• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * DPP functionality shared between hostapd and wpa_supplicant
3  * Copyright (c) 2017, Qualcomm Atheros, Inc.
4  * Copyright (c) 2018-2020, The Linux Foundation
5  *
6  * This software may be distributed under the terms of the BSD license.
7  * See README for more details.
8  */
9 
10 #include "utils/includes.h"
11 #include <openssl/opensslv.h>
12 #include <openssl/err.h>
13 
14 #include "utils/common.h"
15 #include "utils/base64.h"
16 #include "utils/json.h"
17 #include "common/ieee802_11_common.h"
18 #include "common/wpa_ctrl.h"
19 #include "common/gas.h"
20 #include "eap_common/eap_defs.h"
21 #include "crypto/crypto.h"
22 #include "crypto/random.h"
23 #include "crypto/aes.h"
24 #include "crypto/aes_siv.h"
25 #include "drivers/driver.h"
26 #include "dpp.h"
27 #include "dpp_i.h"
28 
29 
30 static const char * dpp_netrole_str(enum dpp_netrole netrole);
31 
32 #ifdef CONFIG_TESTING_OPTIONS
33 #ifdef CONFIG_DPP2
34 int dpp_version_override = 2;
35 #else
36 int dpp_version_override = 1;
37 #endif
38 enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED;
39 #endif /* CONFIG_TESTING_OPTIONS */
40 
41 #if OPENSSL_VERSION_NUMBER < 0x10100000L || \
42 	(defined(LIBRESSL_VERSION_NUMBER) && \
43 	 LIBRESSL_VERSION_NUMBER < 0x20700000L)
44 /* Compatibility wrappers for older versions. */
45 
46 #ifdef CONFIG_DPP2
EVP_PKEY_get0_EC_KEY(EVP_PKEY * pkey)47 static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
48 {
49 	if (pkey->type != EVP_PKEY_EC)
50 		return NULL;
51 	return pkey->pkey.ec;
52 }
53 #endif /* CONFIG_DPP2 */
54 
55 #endif
56 
57 
dpp_auth_fail(struct dpp_authentication * auth,const char * txt)58 void dpp_auth_fail(struct dpp_authentication *auth, const char *txt)
59 {
60 	wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_FAIL "%s", txt);
61 }
62 
63 
dpp_alloc_msg(enum dpp_public_action_frame_type type,size_t len)64 struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type,
65 			      size_t len)
66 {
67 	struct wpabuf *msg;
68 
69 	msg = wpabuf_alloc(8 + len);
70 	if (!msg)
71 		return NULL;
72 	wpabuf_put_u8(msg, WLAN_ACTION_PUBLIC);
73 	wpabuf_put_u8(msg, WLAN_PA_VENDOR_SPECIFIC);
74 	wpabuf_put_be24(msg, OUI_WFA);
75 	wpabuf_put_u8(msg, DPP_OUI_TYPE);
76 	wpabuf_put_u8(msg, 1); /* Crypto Suite */
77 	wpabuf_put_u8(msg, type);
78 	return msg;
79 }
80 
81 
dpp_get_attr(const u8 * buf,size_t len,u16 req_id,u16 * ret_len)82 const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len)
83 {
84 	u16 id, alen;
85 	const u8 *pos = buf, *end = buf + len;
86 
87 	while (end - pos >= 4) {
88 		id = WPA_GET_LE16(pos);
89 		pos += 2;
90 		alen = WPA_GET_LE16(pos);
91 		pos += 2;
92 		if (alen > end - pos)
93 			return NULL;
94 		if (id == req_id) {
95 			*ret_len = alen;
96 			return pos;
97 		}
98 		pos += alen;
99 	}
100 
101 	return NULL;
102 }
103 
104 
dpp_get_attr_next(const u8 * prev,const u8 * buf,size_t len,u16 req_id,u16 * ret_len)105 static const u8 * dpp_get_attr_next(const u8 *prev, const u8 *buf, size_t len,
106 				    u16 req_id, u16 *ret_len)
107 {
108 	u16 id, alen;
109 	const u8 *pos, *end = buf + len;
110 
111 	if (!prev)
112 		pos = buf;
113 	else
114 		pos = prev + WPA_GET_LE16(prev - 2);
115 	while (end - pos >= 4) {
116 		id = WPA_GET_LE16(pos);
117 		pos += 2;
118 		alen = WPA_GET_LE16(pos);
119 		pos += 2;
120 		if (alen > end - pos)
121 			return NULL;
122 		if (id == req_id) {
123 			*ret_len = alen;
124 			return pos;
125 		}
126 		pos += alen;
127 	}
128 
129 	return NULL;
130 }
131 
132 
dpp_check_attrs(const u8 * buf,size_t len)133 int dpp_check_attrs(const u8 *buf, size_t len)
134 {
135 	const u8 *pos, *end;
136 	int wrapped_data = 0;
137 
138 	pos = buf;
139 	end = buf + len;
140 	while (end - pos >= 4) {
141 		u16 id, alen;
142 
143 		id = WPA_GET_LE16(pos);
144 		pos += 2;
145 		alen = WPA_GET_LE16(pos);
146 		pos += 2;
147 		wpa_printf(MSG_MSGDUMP, "DPP: Attribute ID %04x len %u",
148 			   id, alen);
149 		if (alen > end - pos) {
150 			wpa_printf(MSG_DEBUG,
151 				   "DPP: Truncated message - not enough room for the attribute - dropped");
152 			return -1;
153 		}
154 		if (wrapped_data) {
155 			wpa_printf(MSG_DEBUG,
156 				   "DPP: An unexpected attribute included after the Wrapped Data attribute");
157 			return -1;
158 		}
159 		if (id == DPP_ATTR_WRAPPED_DATA)
160 			wrapped_data = 1;
161 		pos += alen;
162 	}
163 
164 	if (end != pos) {
165 		wpa_printf(MSG_DEBUG,
166 			   "DPP: Unexpected octets (%d) after the last attribute",
167 			   (int) (end - pos));
168 		return -1;
169 	}
170 
171 	return 0;
172 }
173 
174 
dpp_bootstrap_info_free(struct dpp_bootstrap_info * info)175 void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info)
176 {
177 	if (!info)
178 		return;
179 	os_free(info->uri);
180 	os_free(info->info);
181 	os_free(info->chan);
182 	os_free(info->pk);
183 	EVP_PKEY_free(info->pubkey);
184 	str_clear_free(info->configurator_params);
185 	os_free(info);
186 }
187 
188 
dpp_bootstrap_type_txt(enum dpp_bootstrap_type type)189 const char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type)
190 {
191 	switch (type) {
192 	case DPP_BOOTSTRAP_QR_CODE:
193 		return "QRCODE";
194 	case DPP_BOOTSTRAP_PKEX:
195 		return "PKEX";
196 	case DPP_BOOTSTRAP_NFC_URI:
197 		return "NFC-URI";
198 	}
199 	return "??";
200 }
201 
202 
dpp_uri_valid_info(const char * info)203 static int dpp_uri_valid_info(const char *info)
204 {
205 	while (*info) {
206 		unsigned char val = *info++;
207 
208 		if (val < 0x20 || val > 0x7e || val == 0x3b)
209 			return 0;
210 	}
211 
212 	return 1;
213 }
214 
215 
dpp_clone_uri(struct dpp_bootstrap_info * bi,const char * uri)216 static int dpp_clone_uri(struct dpp_bootstrap_info *bi, const char *uri)
217 {
218 	bi->uri = os_strdup(uri);
219 	return bi->uri ? 0 : -1;
220 }
221 
222 
dpp_parse_uri_chan_list(struct dpp_bootstrap_info * bi,const char * chan_list)223 int dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi,
224 			    const char *chan_list)
225 {
226 	const char *pos = chan_list, *pos2;
227 	int opclass = -1, channel, freq;
228 
229 	while (pos && *pos && *pos != ';') {
230 		pos2 = pos;
231 		while (*pos2 >= '0' && *pos2 <= '9')
232 			pos2++;
233 		if (*pos2 == '/') {
234 			opclass = atoi(pos);
235 			pos = pos2 + 1;
236 		}
237 		if (opclass <= 0)
238 			goto fail;
239 		channel = atoi(pos);
240 		if (channel <= 0)
241 			goto fail;
242 		while (*pos >= '0' && *pos <= '9')
243 			pos++;
244 		freq = ieee80211_chan_to_freq(NULL, opclass, channel);
245 		wpa_printf(MSG_DEBUG,
246 			   "DPP: URI channel-list: opclass=%d channel=%d ==> freq=%d",
247 			   opclass, channel, freq);
248 		bi->channels_listed = true;
249 		if (freq < 0) {
250 			wpa_printf(MSG_DEBUG,
251 				   "DPP: Ignore unknown URI channel-list channel (opclass=%d channel=%d)",
252 				   opclass, channel);
253 		} else if (bi->num_freq == DPP_BOOTSTRAP_MAX_FREQ) {
254 			wpa_printf(MSG_DEBUG,
255 				   "DPP: Too many channels in URI channel-list - ignore list");
256 			bi->num_freq = 0;
257 			break;
258 		} else {
259 			bi->freq[bi->num_freq++] = freq;
260 		}
261 
262 		if (*pos == ';' || *pos == '\0')
263 			break;
264 		if (*pos != ',')
265 			goto fail;
266 		pos++;
267 	}
268 
269 	return 0;
270 fail:
271 	wpa_printf(MSG_DEBUG, "DPP: Invalid URI channel-list");
272 	return -1;
273 }
274 
275 
dpp_parse_uri_mac(struct dpp_bootstrap_info * bi,const char * mac)276 int dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac)
277 {
278 	if (!mac)
279 		return 0;
280 
281 	if (hwaddr_aton2(mac, bi->mac_addr) < 0) {
282 		wpa_printf(MSG_DEBUG, "DPP: Invalid URI mac");
283 		return -1;
284 	}
285 
286 	wpa_printf(MSG_DEBUG, "DPP: URI mac: " MACSTR, MAC2STR(bi->mac_addr));
287 
288 	return 0;
289 }
290 
291 
dpp_parse_uri_info(struct dpp_bootstrap_info * bi,const char * info)292 int dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info)
293 {
294 	const char *end;
295 
296 	if (!info)
297 		return 0;
298 
299 	end = os_strchr(info, ';');
300 	if (!end)
301 		end = info + os_strlen(info);
302 	bi->info = os_malloc(end - info + 1);
303 	if (!bi->info)
304 		return -1;
305 	os_memcpy(bi->info, info, end - info);
306 	bi->info[end - info] = '\0';
307 	wpa_printf(MSG_DEBUG, "DPP: URI(information): %s", bi->info);
308 	if (!dpp_uri_valid_info(bi->info)) {
309 		wpa_printf(MSG_DEBUG, "DPP: Invalid URI information payload");
310 		return -1;
311 	}
312 
313 	return 0;
314 }
315 
316 
dpp_parse_uri_version(struct dpp_bootstrap_info * bi,const char * version)317 int dpp_parse_uri_version(struct dpp_bootstrap_info *bi, const char *version)
318 {
319 #ifdef CONFIG_DPP2
320 	if (!version || DPP_VERSION < 2)
321 		return 0;
322 
323 	if (*version == '1')
324 		bi->version = 1;
325 	else if (*version == '2')
326 		bi->version = 2;
327 	else
328 		wpa_printf(MSG_DEBUG, "DPP: Unknown URI version");
329 
330 	wpa_printf(MSG_DEBUG, "DPP: URI version: %d", bi->version);
331 #endif /* CONFIG_DPP2 */
332 
333 	return 0;
334 }
335 
336 
dpp_parse_uri_pk(struct dpp_bootstrap_info * bi,const char * info)337 static int dpp_parse_uri_pk(struct dpp_bootstrap_info *bi, const char *info)
338 {
339 	u8 *data;
340 	size_t data_len;
341 	int res;
342 	const char *end;
343 
344 	end = os_strchr(info, ';');
345 	if (!end)
346 		return -1;
347 
348 	data = base64_decode(info, end - info, &data_len);
349 	if (!data) {
350 		wpa_printf(MSG_DEBUG,
351 			   "DPP: Invalid base64 encoding on URI public-key");
352 		return -1;
353 	}
354 	wpa_hexdump(MSG_DEBUG, "DPP: Base64 decoded URI public-key",
355 		    data, data_len);
356 
