From: Peddolla Harshavardhan Reddy Date: Sat, 26 Apr 2025 21:41:39 +0000 (+0530) Subject: PR: Set keys from PASN authentication X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e01a958a4cdc6e983e60b0b2dec9b65fb55c252;p=thirdparty%2Fhostap.git PR: Set keys from PASN authentication Add the needed callbacks to send the keys derived as part of PASN for Proximity Ranging to the driver. Signed-off-by: Peddolla Harshavardhan Reddy --- diff --git a/src/common/proximity_ranging.c b/src/common/proximity_ranging.c index 769ceb898..25e66f76b 100644 --- a/src/common/proximity_ranging.c +++ b/src/common/proximity_ranging.c @@ -2323,6 +2323,10 @@ static int pr_pasn_handle_auth_1(struct pr_data *pr, struct pr_device *dev, goto fail; } + if (pr->cfg->set_keys) + pr->cfg->set_keys(pr->cfg->cb_ctx, pr->cfg->dev_addr, + dev->pr_device_addr, dev->pasn->cipher, + dev->pasn->akmp, &dev->pasn->ptk); ret = 0; fail: @@ -2362,6 +2366,10 @@ static int pr_pasn_handle_auth_2(struct pr_data *pr, struct pr_device *dev, goto fail; } + if (pr->cfg->set_keys) + pr->cfg->set_keys(pr->cfg->cb_ctx, pr->cfg->dev_addr, + dev->pr_device_addr, dev->pasn->cipher, + dev->pasn->akmp, &dev->pasn->ptk); ret = 0; fail: @@ -2386,15 +2394,22 @@ static int pr_pasn_handle_auth_3(struct pr_data *pr, struct pr_device *dev, if (pr_process_pasn_ranging_wrapper_result(pr, dev, mgmt, len)) { wpa_printf(MSG_INFO, "PR PASN: Failed to handle Auth3 action wrapper"); - return -1; + goto fail; } if (handle_auth_pasn_3(dev->pasn, pr->cfg->dev_addr, mgmt->sa, mgmt, len) < 0) { wpa_printf(MSG_INFO, "PR PASN: Failed to handle Auth3"); - return -1; + goto fail; } return 0; + +fail: + /* Clear the keys as M3 processing failed */ + if (pr->cfg->clear_keys) + pr->cfg->clear_keys(pr->cfg->cb_ctx, pr->cfg->dev_addr, + dev->pr_device_addr); + return -1; } diff --git a/src/common/proximity_ranging.h b/src/common/proximity_ranging.h index 4be107f02..29a865ef8 100644 --- a/src/common/proximity_ranging.h +++ b/src/common/proximity_ranging.h @@ -425,6 +425,11 @@ struct pr_config { int (*pasn_send_mgmt)(void *ctx, const u8 *data, size_t data_len, int noack, unsigned int freq, unsigned int wait); + + void (*set_keys)(void *ctx, const u8 *own_addr, const u8 *peer_addr, + int cipher, int akmp, struct wpa_ptk *ptk); + + void (*clear_keys)(void *ctx, const u8 *own_addr, const u8 *peer_addr); }; struct pr_data { diff --git a/wpa_supplicant/pr_supplicant.c b/wpa_supplicant/pr_supplicant.c index c12013707..539a3d945 100644 --- a/wpa_supplicant/pr_supplicant.c +++ b/wpa_supplicant/pr_supplicant.c @@ -256,6 +256,33 @@ static int wpas_pr_pasn_send_mgmt(void *ctx, const u8 *data, size_t data_len, } +static void wpas_pr_pasn_set_keys(void *ctx, const u8 *own_addr, + const u8 *peer_addr, int cipher, int akmp, + struct wpa_ptk *ptk) +{ + struct wpa_supplicant *wpa_s = ctx; + + wpa_printf(MSG_DEBUG, "PR PASN: Set secure ranging context for " MACSTR, + MAC2STR(peer_addr)); + wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, cipher, + ptk->tk_len, ptk->tk, + ptk->ltf_keyseed_len, + ptk->ltf_keyseed, 0); +} + + +static void wpas_pr_pasn_clear_keys(void *ctx, const u8 *own_addr, + const u8 *peer_addr) +{ + struct wpa_supplicant *wpa_s = ctx; + + wpa_printf(MSG_DEBUG, "PR PASN: Clear secure ranging context for " + MACSTR, MAC2STR(peer_addr)); + wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, 0, 0, NULL, + 0, NULL, 1); +} + + struct wpabuf * wpas_pr_usd_elems(struct wpa_supplicant *wpa_s) { return pr_prepare_usd_elems(wpa_s->global->pr); @@ -318,6 +345,8 @@ int wpas_pr_init(struct wpa_global *global, struct wpa_supplicant *wpa_s, pr.support_6ghz = wpas_is_6ghz_supported(wpa_s, true); pr.pasn_send_mgmt = wpas_pr_pasn_send_mgmt; + pr.set_keys = wpas_pr_pasn_set_keys; + pr.clear_keys = wpas_pr_pasn_clear_keys; pr.secure_he_ltf = wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA;