From: Vinay Gannevaram <quic_vganneva@quicinc.com>
Date: Sun, 18 Sep 2022 17:57:13 +0000 (+0530)
Subject: PASN: Remove wpa_sm dependency to add an entry to PMKSA cache
X-Git-Tag: hostap_2_11~1609
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=90bb73c5189e17d5429956645c12abfec234e4a5;p=thirdparty%2Fhostap.git

PASN: Remove wpa_sm dependency to add an entry to PMKSA cache

Store PMKSA cache entry in wpas_pasn and remove wpa_sm dependency to add
an entry to PMKSA cache. This is a step towards allowing the PASN
implementation to be used outside the context of wpa_supplicant.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 5f305b897..3a9d03bda 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -5322,15 +5322,6 @@ void wpa_sm_set_dpp_z(struct wpa_sm *sm, const struct wpabuf *z)
 
 #ifdef CONFIG_PASN
 
-void wpa_pasn_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len,
-			      const u8 *pmkid, const u8 *bssid, int key_mgmt)
-{
-	sm->cur_pmksa = pmksa_cache_add(sm->pmksa, pmk, pmk_len, pmkid, NULL, 0,
-					bssid, sm->own_addr, NULL,
-					key_mgmt, 0);
-}
-
-
 void wpa_pasn_sm_set_caps(struct wpa_sm *sm, unsigned int flags2)
 {
 	if (flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_STA)
@@ -5349,3 +5340,17 @@ void wpa_sm_pmksa_cache_reconfig(struct wpa_sm *sm)
 	if (sm)
 		pmksa_cache_reconfig(sm->pmksa);
 }
+
+
+struct rsn_pmksa_cache * wpa_sm_get_pmksa_cache(struct wpa_sm *sm)
+{
+	return sm ? sm->pmksa : NULL;
+}
+
+
+void wpa_sm_set_cur_pmksa(struct wpa_sm *sm,
+			  struct rsn_pmksa_cache_entry *entry)
+{
+	if (sm)
+		sm->cur_pmksa = entry;
+}
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 8449db761..cbeab435c 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -566,8 +566,10 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *bssid,
 void wpa_sm_set_reset_fils_completed(struct wpa_sm *sm, int set);
 void wpa_sm_set_fils_cache_id(struct wpa_sm *sm, const u8 *fils_cache_id);
 void wpa_sm_set_dpp_z(struct wpa_sm *sm, const struct wpabuf *z);
-void wpa_pasn_pmksa_cache_add(struct wpa_sm *sm, const u8 *pmk, size_t pmk_len,
-			      const u8 *pmkid, const u8 *bssid, int key_mgmt);
 void wpa_pasn_sm_set_caps(struct wpa_sm *sm, unsigned int flags2);
+struct rsn_pmksa_cache * wpa_sm_get_pmksa_cache(struct wpa_sm *sm);
+
+void wpa_sm_set_cur_pmksa(struct wpa_sm *sm,
+			  struct rsn_pmksa_cache_entry *entry);
 
 #endif /* WPA_H */
diff --git a/wpa_supplicant/pasn_supplicant.c b/wpa_supplicant/pasn_supplicant.c
index c347343a1..bfdc2f3a1 100644
--- a/wpa_supplicant/pasn_supplicant.c
+++ b/wpa_supplicant/pasn_supplicant.c
@@ -847,9 +847,11 @@ static int wpas_pasn_wd_fils_rx(struct wpa_supplicant *wpa_s, struct wpabuf *wd)
 
 	wpa_printf(MSG_DEBUG, "PASN: FILS: ERP processing succeeded");
 
-	wpa_pasn_pmksa_cache_add(wpa_s->wpa, pasn->pmk,
-				 pasn->pmk_len, pasn->fils.erp_pmkid,
-				 pasn->bssid, pasn->akmp);
+	pasn->pmksa_entry = pmksa_cache_add(pasn->pmksa, pasn->pmk,
+					    pasn->pmk_len, pasn->fils.erp_pmkid,
+					    NULL, 0, pasn->bssid,
+					    pasn->own_addr, NULL,
+					    pasn->akmp, 0);
 
 	pasn->fils.completed = true;
 	return 0;
@@ -1163,6 +1165,7 @@ static void wpa_pasn_reset(struct wpas_pasn *pasn)
 	os_memset(pasn->pmk_r1_name, 0, sizeof(pasn->pmk_r1_name));
 #endif /* CONFIG_IEEE80211R */
 	pasn->status = WLAN_STATUS_UNSPECIFIED_FAILURE;
+	pasn->pmksa_entry = NULL;
 }
 
 
@@ -1244,9 +1247,12 @@ static int wpas_pasn_set_pmk(struct wpa_supplicant *wpa_s,
 		pasn->pmk_len = PMK_LEN;
 		os_memcpy(pasn->pmk, pasn->sae.pmk, PMK_LEN);
 
-		wpa_pasn_pmksa_cache_add(wpa_s->wpa, pasn->pmk,
-					 pasn->pmk_len, pasn->sae.pmkid,
-					 pasn->bssid, pasn->akmp);
+		pasn->pmksa_entry = pmksa_cache_add(pasn->pmksa, pasn->pmk,
+						    pasn->pmk_len,
+						    pasn->sae.pmkid,
+						    NULL, 0, pasn->bssid,
+						    pasn->own_addr, NULL,
+						    pasn->akmp, 0);
 		return 0;
 	}
 #endif /* CONFIG_SAE */
@@ -1499,6 +1505,8 @@ static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit)
 
 	rsnxe = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
 
+	wpa_s->pasn.pmksa = wpa_sm_get_pmksa_cache(wpa_s->wpa);
+
 	ret = wpas_pasn_start(wpa_s, awork->own_addr, awork->bssid, awork->akmp,
 			      awork->cipher, awork->group, bss->freq,
 			      rsne, *(rsne + 1) + 2,
@@ -1887,6 +1895,10 @@ int wpas_pasn_auth_rx(struct wpa_supplicant *wpa_s,
 	forced_memzero(&pasn->ptk, sizeof(pasn->ptk));
 
 	pasn->status = WLAN_STATUS_SUCCESS;
+
+	if (pasn->pmksa_entry)
+		wpa_sm_set_cur_pmksa(wpa_s->wpa, pasn->pmksa_entry);
+
 	return 0;
 fail:
 	wpa_printf(MSG_DEBUG, "PASN: Failed RX processing - terminating");
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 9db847cec..0fb2ebedd 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -590,6 +590,8 @@ struct wpas_pasn {
 	size_t pmk_r1_len;
 	u8 pmk_r1_name[WPA_PMK_NAME_LEN];
 #endif /* CONFIG_IEEE80211R */
+	struct rsn_pmksa_cache *pmksa;
+	struct rsn_pmksa_cache_entry *pmksa_entry;
 };
 #endif /* CONFIG_PASN */