357 	res = dpp_get_subject_public_key(bi, data, data_len);
358 	os_free(data);
359 	return res;
360 }
361 
362 
dpp_parse_uri(const char * uri)363 static struct dpp_bootstrap_info * dpp_parse_uri(const char *uri)
364 {
365 	const char *pos = uri;
366 	const char *end;
367 	const char *chan_list = NULL, *mac = NULL, *info = NULL, *pk = NULL;
368 	const char *version = NULL;
369 	struct dpp_bootstrap_info *bi;
370 
371 	wpa_hexdump_ascii(MSG_DEBUG, "DPP: URI", uri, os_strlen(uri));
372 
373 	if (os_strncmp(pos, "DPP:", 4) != 0) {
374 		wpa_printf(MSG_INFO, "DPP: Not a DPP URI");
375 		return NULL;
376 	}
377 	pos += 4;
378 
379 	for (;;) {
380 		end = os_strchr(pos, ';');
381 		if (!end)
382 			break;
383 
384 		if (end == pos) {
385 			/* Handle terminating ";;" and ignore unexpected ";"
386 			 * for parsing robustness. */
387 			pos++;
388 			continue;
389 		}
390 
391 		if (pos[0] == 'C' && pos[1] == ':' && !chan_list)
392 			chan_list = pos + 2;
393 		else if (pos[0] == 'M' && pos[1] == ':' && !mac)
394 			mac = pos + 2;
395 		else if (pos[0] == 'I' && pos[1] == ':' && !info)
396 			info = pos + 2;
397 		else if (pos[0] == 'K' && pos[1] == ':' && !pk)
398 			pk = pos + 2;
399 		else if (pos[0] == 'V' && pos[1] == ':' && !version)
400 			version = pos + 2;
401 		else
402 			wpa_hexdump_ascii(MSG_DEBUG,
403 					  "DPP: Ignore unrecognized URI parameter",
404 					  pos, end - pos);
405 		pos = end + 1;
406 	}
407 
408 	if (!pk) {
409 		wpa_printf(MSG_INFO, "DPP: URI missing public-key");
410 		return NULL;
411 	}
412 
413 	bi = os_zalloc(sizeof(*bi));
414 	if (!bi)
415 		return NULL;
416 
417 	if (dpp_clone_uri(bi, uri) < 0 ||
418 	    dpp_parse_uri_chan_list(bi, chan_list) < 0 ||
419 	    dpp_parse_uri_mac(bi, mac) < 0 ||
420 	    dpp_parse_uri_info(bi, info) < 0 ||
421 	    dpp_parse_uri_version(bi, version) < 0 ||
422 	    dpp_parse_uri_pk(bi, pk) < 0) {
423 		dpp_bootstrap_info_free(bi);
424 		bi = NULL;
425 	}
426 
427 	return bi;
428 }
429 
430 
dpp_build_attr_status(struct wpabuf * msg,enum dpp_status_error status)431 void dpp_build_attr_status(struct wpabuf *msg, enum dpp_status_error status)
432 {
433 	wpa_printf(MSG_DEBUG, "DPP: Status %d", status);
434 	wpabuf_put_le16(msg, DPP_ATTR_STATUS);
435 	wpabuf_put_le16(msg, 1);
436 	wpabuf_put_u8(msg, status);
437 }
438 
439 
dpp_build_attr_r_bootstrap_key_hash(struct wpabuf * msg,const u8 * hash)440 void dpp_build_attr_r_bootstrap_key_hash(struct wpabuf *msg, const u8 *hash)
441 {
442 	if (hash) {
443 		wpa_printf(MSG_DEBUG, "DPP: R-Bootstrap Key Hash");
444 		wpabuf_put_le16(msg, DPP_ATTR_R_BOOTSTRAP_KEY_HASH);
445 		wpabuf_put_le16(msg, SHA256_MAC_LEN);
446 		wpabuf_put_data(msg, hash, SHA256_MAC_LEN);
447 	}
448 }
449 
450 
dpp_channel_ok_init(struct hostapd_hw_modes * own_modes,u16 num_modes,unsigned int freq)451 static int dpp_channel_ok_init(struct hostapd_hw_modes *own_modes,
452 			       u16 num_modes, unsigned int freq)
453 {
454 	u16 m;
455 	int c, flag;
456 
457 	if (!own_modes || !num_modes)
458 		return 1;
459 
460 	for (m = 0; m < num_modes; m++) {
461 		for (c = 0; c < own_modes[m].num_channels; c++) {
462 			if ((unsigned int) own_modes[m].channels[c].freq !=
463 			    freq)
464 				continue;
465 			flag = own_modes[m].channels[c].flag;
466 			if (!(flag & (HOSTAPD_CHAN_DISABLED |
467 				      HOSTAPD_CHAN_NO_IR |
468 				      HOSTAPD_CHAN_RADAR)))
469 				return 1;
470 		}
471 	}
472 
473 	wpa_printf(MSG_DEBUG, "DPP: Peer channel %u MHz not supported", freq);
474 	return 0;
475 }
476 
477 
freq_included(const unsigned int freqs[],unsigned int num,unsigned int freq)478 static int freq_included(const unsigned int freqs[], unsigned int num,
479 			 unsigned int freq)
480 {
481 	while (num > 0) {
482 		if (freqs[--num] == freq)
483 			return 1;
484 	}
485 	return 0;
486 }
487 
488 
freq_to_start(unsigned int freqs[],unsigned int num,unsigned int freq)489 static void freq_to_start(unsigned int freqs[], unsigned int num,
490 			  unsigned int freq)
491 {
492 	unsigned int i;
493 
494 	for (i = 0; i < num; i++) {
495 		if (freqs[i] == freq)
496 			break;
497 	}
498 	if (i == 0 || i >= num)
499 		return;
500 	os_memmove(&freqs[1], &freqs[0], i * sizeof(freqs[0]));
501 	freqs[0] = freq;
502 }
503 
504 
dpp_channel_intersect(struct dpp_authentication * auth,struct hostapd_hw_modes * own_modes,u16 num_modes)505 static int dpp_channel_intersect(struct dpp_authentication *auth,
506 				 struct hostapd_hw_modes *own_modes,
507 				 u16 num_modes)
508 {
509 	struct dpp_bootstrap_info *peer_bi = auth->peer_bi;
510 	unsigned int i, freq;
511 
512 	for (i = 0; i < peer_bi->num_freq; i++) {
513 		freq = peer_bi->freq[i];
514 		if (freq_included(auth->freq, auth->num_freq, freq))
515 			continue;
516 		if (dpp_channel_ok_init(own_modes, num_modes, freq))
517 			auth->freq[auth->num_freq++] = freq;
518 	}
519 	if (!auth->num_freq) {
520 		wpa_printf(MSG_INFO,
521 			   "DPP: No available channels for initiating DPP Authentication");
522 		return -1;
523 	}
524 	auth->curr_freq = auth->freq[0];
525 	return 0;
526 }
527 
528 
dpp_channel_local_list(struct dpp_authentication * auth,struct hostapd_hw_modes * own_modes,u16 num_modes)529 static int dpp_channel_local_list(struct dpp_authentication *auth,
530 				  struct hostapd_hw_modes *own_modes,
531 				  u16 num_modes)
532 {
533 	u16 m;
534 	int c, flag;
535 	unsigned int freq;
536 
537 	auth->num_freq = 0;
538 
539 	if (!own_modes || !num_modes) {
540 		auth->freq[0] = 2412;
541 		auth->freq[1] = 2437;
542 		auth->freq[2] = 2462;
543 		auth->num_freq = 3;
544 		return 0;
545 	}
546 
547 	for (m = 0; m < num_modes; m++) {
548 		for (c = 0; c < own_modes[m].num_channels; c++) {
549 			freq = own_modes[m].channels[c].freq;
550 			flag = own_modes[m].channels[c].flag;
551 			if (flag & (HOSTAPD_CHAN_DISABLED |
552 				    HOSTAPD_CHAN_NO_IR |
553 				    HOSTAPD_CHAN_RADAR))
554 				continue;
555 			if (freq_included(auth->freq, auth->num_freq, freq))
556 				continue;
557 			auth->freq[auth->num_freq++] = freq;
558 			if (auth->num_freq == DPP_BOOTSTRAP_MAX_FREQ) {
559 				m = num_modes;
560 				break;
561 			}
562 		}
563 	}
564 
565 	return auth->num_freq == 0 ? -1 : 0;
566 }
567 
568 
dpp_prepare_channel_list(struct dpp_authentication * auth,unsigned int neg_freq,struct hostapd_hw_modes * own_modes,u16 num_modes)569 int dpp_prepare_channel_list(struct dpp_authentication *auth,
570 			     unsigned int neg_freq,
571 			     struct hostapd_hw_modes *own_modes, u16 num_modes)
572 {
573 	int res;
574 	char freqs[DPP_BOOTSTRAP_MAX_FREQ * 6 + 10], *pos, *end;
575 	unsigned int i;
576 
577 	if (!own_modes) {
578 		if (!neg_freq)
579 			return -1;
580 		auth->num_freq = 1;
581 		auth->freq[0] = neg_freq;
582 		auth->curr_freq = neg_freq;
583 		return 0;
584 	}
585 
586 	if (auth->peer_bi->num_freq > 0)
587 		res = dpp_channel_intersect(auth, own_modes, num_modes);
588 	else
589 		res = dpp_channel_local_list(auth, own_modes, num_modes);
590 	if (res < 0)
591 		return res;
592 
593 	/* Prioritize 2.4 GHz channels 6, 1, 11 (in this order) to hit the most
594 	 * likely channels first. */
595 	freq_to_start(auth->freq, auth->num_freq, 2462);
596 	freq_to_start(auth->freq, auth->num_freq, 2412);
597 	freq_to_start(auth->freq, auth->num_freq, 2437);
598 
599 	auth->freq_idx = 0;
600 	auth->curr_freq = auth->freq[0];
601 
602 	pos = freqs;
603 	end = pos + sizeof(freqs);
604 	for (i = 0; i < auth->num_freq; i++) {
605 		res = os_snprintf(pos, end - pos, " %u", auth->freq[i]);
606 		if (os_snprintf_error(end - pos, res))
607 			break;
608 		pos += res;
609 	}
610 	*pos = '\0';
611 	wpa_printf(MSG_DEBUG, "DPP: Possible frequencies for initiating:%s",
612 		   freqs);
613 
614 	return 0;
615 }
616 
617 
dpp_gen_uri(struct dpp_bootstrap_info * bi)618 int dpp_gen_uri(struct dpp_bootstrap_info *bi)
619 {
620 	char macstr[ETH_ALEN * 2 + 10];
621 	size_t len;
622 
623 	len = 4; /* "DPP:" */
624 	if (bi->chan)
625 		len += 3 + os_strlen(bi->chan); /* C:...; */
626 	if (is_zero_ether_addr(bi->mac_addr))
627 		macstr[0] = '\0';
628 	else
629 		os_snprintf(macstr, sizeof(macstr), "M:" COMPACT_MACSTR ";",
630 			    MAC2STR(bi->mac_addr));
631 	len += os_strlen(macstr); /* M:...; */
632 	if (bi->info)
633 		len += 3 + os_strlen(bi->info); /* I:...; */
634 #ifdef CONFIG_DPP2
635 	len += 4; /* V:2; */
636 #endif /* CONFIG_DPP2 */
637 	len += 4 + os_strlen(bi->pk); /* K:...;; */
638 
639 	os_free(bi->uri);
640 	bi->uri = os_malloc(len + 1);
641 	if (!bi->uri)
642 		return -1;
643 	os_snprintf(bi->uri, len + 1, "DPP:%s%s%s%s%s%s%s%sK:%s;;",
644 		    bi->chan ? "C:" : "", bi->chan ? bi->chan : "",
645 		    bi->chan ? ";" : "",
646 		    macstr,
647 		    bi->info ? "I:" : "", bi->info ? bi->info : "",
648 		    bi->info ? ";" : "",
649 		    DPP_VERSION == 2 ? "V:2;" : "",
650 		    bi->pk);
651 	return 0;
652 }
653 
654 
655 struct dpp_authentication *
dpp_alloc_auth(struct dpp_global * dpp,void * msg_ctx)656 dpp_alloc_auth(struct dpp_global *dpp, void *msg_ctx)
657 {
658 	struct dpp_authentication *auth;
659 
660 	auth = os_zalloc(sizeof(*auth));
661 	if (!auth)
662 		return NULL;
663 	auth->global = dpp;
664 	auth->msg_ctx = msg_ctx;
665 	auth->conf_resp_status = 255;
666 	return auth;
667 }
668 
669 
dpp_build_conf_req_attr(struct dpp_authentication * auth,const char * json)670 static struct wpabuf * dpp_build_conf_req_attr(struct dpp_authentication *auth,
671 					       const char *json)
672 {
673 	size_t nonce_len;
674 	size_t json_len, clear_len;
675 	struct wpabuf *clear = NULL, *msg = NULL;
676 	u8 *wrapped;
677 	size_t attr_len;
678 
679 	wpa_printf(MSG_DEBUG, "DPP: Build configuration request");
