DPP: Avoid generating DPP shared secret(z) for non-association links

In an AP, DPP shared secret (z) for Network Introduction Protocol with
PFS is generated using the public key of a station (M) received in the
Public Key field of Diffie-Hellman Parameter element in the
(Re)Association Request frame and the AP's private key (n). In a STA,
DPP shared secret (z) is generated using the public key of the AP (N)
received in the Public Key field of Diffie-Hellman Parameter element in
the (Re)Association Response frame and the station's private key (m).

When a (Re)Association Request frame is received for ML association, the
AP MLD parses the elements in __check_assoc_ies() for the association
link and then for each of the other setup links. When the Diffie-Hellman
Parameter element is parsed on the association link, the AP MLD
generates a private key, a public key, and a shared secret (n,N,
z(n,M)). When the Diffie-Hellman Parameter element is parsed on other
links, another set of a different private key, public key, and shared
secret is derived (n1,N1, z1(n1,M)). This is not correct behavior.

In wpa_state_machine (sta->wpa_sm), store the DPP shared secret (z)
generated for the association link and skip generating it for other
partner BSS links. This will ensure that the public key shared with the
station in the (Re)Association Response is derived from the same private
key that is used to derive the DHss component used in PTK calculation.

Signed-off-by: Sai Pratyusha Magam <smagam@qti.qualcomm.com>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 7c461d48ed110b106174b4895eb34337a981e60f..a1d45db2f562a891efc364ede7f17a693b579438 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -4550,7 +4550,7 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
                    (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) &&
                    hapd->conf->dpp_netaccesskey && sta->wpa_sm &&
                    wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP &&
-                   elems->owe_dh) {
+                   elems->owe_dh && !link) {
                        sta->dpp_pfs = dpp_pfs_init(
                                wpabuf_head(hapd->conf->dpp_netaccesskey),
                                wpabuf_len(hapd->conf->dpp_netaccesskey));
@@ -4568,9 +4568,9 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
                                return WLAN_STATUS_UNSPECIFIED_FAILURE;
                        }
                }
-
-               wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ?
-                                  sta->dpp_pfs->secret : NULL);
+               if (!link)
+                       wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ?
+                                          sta->dpp_pfs->secret : NULL);
        pfs_fail:
 #endif /* CONFIG_DPP2 */