SAE: Move H2E and PK flags to main sae_data

This maintains knowledge of whether H2E or PK was used as part of the
SAE authentication beyond the removal of temporary state needed during
that authentication. This makes it easier to use information about which
kind of SAE authentication was used at higher layer functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 173549e7bb41bcc69b2c00e5955456ac16d8b658..36678e7a31f362f478cca01c46966ab8600e29bc 100644 (file)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -439,7 +439,7 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
 #ifdef CONFIG_SAE
                if (hapd->conf->sae_pwe == 2 &&
                    sta->auth_alg == WLAN_AUTH_SAE &&
-                   sta->sae && sta->sae->tmp && !sta->sae->tmp->h2e &&
+                   sta->sae && !sta->sae->h2e &&
                    elems.rsnxe && elems.rsnxe_len >= 1 &&
                    (elems.rsnxe[0] & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
                        wpa_printf(MSG_INFO, "SAE: " MACSTR

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 0822dfd34b2aa49ad24af40ad73e3815a580ae74..eca8b19ad1690195bf98e3e63c0658eeda773fdc 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -483,7 +483,7 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd,
 
        if (sta->sae->tmp) {
                rx_id = sta->sae->tmp->pw_id;
-               use_pt = sta->sae->tmp->h2e;
+               use_pt = sta->sae->h2e;
 #ifdef CONFIG_SAE_PK
                os_memcpy(sta->sae->tmp->own_addr, hapd->own_addr, ETH_ALEN);
                os_memcpy(sta->sae->tmp->peer_addr, sta->addr, ETH_ALEN);
@@ -594,9 +594,9 @@ static int auth_sae_send_commit(struct hostapd_data *hapd,
        if (data == NULL)
                return WLAN_STATUS_UNSPECIFIED_FAILURE;
 
-       if (sta->sae->tmp && sta->sae->tmp->pk)
+       if (sta->sae->tmp && sta->sae->pk)
                status = WLAN_STATUS_SAE_PK;
-       else if (sta->sae->tmp && sta->sae->tmp->h2e)
+       else if (sta->sae->tmp && sta->sae->h2e)
                status = WLAN_STATUS_SAE_HASH_TO_ELEMENT;
        else
                status = WLAN_STATUS_SUCCESS;
@@ -921,11 +921,11 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta,
        case SAE_NOTHING:
                if (auth_transaction == 1) {
                        if (sta->sae->tmp) {
-                               sta->sae->tmp->h2e =
+                               sta->sae->h2e =
                                        (status_code ==
                                         WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
                                         status_code == WLAN_STATUS_SAE_PK);
-                               sta->sae->tmp->pk =
+                               sta->sae->pk =
                                        status_code == WLAN_STATUS_SAE_PK;
                        }
                        ret = auth_sae_send_commit(hapd, sta, bssid,
@@ -1440,7 +1440,7 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
                                   "SAE: Request anti-clogging token from "
                                   MACSTR, MAC2STR(sta->addr));
                        if (sta->sae->tmp)
-                               h2e = sta->sae->tmp->h2e;
+                               h2e = sta->sae->h2e;
                        if (status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
                            status_code == WLAN_STATUS_SAE_PK)
                                h2e = 1;
@@ -3405,7 +3405,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
 
                if (hapd->conf->sae_pwe == 2 &&
                    sta->auth_alg == WLAN_AUTH_SAE &&
-                   sta->sae && sta->sae->tmp && !sta->sae->tmp->h2e &&
+                   sta->sae && !sta->sae->h2e &&
                    elems.rsnxe && elems.rsnxe_len >= 1 &&
                    (elems.rsnxe[0] & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
                        wpa_printf(MSG_INFO, "SAE: " MACSTR

diff --git a/src/common/sae.c b/src/common/sae.c
index a298212ca6ee04c411c8c7e93eef3aa08698831d..c8e77aaec21a57c2f88110b070d3bba04ac21a52 100644 (file)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1364,8 +1364,8 @@ int sae_prepare_commit(const u8 *addr1, const u8 *addr2,
                                                identifier) < 0))
                return -1;
 
-       sae->tmp->h2e = 0;
-       sae->tmp->pk = 0;
+       sae->h2e = 0;
+       sae->pk = 0;
        return sae_derive_commit(sae);
 }
 