680 
681 	nonce_len = auth->curve->nonce_len;
682 	if (random_get_bytes(auth->e_nonce, nonce_len)) {
683 		wpa_printf(MSG_ERROR, "DPP: Failed to generate E-nonce");
684 		goto fail;
685 	}
686 	wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", auth->e_nonce, nonce_len);
687 	json_len = os_strlen(json);
688 	wpa_hexdump_ascii(MSG_DEBUG, "DPP: configRequest JSON", json, json_len);
689 
690 	/* { E-nonce, configAttrib }ke */
691 	clear_len = 4 + nonce_len + 4 + json_len;
692 	clear = wpabuf_alloc(clear_len);
693 	attr_len = 4 + clear_len + AES_BLOCK_SIZE;
694 #ifdef CONFIG_TESTING_OPTIONS
695 	if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ)
696 		attr_len += 5;
697 #endif /* CONFIG_TESTING_OPTIONS */
698 	msg = wpabuf_alloc(attr_len);
699 	if (!clear || !msg)
700 		goto fail;
701 
702 #ifdef CONFIG_TESTING_OPTIONS
703 	if (dpp_test == DPP_TEST_NO_E_NONCE_CONF_REQ) {
704 		wpa_printf(MSG_INFO, "DPP: TESTING - no E-nonce");
705 		goto skip_e_nonce;
706 	}
707 	if (dpp_test == DPP_TEST_INVALID_E_NONCE_CONF_REQ) {
708 		wpa_printf(MSG_INFO, "DPP: TESTING - invalid E-nonce");
709 		wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
710 		wpabuf_put_le16(clear, nonce_len - 1);
711 		wpabuf_put_data(clear, auth->e_nonce, nonce_len - 1);
712 		goto skip_e_nonce;
713 	}
714 	if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_CONF_REQ) {
715 		wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
716 		goto skip_wrapped_data;
717 	}
718 #endif /* CONFIG_TESTING_OPTIONS */
719 
720 	/* E-nonce */
721 	wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
722 	wpabuf_put_le16(clear, nonce_len);
723 	wpabuf_put_data(clear, auth->e_nonce, nonce_len);
724 
725 #ifdef CONFIG_TESTING_OPTIONS
726 skip_e_nonce:
727 	if (dpp_test == DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ) {
728 		wpa_printf(MSG_INFO, "DPP: TESTING - no configAttrib");
729 		goto skip_conf_attr_obj;
730 	}
731 #endif /* CONFIG_TESTING_OPTIONS */
732 
733 	/* configAttrib */
734 	wpabuf_put_le16(clear, DPP_ATTR_CONFIG_ATTR_OBJ);
735 	wpabuf_put_le16(clear, json_len);
736 	wpabuf_put_data(clear, json, json_len);
737 
738 #ifdef CONFIG_TESTING_OPTIONS
739 skip_conf_attr_obj:
740 #endif /* CONFIG_TESTING_OPTIONS */
741 
742 	wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
743 	wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
744 	wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
745 
746 	/* No AES-SIV AD */
747 	wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
748 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
749 			    wpabuf_head(clear), wpabuf_len(clear),
750 			    0, NULL, NULL, wrapped) < 0)
751 		goto fail;
752 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
753 		    wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
754 
755 #ifdef CONFIG_TESTING_OPTIONS
756 	if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ) {
757 		wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data");
758 		dpp_build_attr_status(msg, DPP_STATUS_OK);
759 	}
760 skip_wrapped_data:
761 #endif /* CONFIG_TESTING_OPTIONS */
762 
763 	wpa_hexdump_buf(MSG_DEBUG,
764 			"DPP: Configuration Request frame attributes", msg);
765 	wpabuf_free(clear);
766 	return msg;
767 
768 fail:
769 	wpabuf_free(clear);
770 	wpabuf_free(msg);
771 	return NULL;
772 }
773 
774 
dpp_write_adv_proto(struct wpabuf * buf)775 void dpp_write_adv_proto(struct wpabuf *buf)
776 {
777 	/* Advertisement Protocol IE */
778 	wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO);
779 	wpabuf_put_u8(buf, 8); /* Length */
780 	wpabuf_put_u8(buf, 0x7f);
781 	wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
782 	wpabuf_put_u8(buf, 5);
783 	wpabuf_put_be24(buf, OUI_WFA);
784 	wpabuf_put_u8(buf, DPP_OUI_TYPE);
785 	wpabuf_put_u8(buf, 0x01);
786 }
787 
788 
dpp_write_gas_query(struct wpabuf * buf,struct wpabuf * query)789 void dpp_write_gas_query(struct wpabuf *buf, struct wpabuf *query)
790 {
791 	/* GAS Query */
792 	wpabuf_put_le16(buf, wpabuf_len(query));
793 	wpabuf_put_buf(buf, query);
794 }
795 
796 
dpp_build_conf_req(struct dpp_authentication * auth,const char * json)797 struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
798 				   const char *json)
799 {
800 	struct wpabuf *buf, *conf_req;
801 
802 	conf_req = dpp_build_conf_req_attr(auth, json);
803 	if (!conf_req) {
804 		wpa_printf(MSG_DEBUG,
805 			   "DPP: No configuration request data available");
806 		return NULL;
807 	}
808 
809 	buf = gas_build_initial_req(0, 10 + 2 + wpabuf_len(conf_req));
810 	if (!buf) {
811 		wpabuf_free(conf_req);
812 		return NULL;
813 	}
814 
815 	dpp_write_adv_proto(buf);
816 	dpp_write_gas_query(buf, conf_req);
817 	wpabuf_free(conf_req);
818 	wpa_hexdump_buf(MSG_MSGDUMP, "DPP: GAS Config Request", buf);
819 
820 	return buf;
821 }
822 
823 
dpp_build_conf_req_helper(struct dpp_authentication * auth,const char * name,enum dpp_netrole netrole,const char * mud_url,int * opclasses)824 struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
825 					  const char *name,
826 					  enum dpp_netrole netrole,
827 					  const char *mud_url, int *opclasses)
828 {
829 	size_t len, name_len;
830 	const char *tech = "infra";
831 	const char *dpp_name;
832 	struct wpabuf *buf, *json;
833 	char *csr = NULL;
834 
835 #ifdef CONFIG_TESTING_OPTIONS
836 	if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) {
837 		static const char *bogus_tech = "knfra";
838 
839 		wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr");
840 		tech = bogus_tech;
841 	}
842 #endif /* CONFIG_TESTING_OPTIONS */
843 
844 	dpp_name = name ? name : "Test";
845 	name_len = os_strlen(dpp_name);
846 
847 	len = 100 + name_len * 6 + 1 + int_array_len(opclasses) * 4;
848 	if (mud_url && mud_url[0])
849 		len += 10 + os_strlen(mud_url);
850 #ifdef CONFIG_DPP2
851 	if (auth->csr) {
852 		size_t csr_len;
853 
854 		csr = base64_encode_no_lf(wpabuf_head(auth->csr),
855 					  wpabuf_len(auth->csr), &csr_len);
856 		if (!csr)
857 			return NULL;
858 		len += 30 + csr_len;
859 	}
860 #endif /* CONFIG_DPP2 */
861 	json = wpabuf_alloc(len);
862 	if (!json)
863 		return NULL;
864 
865 	json_start_object(json, NULL);
866 	if (json_add_string_escape(json, "name", dpp_name, name_len) < 0) {
867 		wpabuf_free(json);
868 		return NULL;
869 	}
870 	json_value_sep(json);
871 	json_add_string(json, "wi-fi_tech", tech);
872 	json_value_sep(json);
873 	json_add_string(json, "netRole", dpp_netrole_str(netrole));
874 	if (mud_url && mud_url[0]) {
875 		json_value_sep(json);
876 		json_add_string(json, "mudurl", mud_url);
877 	}
878 	if (opclasses) {
879 		int i;
880 
881 		json_value_sep(json);
882 		json_start_array(json, "bandSupport");
883 		for (i = 0; opclasses[i]; i++)
884 			wpabuf_printf(json, "%s%u", i ? "," : "", opclasses[i]);
885 		json_end_array(json);
886 	}
887 	if (csr) {
888 		json_value_sep(json);
889 		json_add_string(json, "pkcs10", csr);
890 	}
891 	json_end_object(json);
892 
893 	buf = dpp_build_conf_req(auth, wpabuf_head(json));
894 	wpabuf_free(json);
895 	os_free(csr);
896 
897 	return buf;
898 }
899 
900 
bin_str_eq(const char * val,size_t len,const char * cmp)901 static int bin_str_eq(const char *val, size_t len, const char *cmp)
902 {
903 	return os_strlen(cmp) == len && os_memcmp(val, cmp, len) == 0;
904 }
905 
906 
dpp_configuration_alloc(const char * type)907 struct dpp_configuration * dpp_configuration_alloc(const char *type)
908 {
909 	struct dpp_configuration *conf;
910 	const char *end;
911 	size_t len;
912 
913 	conf = os_zalloc(sizeof(*conf));
914 	if (!conf)
915 		goto fail;
916 
917 	end = os_strchr(type, ' ');
918 	if (end)
919 		len = end - type;
920 	else
921 		len = os_strlen(type);
922 
923 	if (bin_str_eq(type, len, "psk"))
924 		conf->akm = DPP_AKM_PSK;
925 	else if (bin_str_eq(type, len, "sae"))
926 		conf->akm = DPP_AKM_SAE;
927 	else if (bin_str_eq(type, len, "psk-sae") ||
928 		 bin_str_eq(type, len, "psk+sae"))
929 		conf->akm = DPP_AKM_PSK_SAE;
930 	else if (bin_str_eq(type, len, "sae-dpp") ||
931 		 bin_str_eq(type, len, "dpp+sae"))
932 		conf->akm = DPP_AKM_SAE_DPP;
933 	else if (bin_str_eq(type, len, "psk-sae-dpp") ||
934 		 bin_str_eq(type, len, "dpp+psk+sae"))
935 		conf->akm = DPP_AKM_PSK_SAE_DPP;
936 	else if (bin_str_eq(type, len, "dpp"))
937 		conf->akm = DPP_AKM_DPP;
938 	else if (bin_str_eq(type, len, "dot1x"))
939 		conf->akm = DPP_AKM_DOT1X;
940 	else
941 		goto fail;
942 
943 	return conf;
944 fail:
945 	dpp_configuration_free(conf);
946 	return NULL;
947 }
948 
949 
dpp_akm_psk(enum dpp_akm akm)950 int dpp_akm_psk(enum dpp_akm akm)
951 {
952 	return akm == DPP_AKM_PSK || akm == DPP_AKM_PSK_SAE ||
953 		akm == DPP_AKM_PSK_SAE_DPP;
954 }
955 
956 
dpp_akm_sae(enum dpp_akm akm)957 int dpp_akm_sae(enum dpp_akm akm)
958 {
959 	return akm == DPP_AKM_SAE || akm == DPP_AKM_PSK_SAE ||
960 		akm == DPP_AKM_SAE_DPP || akm == DPP_AKM_PSK_SAE_DPP;
961 }
962 
963 
dpp_akm_legacy(enum dpp_akm akm)964 int dpp_akm_legacy(enum dpp_akm akm)
965 {
966 	return akm == DPP_AKM_PSK || akm == DPP_AKM_PSK_SAE ||
967 		akm == DPP_AKM_SAE;
968 }
969 
970 
dpp_akm_dpp(enum dpp_akm akm)971 int dpp_akm_dpp(enum dpp_akm akm)
972 {
973 	return akm == DPP_AKM_DPP || akm == DPP_AKM_SAE_DPP ||
974 		akm == DPP_AKM_PSK_SAE_DPP;
975 }
976 
977 
dpp_akm_ver2(enum dpp_akm akm)978 int dpp_akm_ver2(enum dpp_akm akm)
979 {
980 	return akm == DPP_AKM_SAE_DPP || akm == DPP_AKM_PSK_SAE_DPP;
981 }
982 
983 
dpp_configuration_valid(const struct dpp_configuration * conf)984 int dpp_configuration_valid(const struct dpp_configuration *conf)
985 {
986 	if (conf->ssid_len == 0)
987 		return 0;
