From: Jouni Malinen <jouni@codeaurora.org>
Date: Tue, 13 Oct 2020 17:57:26 +0000 (+0300)
Subject: DPP2: Use ppKey to decrypt E'-id on Configurator
X-Git-Tag: hostap_2_10~828
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a0ccc4017fa76485cf26109decd2d22de19a6009;p=thirdparty%2Fhostap.git

DPP2: Use ppKey to decrypt E'-id on Configurator

Use the new privacy protection key to decrypt E'-id from Reconfig
Announcement frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---

diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c
index 865215afe..7c4801531 100644
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -3163,32 +3163,35 @@ void dpp_free_reconfig_id(struct dpp_reconfig_id *id)
 }
 
 
-EC_POINT * dpp_decrypt_e_id(EVP_PKEY *csign, EVP_PKEY *a_nonce,
+EC_POINT * dpp_decrypt_e_id(EVP_PKEY *ppkey, EVP_PKEY *a_nonce,
 			    EVP_PKEY *e_prime_id)
 {
-	const EC_KEY *csign_ec, *a_nonce_ec, *e_prime_id_ec;
-	const BIGNUM *csign_bn;
+	const EC_KEY *pp_ec, *a_nonce_ec, *e_prime_id_ec;
+	const BIGNUM *pp_bn;
 	const EC_GROUP *group;
 	EC_POINT *e_id = NULL;
 	const EC_POINT *a_nonce_point, *e_prime_id_point;
 	BN_CTX *ctx = NULL;
 
+	if (!ppkey)
+		return NULL;
+
 	/* E-id = E'-id - s_C * A-NONCE */
-	csign_ec = EVP_PKEY_get0_EC_KEY(csign);
+	pp_ec = EVP_PKEY_get0_EC_KEY(ppkey);
 	a_nonce_ec = EVP_PKEY_get0_EC_KEY(a_nonce);
 	e_prime_id_ec = EVP_PKEY_get0_EC_KEY(e_prime_id);
-	if (!csign_ec || !a_nonce_ec || !e_prime_id_ec)
+	if (!pp_ec || !a_nonce_ec || !e_prime_id_ec)
 		return NULL;
-	csign_bn = EC_KEY_get0_private_key(csign_ec);
-	group = EC_KEY_get0_group(csign_ec);
+	pp_bn = EC_KEY_get0_private_key(pp_ec);
+	group = EC_KEY_get0_group(pp_ec);
 	a_nonce_point = EC_KEY_get0_public_key(a_nonce_ec);
 	e_prime_id_point = EC_KEY_get0_public_key(e_prime_id_ec);
 	ctx = BN_CTX_new();
-	if (!csign_bn || !group || !a_nonce_point || !e_prime_id_point || !ctx)
+	if (!pp_bn || !group || !a_nonce_point || !e_prime_id_point || !ctx)
 		goto fail;
 	e_id = EC_POINT_new(group);
 	if (!e_id ||
-	    !EC_POINT_mul(group, e_id, NULL, a_nonce_point, csign_bn, ctx) ||
+	    !EC_POINT_mul(group, e_id, NULL, a_nonce_point, pp_bn, ctx) ||
 	    !EC_POINT_invert(group, e_id, ctx) ||
 	    !EC_POINT_add(group, e_id, e_prime_id_point, e_id, ctx)) {
 		EC_POINT_clear_free(e_id);
diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h
index b875f2033..af12467a5 100644
--- a/src/common/dpp_i.h
+++ b/src/common/dpp_i.h
@@ -133,7 +133,7 @@ int dpp_reconfig_derive_ke_responder(struct dpp_authentication *auth,
 int dpp_reconfig_derive_ke_initiator(struct dpp_authentication *auth,
 				     const u8 *r_proto, u16 r_proto_len,
 				     struct json_token *net_access_key);
-EC_POINT * dpp_decrypt_e_id(EVP_PKEY *csign, EVP_PKEY *a_nonce,
+EC_POINT * dpp_decrypt_e_id(EVP_PKEY *ppkey, EVP_PKEY *a_nonce,
 			    EVP_PKEY *e_prime_id);
 char * dpp_sign_connector(struct dpp_configurator *conf,
 			  const struct wpabuf *dppcon);
diff --git a/src/common/dpp_reconfig.c b/src/common/dpp_reconfig.c
index f9d01d841..c4a027363 100644
--- a/src/common/dpp_reconfig.c
+++ b/src/common/dpp_reconfig.c
@@ -264,7 +264,7 @@ dpp_reconfig_init(struct dpp_global *dpp, void *msg_ctx,
 		return NULL;
 	}
 	dpp_debug_print_key("E'-id", e_prime_id);
-	e_id = dpp_decrypt_e_id(conf->csign, a_nonce, e_prime_id);
+	e_id = dpp_decrypt_e_id(conf->pp_key, a_nonce, e_prime_id);
 	EVP_PKEY_free(a_nonce);
 	EVP_PKEY_free(e_prime_id);
 	if (!e_id) {