@@ -1434,7 +1434,7 @@ int sae_prepare_commit_pt(struct sae_data *sae, const struct sae_pt *pt,
                        return -1;
        }
 
-       sae->tmp->h2e = 1;
+       sae->h2e = 1;
        return sae_derive_commit(sae);
 }
 
@@ -1559,14 +1559,14 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
         * When SAE-PK is used,
         * KCK || PMK || KEK = KDF-Hash-Length(keyseed, "SAE-PK keys", context)
         */
-       if (!sae->tmp->h2e)
+       if (!sae->h2e)
                hash_len = SHA256_MAC_LEN;
        else if (sae->tmp->dh)
                hash_len = sae_ffc_prime_len_2_hash_len(prime_len);
        else
                hash_len = sae_ecc_prime_len_2_hash_len(prime_len);
-       if (sae->tmp->h2e && (sae->tmp->own_rejected_groups ||
-                             sae->tmp->peer_rejected_groups)) {
+       if (sae->h2e && (sae->tmp->own_rejected_groups ||
+                        sae->tmp->peer_rejected_groups)) {
                struct wpabuf *own, *peer;
 
                own = sae->tmp->own_rejected_groups;
@@ -1617,13 +1617,13 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
         * octets). */
        crypto_bignum_to_bin(tmp, val, sizeof(val), sae->tmp->order_len);
        wpa_hexdump(MSG_DEBUG, "SAE: PMKID", val, SAE_PMKID_LEN);
-       if (!sae->tmp->pk &&
+       if (!sae->pk &&
            sae_kdf_hash(hash_len, keyseed, "SAE KCK and PMK",
                         val, sae->tmp->order_len,
                         keys, hash_len + SAE_PMK_LEN) < 0)
                goto fail;
 #ifdef CONFIG_SAE_PK
-       if (sae->tmp->pk &&
+       if (sae->pk &&
            sae_kdf_hash(hash_len, keyseed, "SAE-PK keys",
                         val, sae->tmp->order_len,
                         keys, 2 * hash_len + SAE_PMK_LEN) < 0)
@@ -1635,7 +1635,7 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
        os_memcpy(sae->pmk, keys + hash_len, SAE_PMK_LEN);
        os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
 #ifdef CONFIG_SAE_PK
-       if (sae->tmp->pk) {
+       if (sae->pk) {
                os_memcpy(sae->tmp->kek, keys + hash_len + SAE_PMK_LEN,
                          hash_len);
                sae->tmp->kek_len = hash_len;
@@ -1677,7 +1677,7 @@ int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
                return -1;
 
        wpabuf_put_le16(buf, sae->group); /* Finite Cyclic Group */
-       if (!sae->tmp->h2e && token) {
+       if (!sae->h2e && token) {
                wpabuf_put_buf(buf, token);
                wpa_hexdump(MSG_DEBUG, "SAE: Anti-clogging token",
                            wpabuf_head(token), wpabuf_len(token));
@@ -1718,7 +1718,7 @@ int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
                           identifier);
        }
 
-       if (sae->tmp->h2e && sae->tmp->own_rejected_groups) {
+       if (sae->h2e && sae->tmp->own_rejected_groups) {
                wpa_hexdump_buf(MSG_DEBUG, "SAE: own Rejected Groups",
                                sae->tmp->own_rejected_groups);
                wpabuf_put_u8(buf, WLAN_EID_EXTENSION);
@@ -1728,7 +1728,7 @@ int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
                wpabuf_put_buf(buf, sae->tmp->own_rejected_groups);
        }
 
-       if (sae->tmp->h2e && token) {
+       if (sae->h2e && token) {
                wpabuf_put_u8(buf, WLAN_EID_EXTENSION);
                wpabuf_put_u8(buf, 1 + wpabuf_len(token));
                wpabuf_put_u8(buf, WLAN_EID_EXT_ANTI_CLOGGING_TOKEN);

diff --git a/src/common/sae.h b/src/common/sae.h
index 61b2288190fda062cf171c5a677c12558b6e021d..887cd4e9ac9a26c1afe2f235685d69d59df55023 100644 (file)
--- a/src/common/sae.h
+++ b/src/common/sae.h
@@ -59,8 +59,6 @@ struct sae_temporary_data {
        u8 bssid[ETH_ALEN];
        struct wpabuf *own_rejected_groups;
        struct wpabuf *peer_rejected_groups;
-       unsigned int h2e:1;
-       unsigned int pk:1;
        unsigned int own_addr_higher:1;
 