988 	if (dpp_akm_psk(conf->akm) && !conf->passphrase && !conf->psk_set)
989 		return 0;
990 	if (dpp_akm_sae(conf->akm) && !conf->passphrase)
991 		return 0;
992 	return 1;
993 }
994 
995 
dpp_configuration_free(struct dpp_configuration * conf)996 void dpp_configuration_free(struct dpp_configuration *conf)
997 {
998 	if (!conf)
999 		return;
1000 	str_clear_free(conf->passphrase);
1001 	os_free(conf->group_id);
1002 	os_free(conf->csrattrs);
1003 	bin_clear_free(conf, sizeof(*conf));
1004 }
1005 
1006 
dpp_configuration_parse_helper(struct dpp_authentication * auth,const char * cmd,int idx)1007 static int dpp_configuration_parse_helper(struct dpp_authentication *auth,
1008 					  const char *cmd, int idx)
1009 {
1010 	const char *pos, *end;
1011 	struct dpp_configuration *conf_sta = NULL, *conf_ap = NULL;
1012 	struct dpp_configuration *conf = NULL;
1013 	size_t len;
1014 
1015 	pos = os_strstr(cmd, " conf=sta-");
1016 	if (pos) {
1017 		conf_sta = dpp_configuration_alloc(pos + 10);
1018 		if (!conf_sta)
1019 			goto fail;
1020 		conf_sta->netrole = DPP_NETROLE_STA;
1021 		conf = conf_sta;
1022 	}
1023 
1024 	pos = os_strstr(cmd, " conf=ap-");
1025 	if (pos) {
1026 		conf_ap = dpp_configuration_alloc(pos + 9);
1027 		if (!conf_ap)
1028 			goto fail;
1029 		conf_ap->netrole = DPP_NETROLE_AP;
1030 		conf = conf_ap;
1031 	}
1032 
1033 	pos = os_strstr(cmd, " conf=configurator");
1034 	if (pos)
1035 		auth->provision_configurator = 1;
1036 
1037 	if (!conf)
1038 		return 0;
1039 
1040 	pos = os_strstr(cmd, " ssid=");
1041 	if (pos) {
1042 		pos += 6;
1043 		end = os_strchr(pos, ' ');
1044 		conf->ssid_len = end ? (size_t) (end - pos) : os_strlen(pos);
1045 		conf->ssid_len /= 2;
1046 		if (conf->ssid_len > sizeof(conf->ssid) ||
1047 		    hexstr2bin(pos, conf->ssid, conf->ssid_len) < 0)
1048 			goto fail;
1049 	} else {
1050 #ifdef CONFIG_TESTING_OPTIONS
1051 		/* use a default SSID for legacy testing reasons */
1052 		os_memcpy(conf->ssid, "test", 4);
1053 		conf->ssid_len = 4;
1054 #else /* CONFIG_TESTING_OPTIONS */
1055 		goto fail;
1056 #endif /* CONFIG_TESTING_OPTIONS */
1057 	}
1058 
1059 	pos = os_strstr(cmd, " ssid_charset=");
1060 	if (pos) {
1061 		if (conf_ap) {
1062 			wpa_printf(MSG_INFO,
1063 				   "DPP: ssid64 option (ssid_charset param) not allowed for AP enrollee");
1064 			goto fail;
1065 		}
1066 		conf->ssid_charset = atoi(pos + 14);
1067 	}
1068 
1069 	pos = os_strstr(cmd, " pass=");
1070 	if (pos) {
1071 		size_t pass_len;
1072 
1073 		pos += 6;
1074 		end = os_strchr(pos, ' ');
1075 		pass_len = end ? (size_t) (end - pos) : os_strlen(pos);
1076 		pass_len /= 2;
1077 		if (pass_len > 63 || pass_len < 8)
1078 			goto fail;
1079 		conf->passphrase = os_zalloc(pass_len + 1);
1080 		if (!conf->passphrase ||
1081 		    hexstr2bin(pos, (u8 *) conf->passphrase, pass_len) < 0)
1082 			goto fail;
1083 	}
1084 
1085 	pos = os_strstr(cmd, " psk=");
1086 	if (pos) {
1087 		pos += 5;
1088 		if (hexstr2bin(pos, conf->psk, PMK_LEN) < 0)
1089 			goto fail;
1090 		conf->psk_set = 1;
1091 	}
1092 
1093 	pos = os_strstr(cmd, " group_id=");
1094 	if (pos) {
1095 		size_t group_id_len;
1096 
1097 		pos += 10;
1098 		end = os_strchr(pos, ' ');
1099 		group_id_len = end ? (size_t) (end - pos) : os_strlen(pos);
1100 		conf->group_id = os_malloc(group_id_len + 1);
1101 		if (!conf->group_id)
1102 			goto fail;
1103 		os_memcpy(conf->group_id, pos, group_id_len);
1104 		conf->group_id[group_id_len] = '\0';
1105 	}
1106 
1107 	pos = os_strstr(cmd, " expiry=");
1108 	if (pos) {
1109 		long int val;
1110 
1111 		pos += 8;
1112 		val = strtol(pos, NULL, 0);
1113 		if (val <= 0)
1114 			goto fail;
1115 		conf->netaccesskey_expiry = val;
1116 	}
1117 
1118 	pos = os_strstr(cmd, " csrattrs=");
1119 	if (pos) {
1120 		pos += 10;
1121 		end = os_strchr(pos, ' ');
1122 		len = end ? (size_t) (end - pos) : os_strlen(pos);
1123 		conf->csrattrs = os_zalloc(len + 1);
1124 		if (!conf->csrattrs)
1125 			goto fail;
1126 		os_memcpy(conf->csrattrs, pos, len);
1127 	}
1128 
1129 	if (!dpp_configuration_valid(conf))
1130 		goto fail;
1131 
1132 	if (idx == 0) {
1133 		auth->conf_sta = conf_sta;
1134 		auth->conf_ap = conf_ap;
1135 	} else if (idx == 1) {
1136 		auth->conf2_sta = conf_sta;
1137 		auth->conf2_ap = conf_ap;
1138 	} else {
1139 		goto fail;
1140 	}
1141 	return 0;
1142 
1143 fail:
1144 	dpp_configuration_free(conf_sta);
1145 	dpp_configuration_free(conf_ap);
1146 	return -1;
1147 }
1148 
1149 
dpp_configuration_parse(struct dpp_authentication * auth,const char * cmd)1150 static int dpp_configuration_parse(struct dpp_authentication *auth,
1151 				   const char *cmd)
1152 {
1153 	const char *pos;
1154 	char *tmp;
1155 	size_t len;
1156 	int res;
1157 
1158 	pos = os_strstr(cmd, " @CONF-OBJ-SEP@ ");
1159 	if (!pos)
1160 		return dpp_configuration_parse_helper(auth, cmd, 0);
1161 
1162 	len = pos - cmd;
1163 	tmp = os_malloc(len + 1);
1164 	if (!tmp)
1165 		goto fail;
1166 	os_memcpy(tmp, cmd, len);
1167 	tmp[len] = '\0';
1168 	res = dpp_configuration_parse_helper(auth, cmd, 0);
1169 	str_clear_free(tmp);
1170 	if (res)
1171 		goto fail;
1172 	res = dpp_configuration_parse_helper(auth, cmd + len, 1);
1173 	if (res)
1174 		goto fail;
1175 	return 0;
1176 fail:
1177 	dpp_configuration_free(auth->conf_sta);
1178 	dpp_configuration_free(auth->conf2_sta);
1179 	dpp_configuration_free(auth->conf_ap);
1180 	dpp_configuration_free(auth->conf2_ap);
1181 	return -1;
1182 }
1183 
1184 
1185 static struct dpp_configurator *
dpp_configurator_get_id(struct dpp_global * dpp,unsigned int id)1186 dpp_configurator_get_id(struct dpp_global *dpp, unsigned int id)
1187 {
1188 	struct dpp_configurator *conf;
1189 
1190 	if (!dpp)
1191 		return NULL;
1192 
1193 	dl_list_for_each(conf, &dpp->configurator,
1194 			 struct dpp_configurator, list) {
1195 		if (conf->id == id)
1196 			return conf;
1197 	}
1198 	return NULL;
1199 }
1200 
1201 
dpp_set_configurator(struct dpp_authentication * auth,const char * cmd)1202 int dpp_set_configurator(struct dpp_authentication *auth, const char *cmd)
1203 {
1204 	const char *pos;
1205 	char *tmp = NULL;
1206 	int ret = -1;
1207 
1208 	if (!cmd || auth->configurator_set)
1209 		return 0;
1210 	auth->configurator_set = 1;
1211 
1212 	if (cmd[0] != ' ') {
1213 		size_t len;
1214 
1215 		len = os_strlen(cmd);
1216 		tmp = os_malloc(len + 2);
1217 		if (!tmp)
1218 			goto fail;
1219 		tmp[0] = ' ';
1220 		os_memcpy(tmp + 1, cmd, len + 1);
1221 		cmd = tmp;
1222 	}
1223 
1224 	wpa_printf(MSG_DEBUG, "DPP: Set configurator parameters: %s", cmd);
1225 
1226 	pos = os_strstr(cmd, " configurator=");
1227 	if (!auth->conf && pos) {
1228 		pos += 14;
1229 		auth->conf = dpp_configurator_get_id(auth->global, atoi(pos));
1230 		if (!auth->conf) {
1231 			wpa_printf(MSG_INFO,
1232 				   "DPP: Could not find the specified configurator");
1233 			goto fail;
1234 		}
1235 	}
1236 
1237 	pos = os_strstr(cmd, " conn_status=");
1238 	if (pos) {
1239 		pos += 13;
1240 		auth->send_conn_status = atoi(pos);
1241 	}
1242 
1243 	pos = os_strstr(cmd, " akm_use_selector=");
1244 	if (pos) {
1245 		pos += 18;
1246 		auth->akm_use_selector = atoi(pos);
1247 	}
1248 
1249 	if (dpp_configuration_parse(auth, cmd) < 0) {
1250 		wpa_msg(auth->msg_ctx, MSG_INFO,
1251 			"DPP: Failed to set configurator parameters");
1252 		goto fail;
1253 	}
1254 	ret = 0;
1255 fail:
1256 	os_free(tmp);
1257 	return ret;
1258 }
1259 
1260 
dpp_auth_deinit(struct dpp_authentication * auth)1261 void dpp_auth_deinit(struct dpp_authentication *auth)
1262 {
1263 	unsigned int i;
1264 
1265 	if (!auth)
1266 		return;
1267 	dpp_configuration_free(auth->conf_ap);
1268 	dpp_configuration_free(auth->conf2_ap);
1269 	dpp_configuration_free(auth->conf_sta);
1270 	dpp_configuration_free(auth->conf2_sta);
1271 	EVP_PKEY_free(auth->own_protocol_key);
1272 	EVP_PKEY_free(auth->peer_protocol_key);
1273 	EVP_PKEY_free(auth->reconfig_old_protocol_key);
1274 	wpabuf_free(auth->req_msg);
1275 	wpabuf_free(auth->resp_msg);
1276 	wpabuf_free(auth->conf_req);
1277 	wpabuf_free(auth->reconfig_req_msg);
1278 	wpabuf_free(auth->reconfig_resp_msg);
1279 	for (i = 0; i < auth->num_conf_obj; i++) {
1280 		struct dpp_config_obj *conf = &auth->conf_obj[i];
1281 
1282 		os_free(conf->connector);
1283 		wpabuf_free(conf->c_sign_key);
1284 		wpabuf_free(conf->certbag);
1285 		wpabuf_free(conf->certs);
1286 		wpabuf_free(conf->cacert);
1287 		os_free(conf->server_name);
1288 		wpabuf_free(conf->pp_key);
1289 	}
1290 #ifdef CONFIG_DPP2
1291 	dpp_free_asymmetric_key(auth->conf_key_pkg);
1292 	os_free(auth->csrattrs);
1293 	wpabuf_free(auth->csr);
1294 	wpabuf_free(auth->priv_key);
1295 	wpabuf_free(auth->cacert);
1296 	wpabuf_free(auth->certbag);
1297 	os_free(auth->trusted_eap_server_name);
1298 	wpabuf_free(auth->conf_resp_tcp);
1299 #endif /* CONFIG_DPP2 */
1300 	wpabuf_free(auth->net_access_key);
1301 	dpp_bootstrap_info_free(auth->tmp_own_bi);
1302 	if (auth->tmp_peer_bi) {
1303 		dl_list_del(&auth->tmp_peer_bi->list);
1304 		dpp_bootstrap_info_free(auth->tmp_peer_bi);
1305 	}
1306 #ifdef CONFIG_TESTING_OPTIONS
1307 	os_free(auth->config_obj_override);
1308 	os_free(auth->discovery_override);
1309 	os_free(auth->groups_override);
1310 #endif /* CONFIG_TESTING_OPTIONS */
1311 	bin_clear_free(auth, sizeof(*auth));
1312 }
1313 
1314 
1315 static struct wpabuf *
dpp_build_conf_start(struct dpp_authentication * auth,struct dpp_configuration * conf,size_t tailroom)1316 dpp_build_conf_start(struct dpp_authentication *auth,
1317 		     struct dpp_configuration *conf, size_t tailroom)
1318 {
1319 	struct wpabuf *buf;
1320 
