P2P2: Device Identity Key generation and storage in configuration

Generate a random device identity key and save it to the config file.
Use the same identity key from config to derive DIRA for NAN SDF frames.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>

diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index b02b694a3ac62dbdacae1b76f05efd66a5dd4d66..77253e10affe3a9d22186ce1a29859cb82988d04 100644 (file)
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -3095,6 +3095,7 @@ void wpa_config_free(struct wpa_config *config)
        os_free(config->dpp_mud_url);
        os_free(config->dpp_extra_conf_req_name);
        os_free(config->dpp_extra_conf_req_value);
+       wpabuf_free(config->dik);
 
        os_free(config);
 }
@@ -5486,6 +5487,8 @@ static const struct global_parse_data global_fields[] = {
        { FUNC(p2p_device_persistent_mac_addr), 0 },
        { INT(p2p_interface_random_mac_addr), 0 },
        { INT(p2p_6ghz_disable), 0 },
+       { INT(dik_cipher), 0},
+       { BIN(dik), 0 },
 #endif /* CONFIG_P2P */
        { FUNC(country), CFG_CHANGED_COUNTRY },
        { INT(bss_max_count), 0 },

diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index d74b5c45521a206d6780027b48035c84c6d8523c..979f083dab54aa4ee2bf6e70134bb23f7a356beb 100644 (file)
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -1814,6 +1814,12 @@ struct wpa_config {
 
        int mld_force_single_link;
 #endif /* CONFIG_TESTING_OPTIONS */
+
+       /* Cipher version type */
+       int dik_cipher;
+
+       /* DevIK */
+       struct wpabuf *dik;
 };
 
 

diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index 782bd7f850462c7e38a870e41feb3a69e7b8d4f4..20b309a7f4884de17e8f53c57f99bbf6d2fbc760 100644 (file)
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -1629,6 +1629,10 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
 #endif /* CONFIG_TESTING_OPTIONS */
        if (config->ft_prepend_pmkid)
                fprintf(f, "ft_prepend_pmkid=%d\n", config->ft_prepend_pmkid);
+       if (config->dik) {
+               fprintf(f, "dik_cipher=%d\n", config->dik_cipher);
+               write_global_bin(f, "dik", config->dik);
+       }
 }
 
 #endif /* CONFIG_NO_CONFIG_WRITE */

diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 2df2d108bd9a151a2cd047f1d8e7127307bb3414..cbb63e5f20bcc84b15f02424d0685bddb2fd26a6 100644 (file)
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -5057,6 +5057,34 @@ int wpas_p2p_init(struct wpa_global *global, struct wpa_supplicant *wpa_s)
        else
                p2p.passphrase_len = 8;
 
+       if (wpa_s->conf->dik &&
+           wpabuf_len(wpa_s->conf->dik) <= DEVICE_IDENTITY_KEY_MAX_LEN) {
+               p2p.pairing_config.dik_cipher = wpa_s->conf->dik_cipher;
+               p2p.pairing_config.dik_len = wpabuf_len(wpa_s->conf->dik);
+               os_memcpy(p2p.pairing_config.dik_data,
+                         wpabuf_head(wpa_s->conf->dik),
+                         p2p.pairing_config.dik_len);
+       } else {
+               p2p.pairing_config.dik_cipher = DIRA_CIPHER_VERSION_128;
+               p2p.pairing_config.dik_len = DEVICE_IDENTITY_KEY_LEN;
+               if (os_get_random(p2p.pairing_config.dik_data,
+                                 p2p.pairing_config.dik_len) < 0)
+                       return -1;
+
+               wpa_s->conf->dik =
+                       wpabuf_alloc_copy(p2p.pairing_config.dik_data,
+                                         p2p.pairing_config.dik_len);
+               if (!wpa_s->conf->dik)
+                       return -1;
+
+               wpa_s->conf->dik_cipher = p2p.pairing_config.dik_cipher;
+
+               if (wpa_s->conf->update_config &&
+                   wpa_config_write(wpa_s->confname, wpa_s->conf))
+                       wpa_printf(MSG_DEBUG,
+                                  "P2P: Failed to update configuration");
+       }
+
        global->p2p = p2p_init(&p2p);
        if (global->p2p == NULL)
                return -1;