From 14dc782d50db29f2a75b06e837887b42b7157462 Mon Sep 17 00:00:00 2001 From: Sai Pratyusha Magam Date: Sat, 2 Aug 2025 22:12:55 +0530 Subject: [PATCH] DPP: Avoid generating DPP shared secret(z) for non-association links In an AP, DPP shared secret (z) for Network Introduction Protocol with PFS is generated using the public key of a station (M) received in the Public Key field of Diffie-Hellman Parameter element in the (Re)Association Request frame and the AP's private key (n). In a STA, DPP shared secret (z) is generated using the public key of the AP (N) received in the Public Key field of Diffie-Hellman Parameter element in the (Re)Association Response frame and the station's private key (m). When a (Re)Association Request frame is received for ML association, the AP MLD parses the elements in __check_assoc_ies() for the association link and then for each of the other setup links. When the Diffie-Hellman Parameter element is parsed on the association link, the AP MLD generates a private key, a public key, and a shared secret (n,N, z(n,M)). When the Diffie-Hellman Parameter element is parsed on other links, another set of a different private key, public key, and shared secret is derived (n1,N1, z1(n1,M)). This is not correct behavior. In wpa_state_machine (sta->wpa_sm), store the DPP shared secret (z) generated for the association link and skip generating it for other partner BSS links. This will ensure that the public key shared with the station in the (Re)Association Response is derived from the same private key that is used to derive the DHss component used in PTK calculation. Signed-off-by: Sai Pratyusha Magam --- src/ap/ieee802_11.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 7c461d48e..a1d45db2f 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4550,7 +4550,7 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && hapd->conf->dpp_netaccesskey && sta->wpa_sm && wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && - elems->owe_dh) { + elems->owe_dh && !link) { sta->dpp_pfs = dpp_pfs_init( wpabuf_head(hapd->conf->dpp_netaccesskey), wpabuf_len(hapd->conf->dpp_netaccesskey)); @@ -4568,9 +4568,9 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_UNSPECIFIED_FAILURE; } } - - wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? - sta->dpp_pfs->secret : NULL); + if (!link) + wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? + sta->dpp_pfs->secret : NULL); pfs_fail: #endif /* CONFIG_DPP2 */ -- 2.47.3