1321 #ifdef CONFIG_TESTING_OPTIONS
1322 	if (auth->discovery_override)
1323 		tailroom += os_strlen(auth->discovery_override);
1324 #endif /* CONFIG_TESTING_OPTIONS */
1325 
1326 	buf = wpabuf_alloc(200 + tailroom);
1327 	if (!buf)
1328 		return NULL;
1329 	json_start_object(buf, NULL);
1330 	json_add_string(buf, "wi-fi_tech", "infra");
1331 	json_value_sep(buf);
1332 #ifdef CONFIG_TESTING_OPTIONS
1333 	if (auth->discovery_override) {
1334 		wpa_printf(MSG_DEBUG, "DPP: TESTING - discovery override: '%s'",
1335 			   auth->discovery_override);
1336 		wpabuf_put_str(buf, "\"discovery\":");
1337 		wpabuf_put_str(buf, auth->discovery_override);
1338 		json_value_sep(buf);
1339 		return buf;
1340 	}
1341 #endif /* CONFIG_TESTING_OPTIONS */
1342 	json_start_object(buf, "discovery");
1343 	if (((!conf->ssid_charset || auth->peer_version < 2) &&
1344 	     json_add_string_escape(buf, "ssid", conf->ssid,
1345 				    conf->ssid_len) < 0) ||
1346 	    ((conf->ssid_charset && auth->peer_version >= 2) &&
1347 	     json_add_base64url(buf, "ssid64", conf->ssid,
1348 				conf->ssid_len) < 0)) {
1349 		wpabuf_free(buf);
1350 		return NULL;
1351 	}
1352 	if (conf->ssid_charset > 0) {
1353 		json_value_sep(buf);
1354 		json_add_int(buf, "ssid_charset", conf->ssid_charset);
1355 	}
1356 	json_end_object(buf);
1357 	json_value_sep(buf);
1358 
1359 	return buf;
1360 }
1361 
1362 
dpp_build_jwk(struct wpabuf * buf,const char * name,EVP_PKEY * key,const char * kid,const struct dpp_curve_params * curve)1363 int dpp_build_jwk(struct wpabuf *buf, const char *name, EVP_PKEY *key,
1364 		  const char *kid, const struct dpp_curve_params *curve)
1365 {
1366 	struct wpabuf *pub;
1367 	const u8 *pos;
1368 	int ret = -1;
1369 
1370 	pub = dpp_get_pubkey_point(key, 0);
1371 	if (!pub)
1372 		goto fail;
1373 
1374 	json_start_object(buf, name);
1375 	json_add_string(buf, "kty", "EC");
1376 	json_value_sep(buf);
1377 	json_add_string(buf, "crv", curve->jwk_crv);
1378 	json_value_sep(buf);
1379 	pos = wpabuf_head(pub);
1380 	if (json_add_base64url(buf, "x", pos, curve->prime_len) < 0)
1381 		goto fail;
1382 	json_value_sep(buf);
1383 	pos += curve->prime_len;
1384 	if (json_add_base64url(buf, "y", pos, curve->prime_len) < 0)
1385 		goto fail;
1386 	if (kid) {
1387 		json_value_sep(buf);
1388 		json_add_string(buf, "kid", kid);
1389 	}
1390 	json_end_object(buf);
1391 	ret = 0;
1392 fail:
1393 	wpabuf_free(pub);
1394 	return ret;
1395 }
1396 
1397 
dpp_build_legacy_cred_params(struct wpabuf * buf,struct dpp_configuration * conf)1398 static void dpp_build_legacy_cred_params(struct wpabuf *buf,
1399 					 struct dpp_configuration *conf)
1400 {
1401 	if (conf->passphrase && os_strlen(conf->passphrase) < 64) {
1402 		json_add_string_escape(buf, "pass", conf->passphrase,
1403 				       os_strlen(conf->passphrase));
1404 	} else if (conf->psk_set) {
1405 		char psk[2 * sizeof(conf->psk) + 1];
1406 
1407 		wpa_snprintf_hex(psk, sizeof(psk),
1408 				 conf->psk, sizeof(conf->psk));
1409 		json_add_string(buf, "psk_hex", psk);
1410 		forced_memzero(psk, sizeof(psk));
1411 	}
1412 }
1413 
1414 
dpp_netrole_str(enum dpp_netrole netrole)1415 static const char * dpp_netrole_str(enum dpp_netrole netrole)
1416 {
1417 	switch (netrole) {
1418 	case DPP_NETROLE_STA:
1419 		return "sta";
1420 	case DPP_NETROLE_AP:
1421 		return "ap";
1422 	case DPP_NETROLE_CONFIGURATOR:
1423 		return "configurator";
1424 	default:
1425 		return "??";
1426 	}
1427 }
1428 
1429 
1430 static struct wpabuf *
dpp_build_conf_obj_dpp(struct dpp_authentication * auth,struct dpp_configuration * conf)1431 dpp_build_conf_obj_dpp(struct dpp_authentication *auth,
1432 		       struct dpp_configuration *conf)
1433 {
1434 	struct wpabuf *buf = NULL;
1435 	char *signed_conn = NULL;
1436 	size_t tailroom;
1437 	const struct dpp_curve_params *curve;
1438 	struct wpabuf *dppcon = NULL;
1439 	size_t extra_len = 1000;
1440 	int incl_legacy;
1441 	enum dpp_akm akm;
1442 	const char *akm_str;
1443 
1444 	if (!auth->conf) {
1445 		wpa_printf(MSG_INFO,
1446 			   "DPP: No configurator specified - cannot generate DPP config object");
1447 		goto fail;
1448 	}
1449 	curve = auth->conf->curve;
1450 
1451 	akm = conf->akm;
1452 	if (dpp_akm_ver2(akm) && auth->peer_version < 2) {
1453 		wpa_printf(MSG_DEBUG,
1454 			   "DPP: Convert DPP+legacy credential to DPP-only for peer that does not support version 2");
1455 		akm = DPP_AKM_DPP;
1456 	}
1457 
1458 #ifdef CONFIG_TESTING_OPTIONS
1459 	if (auth->groups_override)
1460 		extra_len += os_strlen(auth->groups_override);
1461 #endif /* CONFIG_TESTING_OPTIONS */
1462 
1463 	if (conf->group_id)
1464 		extra_len += os_strlen(conf->group_id);
1465 
1466 	/* Connector (JSON dppCon object) */
1467 	dppcon = wpabuf_alloc(extra_len + 2 * auth->curve->prime_len * 4 / 3);
1468 	if (!dppcon)
1469 		goto fail;
1470 #ifdef CONFIG_TESTING_OPTIONS
1471 	if (auth->groups_override) {
1472 		wpabuf_put_u8(dppcon, '{');
1473 		if (auth->groups_override) {
1474 			wpa_printf(MSG_DEBUG,
1475 				   "DPP: TESTING - groups override: '%s'",
1476 				   auth->groups_override);
1477 			wpabuf_put_str(dppcon, "\"groups\":");
1478 			wpabuf_put_str(dppcon, auth->groups_override);
1479 			json_value_sep(dppcon);
1480 		}
1481 		goto skip_groups;
1482 	}
1483 #endif /* CONFIG_TESTING_OPTIONS */
1484 	json_start_object(dppcon, NULL);
1485 	json_start_array(dppcon, "groups");
1486 	json_start_object(dppcon, NULL);
1487 	json_add_string(dppcon, "groupId",
1488 			conf->group_id ? conf->group_id : "*");
1489 	json_value_sep(dppcon);
1490 	json_add_string(dppcon, "netRole", dpp_netrole_str(conf->netrole));
1491 	json_end_object(dppcon);
1492 	json_end_array(dppcon);
1493 	json_value_sep(dppcon);
1494 #ifdef CONFIG_TESTING_OPTIONS
1495 skip_groups:
1496 #endif /* CONFIG_TESTING_OPTIONS */
1497 	if (!auth->peer_protocol_key ||
1498 	    dpp_build_jwk(dppcon, "netAccessKey", auth->peer_protocol_key, NULL,
1499 			  auth->curve) < 0) {
1500 		wpa_printf(MSG_DEBUG, "DPP: Failed to build netAccessKey JWK");
1501 		goto fail;
1502 	}
1503 	if (conf->netaccesskey_expiry) {
1504 		struct os_tm tm;
1505 		char expiry[30];
1506 
1507 		if (os_gmtime(conf->netaccesskey_expiry, &tm) < 0) {
1508 			wpa_printf(MSG_DEBUG,
1509 				   "DPP: Failed to generate expiry string");
1510 			goto fail;
1511 		}
1512 		os_snprintf(expiry, sizeof(expiry),
1513 			    "%04u-%02u-%02uT%02u:%02u:%02uZ",
1514 			    tm.year, tm.month, tm.day,
1515 			    tm.hour, tm.min, tm.sec);
1516 		json_value_sep(dppcon);
1517 		json_add_string(dppcon, "expiry", expiry);
1518 	}
1519 	json_end_object(dppcon);
1520 	wpa_printf(MSG_DEBUG, "DPP: dppCon: %s",
1521 		   (const char *) wpabuf_head(dppcon));
1522 
1523 	signed_conn = dpp_sign_connector(auth->conf, dppcon);
1524 	if (!signed_conn)
1525 		goto fail;
1526 
1527 	incl_legacy = dpp_akm_psk(akm) || dpp_akm_sae(akm);
1528 	tailroom = 1000;
1529 	tailroom += 2 * curve->prime_len * 4 / 3 + os_strlen(auth->conf->kid);
1530 	tailroom += os_strlen(signed_conn);
1531 	if (incl_legacy)
1532 		tailroom += 1000;
1533 	if (akm == DPP_AKM_DOT1X) {
1534 		if (auth->certbag)
1535 			tailroom += 2 * wpabuf_len(auth->certbag);
1536 		if (auth->cacert)
1537 			tailroom += 2 * wpabuf_len(auth->cacert);
1538 		if (auth->trusted_eap_server_name)
1539 			tailroom += os_strlen(auth->trusted_eap_server_name);
1540 		tailroom += 1000;
1541 	}
1542 	buf = dpp_build_conf_start(auth, conf, tailroom);
1543 	if (!buf)
1544 		goto fail;
1545 
1546 	if (auth->akm_use_selector && dpp_akm_ver2(akm))
1547 		akm_str = dpp_akm_selector_str(akm);
1548 	else
1549 		akm_str = dpp_akm_str(akm);
1550 	json_start_object(buf, "cred");
1551 	json_add_string(buf, "akm", akm_str);
1552 	json_value_sep(buf);
1553 	if (incl_legacy) {
1554 		dpp_build_legacy_cred_params(buf, conf);
1555 		json_value_sep(buf);
1556 	}
1557 	if (akm == DPP_AKM_DOT1X) {
1558 		json_start_object(buf, "entCreds");
1559 		if (!auth->certbag)
1560 			goto fail;
1561 		json_add_base64(buf, "certBag", wpabuf_head(auth->certbag),
1562 				wpabuf_len(auth->certbag));
1563 		if (auth->cacert) {
1564 			json_value_sep(buf);
1565 			json_add_base64(buf, "caCert",
1566 					wpabuf_head(auth->cacert),
1567 					wpabuf_len(auth->cacert));
1568 		}
1569 		if (auth->trusted_eap_server_name) {
1570 			json_value_sep(buf);
1571 			json_add_string(buf, "trustedEapServerName",
1572 					auth->trusted_eap_server_name);
1573 		}
1574 		json_value_sep(buf);
1575 		json_start_array(buf, "eapMethods");
1576 		wpabuf_printf(buf, "%d", EAP_TYPE_TLS);
1577 		json_end_array(buf);
1578 		json_end_object(buf);
1579 		json_value_sep(buf);
1580 	}
1581 	wpabuf_put_str(buf, "\"signedConnector\":\"");
1582 	wpabuf_put_str(buf, signed_conn);
1583 	wpabuf_put_str(buf, "\"");
1584 	json_value_sep(buf);
1585 	if (dpp_build_jwk(buf, "csign", auth->conf->csign, auth->conf->kid,
1586 			  curve) < 0) {
1587 		wpa_printf(MSG_DEBUG, "DPP: Failed to build csign JWK");
1588 		goto fail;
1589 	}
1590 #ifdef CONFIG_DPP2
1591 	if (auth->peer_version >= 2 && auth->conf->pp_key) {
1592 		json_value_sep(buf);
1593 		if (dpp_build_jwk(buf, "ppKey", auth->conf->pp_key, NULL,
1594 				  curve) < 0) {
1595 			wpa_printf(MSG_DEBUG, "DPP: Failed to build ppKey JWK");
1596 			goto fail;
1597 		}
1598 	}
1599 #endif /* CONFIG_DPP2 */
1600 
1601 	json_end_object(buf);
1602 	json_end_object(buf);
1603 
1604 	wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object",
1605 			      wpabuf_head(buf), wpabuf_len(buf));
1606 
1607 out:
1608 	os_free(signed_conn);
1609 	wpabuf_free(dppcon);
1610 	return buf;
1611 fail:
1612 	wpa_printf(MSG_DEBUG, "DPP: Failed to build configuration object");
