP_ATTR_TESTING);
+               wpabuf_put_le16(msg, 0);
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
+out:
+       wpabuf_free(clear);
+       return msg;
+
+fail:
+       wpabuf_free(msg);
+       msg = NULL;
+       goto out;
+}
+
+
  struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
                                           const u8 *buf, size_t buflen)
  {
@@ -5912,9 +5986,6 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
         u16 attr_status_len, attr_id_len, attr_key_len;
         const EC_GROUP *group;
         BN_CTX *bnctx = NULL;
-       size_t clear_len, attr_len;
-       struct wpabuf *clear = NULL;
-       u8 *wrapped;
         struct wpabuf *msg = NULL, *A_pub = NULL, *X_pub = NULL, *Y_pub = NULL;
         const struct dpp_curve_params *curve = pkex->own_bi->curve;
         EC_POINT *Qr = NULL, *Y = NULL, *N = NULL;
@@ -5926,7 +5997,6 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
         const u8 *addr[4];
         size_t len[4];
         u8 u[DPP_MAX_HASH_LEN];
-       u8 octet;
         int res;
  
         attr_status = dpp_get_attr(buf, buflen, DPP_ATTR_STATUS,
@@ -6062,58 +6132,11 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
         if (res < 0)
                 goto fail;
  
-       /* {A, u, [bootstrapping info]}z */
-       clear_len = 4 + 2 * curve->prime_len + 4 + curve->hash_len;
-       clear = wpabuf_alloc(clear_len);
-       attr_len = 4 + clear_len + AES_BLOCK_SIZE;
-#ifdef CONFIG_TESTING_OPTIONS
-       if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ)
-               attr_len += 4;
-#endif /* CONFIG_TESTING_OPTIONS */
-       msg = dpp_alloc_msg(DPP_PA_PKEX_COMMIT_REVEAL_REQ, attr_len);
-       if (!clear || !msg)
-               goto fail;
-
-       /* A in Bootstrap Key attribute */
-       wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY);
-       wpabuf_put_le16(clear, wpabuf_len(A_pub));
-       wpabuf_put_buf(clear, A_pub);
-
-       /* u in I-Auth tag attribute */
-       wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG);
-       wpabuf_put_le16(clear, curve->hash_len);
-       wpabuf_put_data(clear, u, curve->hash_len);
-
-       addr[0] = wpabuf_head_u8(msg) + 2;
-       len[0] = DPP_HDR_LEN;
-       octet = 0;
-       addr[1] = &octet;
-       len[1] = sizeof(octet);
-       wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
-       wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
-
-       wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
-       wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
-       wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
-
-       wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
-       if (aes_siv_encrypt(pkex->z, curve->hash_len,
-                           wpabuf_head(clear), wpabuf_len(clear),
-                           2, addr, len, wrapped) < 0)
+       msg = dpp_pkex_build_commit_reveal_req(pkex, A_pub, u);
+       if (!msg)
                 goto fail;
-       wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
-                   wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
-
-#ifdef CONFIG_TESTING_OPTIONS
-       if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_PKEX_CR_REQ) {
-               wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data");
-               wpabuf_put_le16(msg, DPP_ATTR_TESTING);
-               wpabuf_put_le16(msg, 0);
-       }
-#endif /* CONFIG_TESTING_OPTIONS */
  
  out:
-       wpabuf_free(clear);
         wpabuf_free(A_pub);
         wpabuf_free(X_pub);
         wpabuf_free(Y_pub);
@@ -6128,8 +6151,6 @@ out:
         return msg;
  fail:
         wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response processing failed");
-       wpabuf_free(msg);
-       msg = NULL;
         goto out;
  }
author	Jouni Malinen <jouni@qca.qualcomm.com>
	Thu, 2 Nov 2017 19:21:55 +0000 (21:21 +0200)
committer	Jouni Malinen <j@w1.fi>
	Thu, 2 Nov 2017 19:34:50 +0000 (21:34 +0200)