From: Vinay Gannevaram <quic_vganneva@quicinc.com>
Date: Thu, 7 Jul 2022 20:14:54 +0000 (+0530)
Subject: PASN: Configure secure ranging context to the driver in AP mode
X-Git-Tag: hostap_2_11~1737
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9b62b61c682b195ca52e662ca0ebab3c544f9ac6;p=thirdparty%2Fhostap.git

PASN: Configure secure ranging context to the driver in AP mode

AP as a responder, on successful completion of PASN authentication
configures the required keys by using the command
QCA_NL80211_VENDOR_SUBCMD_SECURE_RANGING_CONTEXT to the driver.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---

diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c
index 87c3b9006..2155b8f72 100644
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -1016,3 +1016,30 @@ int hostapd_drv_dpp_listen(struct hostapd_data *hapd, bool enable)
 		return 0;
 	return hapd->driver->dpp_listen(hapd->drv_priv, enable);
 }
+
+
+#ifdef CONFIG_PASN
+int hostapd_drv_set_secure_ranging_ctx(struct hostapd_data *hapd,
+				       const u8 *own_addr, const u8 *peer_addr,
+				       u32 cipher, u8 tk_len, const u8 *tk,
+				       u8 ltf_keyseed_len,
+				       const u8 *ltf_keyseed, u32 action)
+{
+	struct secure_ranging_params params;
+
+	if (!hapd->driver || !hapd->driver->set_secure_ranging_ctx)
+		return 0;
+
+	os_memset(&params, 0, sizeof(params));
+	params.own_addr = own_addr;
+	params.peer_addr = peer_addr;
+	params.cipher = cipher;
+	params.tk_len = tk_len;
+	params.tk = tk;
+	params.ltf_keyseed_len = ltf_keyseed_len;
+	params.ltf_keyseed = ltf_keyseed;
+	params.action = action;
+
+	return hapd->driver->set_secure_ranging_ctx(hapd->drv_priv, &params);
+}
+#endif /* CONFIG_PASN */
diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h
index b4fb766ee..93b224499 100644
--- a/src/ap/ap_drv_ops.h
+++ b/src/ap/ap_drv_ops.h
@@ -138,6 +138,11 @@ int hostapd_drv_do_acs(struct hostapd_data *hapd);
 int hostapd_drv_update_dh_ie(struct hostapd_data *hapd, const u8 *peer,
 			     u16 reason_code, const u8 *ie, size_t ielen);
 int hostapd_drv_dpp_listen(struct hostapd_data *hapd, bool enable);
+int hostapd_drv_set_secure_ranging_ctx(struct hostapd_data *hapd,
+				       const u8 *own_addr, const u8 *addr,
+				       u32 cipher, u8 key_len, const u8 *key,
+				       u8 ltf_keyseed_len,
+				       const u8 *ltf_keyseed, u32 action);
 
 
 #include "drivers/driver.h"
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index c43f18b4a..86761a266 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2667,6 +2667,15 @@ static void pasn_fils_auth_resp(struct hostapd_data *hapd,
 		goto fail;
 	}
 
+	if (pasn->secure_ltf) {
+		ret = wpa_ltf_keyseed(&pasn->ptk, pasn->akmp, pasn->cipher);
+		if (ret) {
+			wpa_printf(MSG_DEBUG,
+				   "PASN: FILS: Failed to derive LTF keyseed");
+			goto fail;
+		}
+	}
+
 	wpa_printf(MSG_DEBUG, "PASN: PTK successfully derived");
 
 	wpabuf_free(pasn->secret);
@@ -2848,6 +2857,38 @@ static struct wpabuf * pasn_get_wrapped_data(struct hostapd_data *hapd,
 }
 
 
+static int pasn_set_keys_from_cache(struct hostapd_data *hapd,
+				    const u8 *own_addr, const u8 *sta_addr,
+				    int cipher, int akmp)
+{
+	struct ptksa_cache_entry *entry;
+
+	entry = ptksa_cache_get(hapd->ptksa, sta_addr, cipher);
+	if (!entry) {
+		wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR
+			   " not present in PTKSA cache", MAC2STR(sta_addr));
+		return -1;
+	}
+
+	if (os_memcmp(entry->own_addr, own_addr, ETH_ALEN) != 0) {
+		wpa_printf(MSG_DEBUG,
+			   "PASN: own addr " MACSTR " and PTKSA entry own addr "
+			   MACSTR " differ",
+			   MAC2STR(own_addr), MAC2STR(entry->own_addr));
+		return -1;
+	}
+
+	wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache",
+		   MAC2STR(sta_addr));
+	hostapd_drv_set_secure_ranging_ctx(hapd, own_addr, sta_addr, cipher,
+					   entry->ptk.tk_len, entry->ptk.tk,
+					   entry->ptk.ltf_keyseed_len,
+					   entry->ptk.ltf_keyseed, 0);
+
+	return 0;
+}
+
+
 static int
 pasn_derive_keys(struct hostapd_data *hapd, struct sta_info *sta,
 		 const u8 *cached_pmk, size_t cached_pmk_len,
@@ -2904,6 +2945,16 @@ pasn_derive_keys(struct hostapd_data *hapd, struct sta_info *sta,
 		return -1;
 	}
 
+	if (sta->pasn->secure_ltf) {
+		ret = wpa_ltf_keyseed(&sta->pasn->ptk, sta->pasn->akmp,
+				      sta->pasn->cipher);
+		if (ret) {
+			wpa_printf(MSG_DEBUG,
+				   "PASN: Failed to derive LTF keyseed");
+			return -1;
+		}
+	}
+
 	wpa_printf(MSG_DEBUG, "PASN: PTK successfully derived");
 	return 0;
 }
@@ -3180,6 +3231,13 @@ static void handle_auth_pasn_1(struct hostapd_data *hapd, struct sta_info *sta,
 		sta->pasn->kdk_len = 0;
 	wpa_printf(MSG_DEBUG, "PASN: kdk_len=%zu", sta->pasn->kdk_len);
 
+	if ((hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF_AP) &&
+	    ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len,
+				      WLAN_RSNX_CAPAB_SECURE_LTF))
+		sta->pasn->secure_ltf = true;
+	else
+		sta->pasn->secure_ltf = false;
+
 	if (!elems.pasn_params || !elems.pasn_params_len) {
 		wpa_printf(MSG_DEBUG,
 			   "PASN: No PASN Parameters element found");
@@ -3504,6 +3562,8 @@ static void handle_auth_pasn_3(struct hostapd_data *hapd, struct sta_info *sta,
 
 	ptksa_cache_add(hapd->ptksa, hapd->own_addr, sta->addr,
 			sta->pasn->cipher, 43200, &sta->pasn->ptk, NULL, NULL);
+	pasn_set_keys_from_cache(hapd, hapd->own_addr, sta->addr,
+				 sta->pasn->cipher, sta->pasn->akmp);
 fail:
 	ap_free_sta(hapd, sta);
 }
diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index 5c92e01da..d2a8344ad 100644
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -88,6 +88,7 @@ struct pasn_data {
 	int akmp;
 	int cipher;
 	u16 group;
+	bool secure_ltf;
 	u8 trans_seq;
 	u8 wrapped_data_format;
 	size_t kdk_len;