1613 	wpabuf_free(buf);
1614 	buf = NULL;
1615 	goto out;
1616 }
1617 
1618 
1619 static struct wpabuf *
dpp_build_conf_obj_legacy(struct dpp_authentication * auth,struct dpp_configuration * conf)1620 dpp_build_conf_obj_legacy(struct dpp_authentication *auth,
1621 			  struct dpp_configuration *conf)
1622 {
1623 	struct wpabuf *buf;
1624 	const char *akm_str;
1625 
1626 	buf = dpp_build_conf_start(auth, conf, 1000);
1627 	if (!buf)
1628 		return NULL;
1629 
1630 	if (auth->akm_use_selector && dpp_akm_ver2(conf->akm))
1631 		akm_str = dpp_akm_selector_str(conf->akm);
1632 	else
1633 		akm_str = dpp_akm_str(conf->akm);
1634 	json_start_object(buf, "cred");
1635 	json_add_string(buf, "akm", akm_str);
1636 	json_value_sep(buf);
1637 	dpp_build_legacy_cred_params(buf, conf);
1638 	json_end_object(buf);
1639 	json_end_object(buf);
1640 
1641 	wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object (legacy)",
1642 			      wpabuf_head(buf), wpabuf_len(buf));
1643 
1644 	return buf;
1645 }
1646 
1647 
1648 static struct wpabuf *
dpp_build_conf_obj(struct dpp_authentication * auth,enum dpp_netrole netrole,int idx,bool cert_req)1649 dpp_build_conf_obj(struct dpp_authentication *auth, enum dpp_netrole netrole,
1650 		   int idx, bool cert_req)
1651 {
1652 	struct dpp_configuration *conf = NULL;
1653 
1654 #ifdef CONFIG_TESTING_OPTIONS
1655 	if (auth->config_obj_override) {
1656 		if (idx != 0)
1657 			return NULL;
1658 		wpa_printf(MSG_DEBUG, "DPP: Testing - Config Object override");
1659 		return wpabuf_alloc_copy(auth->config_obj_override,
1660 					 os_strlen(auth->config_obj_override));
1661 	}
1662 #endif /* CONFIG_TESTING_OPTIONS */
1663 
1664 	if (idx == 0) {
1665 		if (netrole == DPP_NETROLE_STA)
1666 			conf = auth->conf_sta;
1667 		else if (netrole == DPP_NETROLE_AP)
1668 			conf = auth->conf_ap;
1669 	} else if (idx == 1) {
1670 		if (netrole == DPP_NETROLE_STA)
1671 			conf = auth->conf2_sta;
1672 		else if (netrole == DPP_NETROLE_AP)
1673 			conf = auth->conf2_ap;
1674 	}
1675 	if (!conf) {
1676 		if (idx == 0)
1677 			wpa_printf(MSG_DEBUG,
1678 				   "DPP: No configuration available for Enrollee(%s) - reject configuration request",
1679 				   dpp_netrole_str(netrole));
1680 		return NULL;
1681 	}
1682 
1683 	if (conf->akm == DPP_AKM_DOT1X) {
1684 		if (!auth->conf) {
1685 			wpa_printf(MSG_DEBUG,
1686 				   "DPP: No Configurator data available");
1687 			return NULL;
1688 		}
1689 		if (!cert_req && !auth->certbag) {
1690 			wpa_printf(MSG_DEBUG,
1691 				   "DPP: No certificate data available for dot1x configuration");
1692 			return NULL;
1693 		}
1694 		return dpp_build_conf_obj_dpp(auth, conf);
1695 	}
1696 	if (dpp_akm_dpp(conf->akm) || (auth->peer_version >= 2 && auth->conf))
1697 		return dpp_build_conf_obj_dpp(auth, conf);
1698 	return dpp_build_conf_obj_legacy(auth, conf);
1699 }
1700 
1701 
1702 struct wpabuf *
dpp_build_conf_resp(struct dpp_authentication * auth,const u8 * e_nonce,u16 e_nonce_len,enum dpp_netrole netrole,bool cert_req)1703 dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce,
1704 		    u16 e_nonce_len, enum dpp_netrole netrole, bool cert_req)
1705 {
1706 	struct wpabuf *conf = NULL, *conf2 = NULL, *env_data = NULL;
1707 	size_t clear_len, attr_len;
1708 	struct wpabuf *clear = NULL, *msg = NULL;
1709 	u8 *wrapped;
1710 	const u8 *addr[1];
1711 	size_t len[1];
1712 	enum dpp_status_error status;
1713 
1714 	if (auth->force_conf_resp_status != DPP_STATUS_OK) {
1715 		status = auth->force_conf_resp_status;
1716 		goto forced_status;
1717 	}
1718 
1719 	if (netrole == DPP_NETROLE_CONFIGURATOR) {
1720 #ifdef CONFIG_DPP2
1721 		env_data = dpp_build_enveloped_data(auth);
1722 #endif /* CONFIG_DPP2 */
1723 	} else {
1724 		conf = dpp_build_conf_obj(auth, netrole, 0, cert_req);
1725 		if (conf) {
1726 			wpa_hexdump_ascii(MSG_DEBUG,
1727 					  "DPP: configurationObject JSON",
1728 					  wpabuf_head(conf), wpabuf_len(conf));
1729 			conf2 = dpp_build_conf_obj(auth, netrole, 1, cert_req);
1730 		}
1731 	}
1732 
1733 	if (conf || env_data)
1734 		status = DPP_STATUS_OK;
1735 	else if (!cert_req && netrole == DPP_NETROLE_STA && auth->conf_sta &&
1736 		 auth->conf_sta->akm == DPP_AKM_DOT1X && !auth->waiting_csr)
1737 		status = DPP_STATUS_CSR_NEEDED;
1738 	else
1739 		status = DPP_STATUS_CONFIGURE_FAILURE;
1740 forced_status:
1741 	auth->conf_resp_status = status;
1742 
1743 	/* { E-nonce, configurationObject[, sendConnStatus]}ke */
1744 	clear_len = 4 + e_nonce_len;
1745 	if (conf)
1746 		clear_len += 4 + wpabuf_len(conf);
1747 	if (conf2)
1748 		clear_len += 4 + wpabuf_len(conf2);
1749 	if (env_data)
1750 		clear_len += 4 + wpabuf_len(env_data);
1751 	if (auth->peer_version >= 2 && auth->send_conn_status &&
1752 	    netrole == DPP_NETROLE_STA)
1753 		clear_len += 4;
1754 	if (status == DPP_STATUS_CSR_NEEDED && auth->conf_sta &&
1755 	    auth->conf_sta->csrattrs)
1756 		clear_len += 4 + os_strlen(auth->conf_sta->csrattrs);
1757 	clear = wpabuf_alloc(clear_len);
1758 	attr_len = 4 + 1 + 4 + clear_len + AES_BLOCK_SIZE;
1759 #ifdef CONFIG_TESTING_OPTIONS
1760 	if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP)
1761 		attr_len += 5;
1762 #endif /* CONFIG_TESTING_OPTIONS */
1763 	msg = wpabuf_alloc(attr_len);
1764 	if (!clear || !msg)
1765 		goto fail;
1766 
1767 #ifdef CONFIG_TESTING_OPTIONS
1768 	if (dpp_test == DPP_TEST_NO_E_NONCE_CONF_RESP) {
1769 		wpa_printf(MSG_INFO, "DPP: TESTING - no E-nonce");
1770 		goto skip_e_nonce;
1771 	}
1772 	if (dpp_test == DPP_TEST_E_NONCE_MISMATCH_CONF_RESP) {
1773 		wpa_printf(MSG_INFO, "DPP: TESTING - E-nonce mismatch");
1774 		wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
1775 		wpabuf_put_le16(clear, e_nonce_len);
1776 		wpabuf_put_data(clear, e_nonce, e_nonce_len - 1);
1777 		wpabuf_put_u8(clear, e_nonce[e_nonce_len - 1] ^ 0x01);
1778 		goto skip_e_nonce;
1779 	}
1780 	if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_CONF_RESP) {
1781 		wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
1782 		goto skip_wrapped_data;
1783 	}
1784 #endif /* CONFIG_TESTING_OPTIONS */
1785 
1786 	/* E-nonce */
1787 	wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
1788 	wpabuf_put_le16(clear, e_nonce_len);
1789 	wpabuf_put_data(clear, e_nonce, e_nonce_len);
1790 
1791 #ifdef CONFIG_TESTING_OPTIONS
1792 skip_e_nonce:
1793 	if (dpp_test == DPP_TEST_NO_CONFIG_OBJ_CONF_RESP) {
1794 		wpa_printf(MSG_INFO, "DPP: TESTING - Config Object");
1795 		goto skip_config_obj;
1796 	}
1797 #endif /* CONFIG_TESTING_OPTIONS */
1798 
1799 	if (conf) {
1800 		wpabuf_put_le16(clear, DPP_ATTR_CONFIG_OBJ);
1801 		wpabuf_put_le16(clear, wpabuf_len(conf));
1802 		wpabuf_put_buf(clear, conf);
1803 	}
1804 	if (auth->peer_version >= 2 && conf2) {
1805 		wpabuf_put_le16(clear, DPP_ATTR_CONFIG_OBJ);
1806 		wpabuf_put_le16(clear, wpabuf_len(conf2));
1807 		wpabuf_put_buf(clear, conf2);
1808 	} else if (conf2) {
1809 		wpa_printf(MSG_DEBUG,
1810 			   "DPP: Second Config Object available, but peer does not support more than one");
1811 	}
1812 	if (env_data) {
1813 		wpabuf_put_le16(clear, DPP_ATTR_ENVELOPED_DATA);
1814 		wpabuf_put_le16(clear, wpabuf_len(env_data));
1815 		wpabuf_put_buf(clear, env_data);
1816 	}
1817 
1818 	if (auth->peer_version >= 2 && auth->send_conn_status &&
1819 	    netrole == DPP_NETROLE_STA && status == DPP_STATUS_OK) {
1820 		wpa_printf(MSG_DEBUG, "DPP: sendConnStatus");
1821 		wpabuf_put_le16(clear, DPP_ATTR_SEND_CONN_STATUS);
1822 		wpabuf_put_le16(clear, 0);
1823 	}
1824 
1825 	if (status == DPP_STATUS_CSR_NEEDED && auth->conf_sta &&
1826 	    auth->conf_sta->csrattrs) {
1827 		auth->waiting_csr = true;
1828 		wpa_printf(MSG_DEBUG, "DPP: CSR Attributes Request");
1829 		wpabuf_put_le16(clear, DPP_ATTR_CSR_ATTR_REQ);
1830 		wpabuf_put_le16(clear, os_strlen(auth->conf_sta->csrattrs));
1831 		wpabuf_put_str(clear, auth->conf_sta->csrattrs);
1832 	}
1833 
1834 #ifdef CONFIG_TESTING_OPTIONS
1835 skip_config_obj:
1836 	if (dpp_test == DPP_TEST_NO_STATUS_CONF_RESP) {
1837 		wpa_printf(MSG_INFO, "DPP: TESTING - Status");
1838 		goto skip_status;
1839 	}
1840 	if (dpp_test == DPP_TEST_INVALID_STATUS_CONF_RESP) {
1841 		wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status");
1842 		status = 255;
1843 	}
1844 #endif /* CONFIG_TESTING_OPTIONS */
1845 
1846 	/* DPP Status */
1847 	dpp_build_attr_status(msg, status);
1848 
1849 #ifdef CONFIG_TESTING_OPTIONS
1850 skip_status:
1851 #endif /* CONFIG_TESTING_OPTIONS */
1852 
1853 	addr[0] = wpabuf_head(msg);
1854 	len[0] = wpabuf_len(msg);
1855 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
1856 
1857 	wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
1858 	wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
1859 	wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
1860 
1861 	wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
1862 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
1863 			    wpabuf_head(clear), wpabuf_len(clear),
1864 			    1, addr, len, wrapped) < 0)
1865 		goto fail;
1866 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
1867 		    wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
1868 
1869 #ifdef CONFIG_TESTING_OPTIONS
1870 	if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP) {
1871 		wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data");
1872 		dpp_build_attr_status(msg, DPP_STATUS_OK);
1873 	}
1874 skip_wrapped_data:
1875 #endif /* CONFIG_TESTING_OPTIONS */
1876 
1877 	wpa_hexdump_buf(MSG_DEBUG,
1878 			"DPP: Configuration Response attributes", msg);
1879 out:
1880 	wpabuf_clear_free(conf);
1881 	wpabuf_clear_free(conf2);
