From: Shivani Baranwal <quic_shivbara@quicinc.com>
Date: Sun, 4 Aug 2024 21:13:59 +0000 (+0530)
Subject: P2P2: Add a SAE password in PASN Encrypted Data element
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=394beb560078325593966c1ba7808bdf675f1b15;p=thirdparty%2Fhostap.git

P2P2: Add a SAE password in PASN Encrypted Data element

This is added for opportunistic bootstrapping cases. In addition,
generate a random SAE password for pairing when needed, i.e., when the
request is not for an existing GO.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
---

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index cfb2273c7..4a03c0603 100644
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -249,6 +249,7 @@ void p2p_go_neg_failed(struct p2p_data *p2p, int status)
 #ifdef CONFIG_PASN
 	if (peer->p2p2 && peer->pasn)
 		wpa_pasn_reset(peer->pasn);
+	os_memset(p2p->dev_sae_password, 0, sizeof(p2p->dev_sae_password));
 	os_memset(p2p->peer_sae_password, 0, sizeof(p2p->peer_sae_password));
 #endif /* CONFIG_PASN */
 
@@ -6366,6 +6367,27 @@ static int p2p_pasn_add_encrypted_data(struct p2p_data *p2p,
 			     (u8 *) wpabuf_put(p2p2_ie, 0) - dika_len - 2);
 	}
 
+	if (dev->req_bootstrap_method == P2P_PBMA_OPPORTUNISTIC) {
+		if (!p2p->dev_sae_password[0]) {
+			int password_len;
+
+			/* SAE password is not available as the request is not
+			 * for an existing GO. Pick a random SAE password of
+			 * length between 10 and 20. */
+			password_len = 10 + os_random() % 10;
+			if (p2p_random(p2p->dev_sae_password,
+				       password_len) < 0) {
+				wpabuf_free(p2p2_ie);
+				return -1;
+			}
+			p2p->dev_sae_password[password_len] = '\0';
+		}
+
+		wpabuf_put_u8(p2p2_ie, P2P_ATTR_PASSWORD);
+		wpabuf_put_le16(p2p2_ie, os_strlen(p2p->dev_sae_password));
+		wpabuf_put_str(p2p2_ie, p2p->dev_sae_password);
+	}
+
 	p2p_buf_update_ie_hdr(p2p2_ie, p2p2_ie_len);
 
 	ret = pasn_add_encrypted_data(pasn, buf, wpabuf_mhead_u8(p2p2_ie),
diff --git a/src/p2p/p2p_i.h b/src/p2p/p2p_i.h
index e7aeb4197..89e5eeab4 100644
--- a/src/p2p/p2p_i.h
+++ b/src/p2p/p2p_i.h
@@ -660,6 +660,7 @@ struct p2p_data {
 	 * PASN authentication or while joining an existing group. This will be
 	 * moved to a more permanent location from struct p2p_data at the
 	 * conclusion of a successful pairing. */
+	char dev_sae_password[100];
 	char peer_sae_password[100];
 };