 #ifdef CONFIG_SAE_PK
@@ -106,6 +104,8 @@ struct sae_data {
        int group;
        unsigned int sync; /* protocol instance variable: Sync */
        u16 rc; /* protocol instance variable: Rc (received send-confirm) */
+       unsigned int h2e:1;
+       unsigned int pk:1;
        struct sae_temporary_data *tmp;
 };
 

diff --git a/src/common/sae_pk.c b/src/common/sae_pk.c
index 2469534b9cd2256cafa013a66be5d2775227f7d7..806498c3870a180d424aa1587ee4caac8aad78f6 100644 (file)
--- a/src/common/sae_pk.c
+++ b/src/common/sae_pk.c
@@ -528,7 +528,7 @@ int sae_check_confirm_pk(struct sae_data *sae, const u8 *ies, size_t ies_len)
 
        if (!tmp)
                return -1;
-       if (!tmp->pk || tmp->ap_pk)
+       if (!sae->pk || tmp->ap_pk)
                return 0;
 
        if (tmp->kek_len != 32 && tmp->kek_len != 48 && tmp->kek_len != 64) {

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 1d347839aa9a1e2f3d19f92328521095893b1f74..fa18f98933324ce5dc8dc51cbd00da6b0a3e07f2 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -128,8 +128,8 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
            os_memcmp(bssid, wpa_s->sme.sae.tmp->bssid, ETH_ALEN) == 0) {
                wpa_printf(MSG_DEBUG,
                           "SAE: Reuse previously generated PWE on a retry with the same AP");
-               use_pt = wpa_s->sme.sae.tmp->h2e;
-               use_pk = wpa_s->sme.sae.tmp->pk;
+               use_pt = wpa_s->sme.sae.h2e;
+               use_pk = wpa_s->sme.sae.pk;
                goto reuse_data;
        }
        if (sme_set_sae_group(wpa_s) < 0) {
@@ -190,7 +190,7 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
        if (wpa_s->sme.sae.tmp) {
                os_memcpy(wpa_s->sme.sae.tmp->bssid, bssid, ETH_ALEN);
                if (use_pt && use_pk)
-                       wpa_s->sme.sae.tmp->pk = 1;
+                       wpa_s->sme.sae.pk = 1;
 #ifdef CONFIG_SAE_PK
                os_memcpy(wpa_s->sme.sae.tmp->own_addr, wpa_s->own_addr,
                          ETH_ALEN);
@@ -1266,8 +1266,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
                wpabuf_free(wpa_s->sme.sae_token);
                token_pos = data + sizeof(le16);
                token_len = len - sizeof(le16);
-               if (wpa_s->sme.sae.tmp)
-                       h2e = wpa_s->sme.sae.tmp->h2e;
+               h2e = wpa_s->sme.sae.h2e;
                if (h2e) {
                        if (token_len < 3) {
                                wpa_dbg(wpa_s, MSG_DEBUG,
@@ -1348,20 +1347,18 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
                                   "SAE: Ignore commit message while waiting for confirm");
                        return 0;
                }
-               if (wpa_s->sme.sae.tmp && wpa_s->sme.sae.tmp->h2e &&
-                   status_code == WLAN_STATUS_SUCCESS) {
+               if (wpa_s->sme.sae.h2e && status_code == WLAN_STATUS_SUCCESS) {
                        wpa_printf(MSG_DEBUG,
                                   "SAE: Unexpected use of status code 0 in SAE commit when H2E was expected");
                        return -1;
                }
-               if (wpa_s->sme.sae.tmp &&
-                   (!wpa_s->sme.sae.tmp->h2e || wpa_s->sme.sae.tmp->pk) &&
+               if ((!wpa_s->sme.sae.h2e || wpa_s->sme.sae.pk) &&
                    status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT) {
                        wpa_printf(MSG_DEBUG,
                                   "SAE: Unexpected use of status code for H2E in SAE commit when H2E was not expected");
                        return -1;
                }
-               if (wpa_s->sme.sae.tmp && !wpa_s->sme.sae.tmp->pk &&
+               if (!wpa_s->sme.sae.pk &&
                    status_code == WLAN_STATUS_SAE_PK) {
                        wpa_printf(MSG_DEBUG,
                                   "SAE: Unexpected use of status code for PK in SAE commit when PK was not expected");