1882 	wpabuf_clear_free(env_data);
1883 	wpabuf_clear_free(clear);
1884 
1885 	return msg;
1886 fail:
1887 	wpabuf_free(msg);
1888 	msg = NULL;
1889 	goto out;
1890 }
1891 
1892 
1893 struct wpabuf *
dpp_conf_req_rx(struct dpp_authentication * auth,const u8 * attr_start,size_t attr_len)1894 dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
1895 		size_t attr_len)
1896 {
1897 	const u8 *wrapped_data, *e_nonce, *config_attr;
1898 	u16 wrapped_data_len, e_nonce_len, config_attr_len;
1899 	u8 *unwrapped = NULL;
1900 	size_t unwrapped_len = 0;
1901 	struct wpabuf *resp = NULL;
1902 	struct json_token *root = NULL, *token;
1903 	enum dpp_netrole netrole;
1904 	struct wpabuf *cert_req = NULL;
1905 
1906 #ifdef CONFIG_TESTING_OPTIONS
1907 	if (dpp_test == DPP_TEST_STOP_AT_CONF_REQ) {
1908 		wpa_printf(MSG_INFO,
1909 			   "DPP: TESTING - stop at Config Request");
1910 		return NULL;
1911 	}
1912 #endif /* CONFIG_TESTING_OPTIONS */
1913 
1914 	if (dpp_check_attrs(attr_start, attr_len) < 0) {
1915 		dpp_auth_fail(auth, "Invalid attribute in config request");
1916 		return NULL;
1917 	}
1918 
1919 	wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
1920 				    &wrapped_data_len);
1921 	if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
1922 		dpp_auth_fail(auth,
1923 			      "Missing or invalid required Wrapped Data attribute");
1924 		return NULL;
1925 	}
1926 
1927 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
1928 		    wrapped_data, wrapped_data_len);
1929 	unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
1930 	unwrapped = os_malloc(unwrapped_len);
1931 	if (!unwrapped)
1932 		return NULL;
1933 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
1934 			    wrapped_data, wrapped_data_len,
1935 			    0, NULL, NULL, unwrapped) < 0) {
1936 		dpp_auth_fail(auth, "AES-SIV decryption failed");
1937 		goto fail;
1938 	}
1939 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
1940 		    unwrapped, unwrapped_len);
1941 
1942 	if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
1943 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
1944 		goto fail;
1945 	}
1946 
1947 	e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
1948 			       DPP_ATTR_ENROLLEE_NONCE,
1949 			       &e_nonce_len);
1950 	if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
1951 		dpp_auth_fail(auth,
1952 			      "Missing or invalid Enrollee Nonce attribute");
1953 		goto fail;
1954 	}
1955 	wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
1956 	os_memcpy(auth->e_nonce, e_nonce, e_nonce_len);
1957 
1958 	config_attr = dpp_get_attr(unwrapped, unwrapped_len,
1959 				   DPP_ATTR_CONFIG_ATTR_OBJ,
1960 				   &config_attr_len);
1961 	if (!config_attr) {
1962 		dpp_auth_fail(auth,
1963 			      "Missing or invalid Config Attributes attribute");
1964 		goto fail;
1965 	}
1966 	wpa_hexdump_ascii(MSG_DEBUG, "DPP: Config Attributes",
1967 			  config_attr, config_attr_len);
1968 
1969 	root = json_parse((const char *) config_attr, config_attr_len);
1970 	if (!root) {
1971 		dpp_auth_fail(auth, "Could not parse Config Attributes");
1972 		goto fail;
1973 	}
1974 
1975 	token = json_get_member(root, "name");
1976 	if (!token || token->type != JSON_STRING) {
1977 		dpp_auth_fail(auth, "No Config Attributes - name");
1978 		goto fail;
1979 	}
1980 	wpa_printf(MSG_DEBUG, "DPP: Enrollee name = '%s'", token->string);
1981 
1982 	token = json_get_member(root, "wi-fi_tech");
1983 	if (!token || token->type != JSON_STRING) {
1984 		dpp_auth_fail(auth, "No Config Attributes - wi-fi_tech");
1985 		goto fail;
1986 	}
1987 	wpa_printf(MSG_DEBUG, "DPP: wi-fi_tech = '%s'", token->string);
1988 	if (os_strcmp(token->string, "infra") != 0) {
1989 		wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech '%s'",
1990 			   token->string);
1991 		dpp_auth_fail(auth, "Unsupported wi-fi_tech");
1992 		goto fail;
1993 	}
1994 
1995 	token = json_get_member(root, "netRole");
1996 	if (!token || token->type != JSON_STRING) {
1997 		dpp_auth_fail(auth, "No Config Attributes - netRole");
1998 		goto fail;
1999 	}
2000 	wpa_printf(MSG_DEBUG, "DPP: netRole = '%s'", token->string);
2001 	if (os_strcmp(token->string, "sta") == 0) {
2002 		netrole = DPP_NETROLE_STA;
2003 	} else if (os_strcmp(token->string, "ap") == 0) {
2004 		netrole = DPP_NETROLE_AP;
2005 	} else if (os_strcmp(token->string, "configurator") == 0) {
2006 		netrole = DPP_NETROLE_CONFIGURATOR;
2007 	} else {
2008 		wpa_printf(MSG_DEBUG, "DPP: Unsupported netRole '%s'",
2009 			   token->string);
2010 		dpp_auth_fail(auth, "Unsupported netRole");
2011 		goto fail;
2012 	}
2013 	auth->e_netrole = netrole;
2014 
2015 	token = json_get_member(root, "mudurl");
2016 	if (token && token->type == JSON_STRING) {
2017 		wpa_printf(MSG_DEBUG, "DPP: mudurl = '%s'", token->string);
2018 		wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_MUD_URL "%s",
2019 			token->string);
2020 	}
2021 
2022 	token = json_get_member(root, "bandSupport");
2023 	auth->band_list_size = 0;
2024 	if (token && token->type == JSON_ARRAY) {
2025 		int *opclass = NULL;
2026 		char txt[200], *pos, *end;
2027 		int i, res;
2028 
2029 		memset(auth->band_list, 0, sizeof(auth->band_list));
2030 		wpa_printf(MSG_DEBUG, "DPP: bandSupport");
2031 		token = token->child;
2032 		while (token) {
2033 			if (token->type != JSON_NUMBER) {
2034 				wpa_printf(MSG_DEBUG,
2035 					   "DPP: Invalid bandSupport array member type");
2036 			} else {
2037 				if (auth->band_list_size < DPP_MAX_CHANNELS) {
2038 					auth->band_list[auth->band_list_size++] = token->number;
2039 				}
2040 				wpa_printf(MSG_DEBUG,
2041 					   "DPP: Supported global operating class: %d",
2042 					   token->number);
2043 				int_array_add_unique(&opclass, token->number);
2044 			}
2045 			token = token->sibling;
2046 		}
2047 
2048 		txt[0] = '\0';
2049 		pos = txt;
2050 		end = txt + sizeof(txt);
2051 		for (i = 0; opclass && opclass[i]; i++) {
2052 			res = os_snprintf(pos, end - pos, "%s%d",
2053 					  pos == txt ? "" : ",", opclass[i]);
2054 			if (os_snprintf_error(end - pos, res)) {
2055 				*pos = '\0';
2056 				break;
2057 			}
2058 			pos += res;
2059 		}
2060 		os_free(opclass);
2061 		wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_BAND_SUPPORT "%s",
2062 			txt);
2063 	}
2064 
2065 #ifdef CONFIG_DPP2
2066 	cert_req = json_get_member_base64(root, "pkcs10");
2067 	if (cert_req) {
2068 		char *txt;
2069 		int id;
2070 
2071 		wpa_hexdump_buf(MSG_DEBUG, "DPP: CertificateRequest", cert_req);
2072 		if (dpp_validate_csr(auth, cert_req) < 0) {
2073 			wpa_printf(MSG_DEBUG, "DPP: CSR is not valid");
2074 			auth->force_conf_resp_status = DPP_STATUS_CSR_BAD;
2075 			goto cont;
2076 		}
2077 
2078 		if (auth->peer_bi) {
2079 			id = auth->peer_bi->id;
2080 		} else if (auth->tmp_peer_bi) {
2081 			id = auth->tmp_peer_bi->id;
2082 		} else {
2083 			struct dpp_bootstrap_info *bi;
2084 
2085 			bi = os_zalloc(sizeof(*bi));
2086 			if (!bi)
2087 				goto fail;
2088 			bi->id = dpp_next_id(auth->global);
2089 			dl_list_add(&auth->global->bootstrap, &bi->list);
2090 			auth->tmp_peer_bi = bi;
2091 			id = bi->id;
2092 		}
2093 
2094 		wpa_printf(MSG_DEBUG, "DPP: CSR is valid - forward to CA/RA");
2095 		txt = base64_encode_no_lf(wpabuf_head(cert_req),
2096 					  wpabuf_len(cert_req), NULL);
2097 		if (!txt)
2098 			goto fail;
2099 
2100 		wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_CSR "peer=%d csr=%s",
2101 			id, txt);
2102 		os_free(txt);
2103 		auth->waiting_csr = false;
2104 		auth->waiting_cert = true;
2105 		goto fail;
2106 	}
2107 cont:
2108 #endif /* CONFIG_DPP2 */
2109 
2110 	resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, netrole,
2111 				   cert_req);
2112 
2113 fail:
2114 	wpabuf_free(cert_req);
2115 	json_free(root);
2116 	os_free(unwrapped);
2117 	return resp;
2118 }
2119 
2120 
dpp_parse_cred_legacy(struct dpp_config_obj * conf,struct json_token * cred)2121 static int dpp_parse_cred_legacy(struct dpp_config_obj *conf,
2122 				 struct json_token *cred)
2123 {
2124 	struct json_token *pass, *psk_hex;
2125 
2126 	wpa_printf(MSG_DEBUG, "DPP: Legacy akm=psk credential");
2127 
2128 	pass = json_get_member(cred, "pass");
2129 	psk_hex = json_get_member(cred, "psk_hex");
2130 
2131 	if (pass && pass->type == JSON_STRING) {
2132 		size_t len = os_strlen(pass->string);
2133 
2134 		wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Legacy passphrase",
2135 				      pass->string, len);
2136 		if (len < 8 || len > 63)
2137 			return -1;
2138 		os_strlcpy(conf->passphrase, pass->string,
2139 			   sizeof(conf->passphrase));
2140 	} else if (psk_hex && psk_hex->type == JSON_STRING) {
2141 		if (dpp_akm_sae(conf->akm) && !dpp_akm_psk(conf->akm)) {
2142 			wpa_printf(MSG_DEBUG,
2143 				   "DPP: Unexpected psk_hex with akm=sae");
2144 			return -1;
2145 		}
2146 		if (os_strlen(psk_hex->string) != PMK_LEN * 2 ||
2147 		    hexstr2bin(psk_hex->string, conf->psk, PMK_LEN) < 0) {
2148 			wpa_printf(MSG_DEBUG, "DPP: Invalid psk_hex encoding");
2149 			return -1;
2150 		}
2151 		wpa_hexdump_key(MSG_DEBUG, "DPP: Legacy PSK",
2152 				conf->psk, PMK_LEN);
2153 		conf->psk_set = 1;
2154 	} else {
2155 		wpa_printf(MSG_DEBUG, "DPP: No pass or psk_hex strings found");
2156 		return -1;
2157 	}
2158 
2159 	if (dpp_akm_sae(conf->akm) && !conf->passphrase[0]) {
2160 		wpa_printf(MSG_DEBUG, "DPP: No pass for sae found");
2161 		return -1;
2162 	}
2163 
2164 	return 0;
2165 }
2166 
2167 
dpp_parse_jwk(struct json_token * jwk,const struct dpp_curve_params ** key_curve)2168 EVP_PKEY * dpp_parse_jwk(struct json_token *jwk,
2169 			 const struct dpp_curve_params **key_curve)
