PASN: Reorder elements in PASN Authentication frames per IEEE 802.11

Reorder the elements in the PASN Authentication frame body to comply
with the order defined in IEEE Std 802.11-2024, Table 9-70
(Authentication frame body). Previously, the PASN Parameters element was
placed before the Wrapped Data element and RSNXE, which violated the
required ordering.

Signed-off-by: Ainy Kumari <ainy.kumari@oss.qualcomm.com>

diff --git a/src/pasn/pasn_initiator.c b/src/pasn/pasn_initiator.c
index bee7e5805d9271635eca28edbc155e4ea6fb71bb..3e16b77b1341d73653e3a93bc254e9ec88d0bfd5 100644 (file)
--- a/src/pasn/pasn_initiator.c
+++ b/src/pasn/pasn_initiator.c
@@ -641,9 +641,6 @@ static struct wpabuf * wpas_pasn_build_auth_1(struct pasn_data *pasn,
        if (!wrapped_data_buf)
                wrapped_data = WPA_PASN_WRAPPED_DATA_NO;
 
-       wpa_pasn_add_parameter_ie(buf, pasn->group, wrapped_data,
-                                 pubkey, true, comeback, -1);
-
        if (wpa_pasn_add_wrapped_data(buf, wrapped_data_buf) < 0)
                goto fail;
 
@@ -652,6 +649,9 @@ static struct wpabuf * wpas_pasn_build_auth_1(struct pasn_data *pasn,
        else
                wpa_pasn_add_rsnxe(buf, pasn->rsnxe_capab);
 
+       wpa_pasn_add_parameter_ie(buf, pasn->group, wrapped_data,
+                                 pubkey, true, comeback, -1);
+
        wpa_pasn_add_extra_ies(buf, pasn->extra_ies, pasn->extra_ies_len);
 
        ret = pasn_auth_frame_hash(pasn->akmp, pasn->cipher,
@@ -710,14 +710,14 @@ static struct wpabuf * wpas_pasn_build_auth_3(struct pasn_data *pasn)
        if (!wrapped_data_buf)
                wrapped_data = WPA_PASN_WRAPPED_DATA_NO;
 
-       wpa_pasn_add_parameter_ie(buf, pasn->group, wrapped_data,
-                                 NULL, false, NULL, -1);
-
        if (wpa_pasn_add_wrapped_data(buf, wrapped_data_buf) < 0)
                goto fail;
        wpabuf_free(wrapped_data_buf);
        wrapped_data_buf = NULL;
 
+       wpa_pasn_add_parameter_ie(buf, pasn->group, wrapped_data,
+                                 NULL, false, NULL, -1);
+
        if (pasn->prepare_data_element && pasn->cb_ctx)
                pasn->prepare_data_element(pasn->cb_ctx, pasn->peer_addr);
 

diff --git a/src/pasn/pasn_responder.c b/src/pasn/pasn_responder.c
index b4137b4702785b69e6fc4ffa16c407182e7dab54..a4dc2a680f393ff0612b960b250874ee086832a3 100644 (file)
--- a/src/pasn/pasn_responder.c
+++ b/src/pasn/pasn_responder.c
@@ -545,23 +545,24 @@ int handle_auth_pasn_resp(struct pasn_data *pasn, const u8 *own_addr,
                goto fail;
        }
 
-       wpa_pasn_add_parameter_ie(buf, pasn->group,
-                                 pasn->wrapped_data_format,
-                                 pubkey, true, NULL, 0);
-
        if (wpa_pasn_add_wrapped_data(buf, wrapped_data_buf) < 0)
                goto fail;
 
        wpabuf_free(wrapped_data_buf);
        wrapped_data_buf = NULL;
-       wpabuf_free(pubkey);
-       pubkey = NULL;
 
        /* Add RSNXE if needed */
        rsnxe_ie = pasn->rsnxe_ie;
        if (rsnxe_ie)
                wpabuf_put_data(buf, rsnxe_ie, 2 + rsnxe_ie[1]);
 
+       wpa_pasn_add_parameter_ie(buf, pasn->group,
+                                 pasn->wrapped_data_format,
+                                 pubkey, true, NULL, 0);
+
+       wpabuf_free(pubkey);
+       pubkey = NULL;
+
        if (pasn->prepare_data_element && pasn->cb_ctx)
                pasn->prepare_data_element(pasn->cb_ctx, peer_addr);