2170 {
2171 	struct json_token *token;
2172 	const struct dpp_curve_params *curve;
2173 	struct wpabuf *x = NULL, *y = NULL;
2174 	EC_GROUP *group;
2175 	EVP_PKEY *pkey = NULL;
2176 
2177 	token = json_get_member(jwk, "kty");
2178 	if (!token || token->type != JSON_STRING) {
2179 		wpa_printf(MSG_DEBUG, "DPP: No kty in JWK");
2180 		goto fail;
2181 	}
2182 	if (os_strcmp(token->string, "EC") != 0) {
2183 		wpa_printf(MSG_DEBUG, "DPP: Unexpected JWK kty '%s'",
2184 			   token->string);
2185 		goto fail;
2186 	}
2187 
2188 	token = json_get_member(jwk, "crv");
2189 	if (!token || token->type != JSON_STRING) {
2190 		wpa_printf(MSG_DEBUG, "DPP: No crv in JWK");
2191 		goto fail;
2192 	}
2193 	curve = dpp_get_curve_jwk_crv(token->string);
2194 	if (!curve) {
2195 		wpa_printf(MSG_DEBUG, "DPP: Unsupported JWK crv '%s'",
2196 			   token->string);
2197 		goto fail;
2198 	}
2199 
2200 	x = json_get_member_base64url(jwk, "x");
2201 	if (!x) {
2202 		wpa_printf(MSG_DEBUG, "DPP: No x in JWK");
2203 		goto fail;
2204 	}
2205 	wpa_hexdump_buf(MSG_DEBUG, "DPP: JWK x", x);
2206 	if (wpabuf_len(x) != curve->prime_len) {
2207 		wpa_printf(MSG_DEBUG,
2208 			   "DPP: Unexpected JWK x length %u (expected %u for curve %s)",
2209 			   (unsigned int) wpabuf_len(x),
2210 			   (unsigned int) curve->prime_len, curve->name);
2211 		goto fail;
2212 	}
2213 
2214 	y = json_get_member_base64url(jwk, "y");
2215 	if (!y) {
2216 		wpa_printf(MSG_DEBUG, "DPP: No y in JWK");
2217 		goto fail;
2218 	}
2219 	wpa_hexdump_buf(MSG_DEBUG, "DPP: JWK y", y);
2220 	if (wpabuf_len(y) != curve->prime_len) {
2221 		wpa_printf(MSG_DEBUG,
2222 			   "DPP: Unexpected JWK y length %u (expected %u for curve %s)",
2223 			   (unsigned int) wpabuf_len(y),
2224 			   (unsigned int) curve->prime_len, curve->name);
2225 		goto fail;
2226 	}
2227 
2228 	group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name));
2229 	if (!group) {
2230 		wpa_printf(MSG_DEBUG, "DPP: Could not prepare group for JWK");
2231 		goto fail;
2232 	}
2233 
2234 	pkey = dpp_set_pubkey_point_group(group, wpabuf_head(x), wpabuf_head(y),
2235 					  wpabuf_len(x));
2236 	EC_GROUP_free(group);
2237 	*key_curve = curve;
2238 
2239 fail:
2240 	wpabuf_free(x);
2241 	wpabuf_free(y);
2242 
2243 	return pkey;
2244 }
2245 
2246 
dpp_key_expired(const char * timestamp,os_time_t * expiry)2247 int dpp_key_expired(const char *timestamp, os_time_t *expiry)
2248 {
2249 	struct os_time now;
2250 	unsigned int year, month, day, hour, min, sec;
2251 	os_time_t utime;
2252 	const char *pos;
2253 
2254 	/* ISO 8601 date and time:
2255 	 * <date>T<time>
2256 	 * YYYY-MM-DDTHH:MM:SSZ
2257 	 * YYYY-MM-DDTHH:MM:SS+03:00
2258 	 */
2259 	if (os_strlen(timestamp) < 19) {
2260 		wpa_printf(MSG_DEBUG,
2261 			   "DPP: Too short timestamp - assume expired key");
2262 		return 1;
2263 	}
2264 	if (sscanf(timestamp, "%04u-%02u-%02uT%02u:%02u:%02u",
2265 		   &year, &month, &day, &hour, &min, &sec) != 6) {
2266 		wpa_printf(MSG_DEBUG,
2267 			   "DPP: Failed to parse expiration day - assume expired key");
2268 		return 1;
2269 	}
2270 
2271 	if (os_mktime(year, month, day, hour, min, sec, &utime) < 0) {
2272 		wpa_printf(MSG_DEBUG,
2273 			   "DPP: Invalid date/time information - assume expired key");
2274 		return 1;
2275 	}
2276 
2277 	pos = timestamp + 19;
2278 	if (*pos == 'Z' || *pos == '\0') {
2279 		/* In UTC - no need to adjust */
2280 	} else if (*pos == '-' || *pos == '+') {
2281 		int items;
2282 
2283 		/* Adjust local time to UTC */
2284 		items = sscanf(pos + 1, "%02u:%02u", &hour, &min);
2285 		if (items < 1) {
2286 			wpa_printf(MSG_DEBUG,
2287 				   "DPP: Invalid time zone designator (%s) - assume expired key",
2288 				   pos);
2289 			return 1;
2290 		}
2291 		if (*pos == '-')
2292 			utime += 3600 * hour;
2293 		if (*pos == '+')
2294 			utime -= 3600 * hour;
2295 		if (items > 1) {
2296 			if (*pos == '-')
2297 				utime += 60 * min;
2298 			if (*pos == '+')
2299 				utime -= 60 * min;
2300 		}
2301 	} else {
2302 		wpa_printf(MSG_DEBUG,
2303 			   "DPP: Invalid time zone designator (%s) - assume expired key",
2304 			   pos);
2305 		return 1;
2306 	}
2307 	if (expiry)
2308 		*expiry = utime;
2309 
2310 	if (os_get_time(&now) < 0) {
2311 		wpa_printf(MSG_DEBUG,
2312 			   "DPP: Cannot get current time - assume expired key");
2313 		return 1;
2314 	}
2315 
2316 	if (now.sec > utime) {
2317 		wpa_printf(MSG_DEBUG, "DPP: Key has expired (%lu < %lu)",
2318 			   utime, now.sec);
2319 		return 1;
2320 	}
2321 
2322 	return 0;
2323 }
2324 
2325 
dpp_parse_connector(struct dpp_authentication * auth,struct dpp_config_obj * conf,const unsigned char * payload,u16 payload_len)2326 static int dpp_parse_connector(struct dpp_authentication *auth,
2327 			       struct dpp_config_obj *conf,
2328 			       const unsigned char *payload,
2329 			       u16 payload_len)
2330 {
2331 	struct json_token *root, *groups, *netkey, *token;
2332 	int ret = -1;
2333 	EVP_PKEY *key = NULL;
2334 	const struct dpp_curve_params *curve;
2335 	unsigned int rules = 0;
2336 
2337 	root = json_parse((const char *) payload, payload_len);
2338 	if (!root) {
2339 		wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed");
2340 		goto fail;
2341 	}
2342 
2343 	groups = json_get_member(root, "groups");
2344 	if (!groups || groups->type != JSON_ARRAY) {
2345 		wpa_printf(MSG_DEBUG, "DPP: No groups array found");
2346 		goto skip_groups;
2347 	}
2348 	for (token = groups->child; token; token = token->sibling) {
2349 		struct json_token *id, *role;
2350 
2351 		id = json_get_member(token, "groupId");
2352 		if (!id || id->type != JSON_STRING) {
2353 			wpa_printf(MSG_DEBUG, "DPP: Missing groupId string");
2354 			goto fail;
2355 		}
2356 
2357 		role = json_get_member(token, "netRole");
2358 		if (!role || role->type != JSON_STRING) {
2359 			wpa_printf(MSG_DEBUG, "DPP: Missing netRole string");
2360 			goto fail;
2361 		}
2362 		wpa_printf(MSG_DEBUG,
2363 			   "DPP: connector group: groupId='%s' netRole='%s'",
2364 			   id->string, role->string);
2365 		rules++;
2366 	}
2367 skip_groups:
2368 
2369 	if (!rules) {
2370 		wpa_printf(MSG_DEBUG,
2371 			   "DPP: Connector includes no groups");
2372 		goto fail;
2373 	}
2374 
2375 	token = json_get_member(root, "expiry");
2376 	if (!token || token->type != JSON_STRING) {
2377 		wpa_printf(MSG_DEBUG,
2378 			   "DPP: No expiry string found - connector does not expire");
2379 	} else {
2380 		wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
2381 		if (dpp_key_expired(token->string,
2382 				    &auth->net_access_key_expiry)) {
2383 			wpa_printf(MSG_DEBUG,
2384 				   "DPP: Connector (netAccessKey) has expired");
2385 			goto fail;
2386 		}
2387 	}
2388 
2389 	netkey = json_get_member(root, "netAccessKey");
2390 	if (!netkey || netkey->type != JSON_OBJECT) {
2391 		wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found");
2392 		goto fail;
2393 	}
2394 
2395 	key = dpp_parse_jwk(netkey, &curve);
2396 	if (!key)
2397 		goto fail;
2398 	dpp_debug_print_key("DPP: Received netAccessKey", key);
2399 
2400 	if (EVP_PKEY_cmp(key, auth->own_protocol_key) != 1) {
2401 		wpa_printf(MSG_DEBUG,
2402 			   "DPP: netAccessKey in connector does not match own protocol key");
2403 #ifdef CONFIG_TESTING_OPTIONS
2404 		if (auth->ignore_netaccesskey_mismatch) {
2405 			wpa_printf(MSG_DEBUG,
2406 				   "DPP: TESTING - skip netAccessKey mismatch");
2407 		} else {
2408 			goto fail;
2409 		}
2410 #else /* CONFIG_TESTING_OPTIONS */
2411 		goto fail;
2412 #endif /* CONFIG_TESTING_OPTIONS */
2413 	}
2414 
2415 	ret = 0;
2416 fail:
2417 	EVP_PKEY_free(key);
2418 	json_free(root);
2419 	return ret;
2420 }
2421 
2422 
dpp_copy_csign(struct dpp_config_obj * conf,EVP_PKEY * csign)2423 static void dpp_copy_csign(struct dpp_config_obj *conf, EVP_PKEY *csign)
2424 {
2425 	unsigned char *der = NULL;
2426 	int der_len;
2427 
2428 	der_len = i2d_PUBKEY(csign, &der);
2429 	if (der_len <= 0)
2430 		return;
2431 	wpabuf_free(conf->c_sign_key);
2432 	conf->c_sign_key = wpabuf_alloc_copy(der, der_len);
2433 	OPENSSL_free(der);
2434 }
2435 
2436 
dpp_copy_ppkey(struct dpp_config_obj * conf,EVP_PKEY * ppkey)2437 static void dpp_copy_ppkey(struct dpp_config_obj *conf, EVP_PKEY *ppkey)
2438 {
2439 	unsigned char *der = NULL;
2440 	int der_len;
2441 
2442 	der_len = i2d_PUBKEY(ppkey, &der);
2443 	if (der_len <= 0)
2444 		return;
2445 	wpabuf_free(conf->pp_key);
2446 	conf->pp_key = wpabuf_alloc_copy(der, der_len);
2447 	OPENSSL_free(der);
2448 }
2449 
2450 
dpp_copy_netaccesskey(struct dpp_authentication * auth,struct dpp_config_obj * conf)2451 static void dpp_copy_netaccesskey(struct dpp_authentication *auth,
2452 				  struct dpp_config_obj *conf)
2453 {
2454 	unsigned char *der = NULL;
2455 	int der_len;
2456 	EC_KEY *eckey;
2457 	EVP_PKEY *own_key;
2458 
2459 	own_key = auth->own_protocol_key;
2460 #ifdef CONFIG_DPP2
2461 	if (auth->reconfig_connector_key == DPP_CONFIG_REUSEKEY &&
2462 	    auth->reconfig_old_protocol_key)
2463 		own_key = auth->reconfig_old_protocol_key;
2464 #endif /* CONFIG_DPP2 */
2465 	eckey = EVP_PKEY_get1_EC_KEY(own_key);
2466 	if (!eckey)
2467 		return;
2468 
2469 	der_len = i2d_ECPrivateKey(eckey, &der);
2470 	if (der_len <= 0) {
2471 		EC_KEY_free(eckey);
2472 		return;
2473 	}
2474 	wpabuf_free(auth->net_access_key);
2475 	auth->net_access_key = wpabuf_alloc_copy(der, der_len);
2476 	OPENSSL_free(der);
2477 	EC_KEY_free(eckey);
2478 }
2479 
2480 
dpp_parse_cred_dpp(struct dpp_authentication * auth,struct dpp_config_obj * conf,struct json_token * cred)2481 static int dpp_parse_cred_dpp(struct dpp_authentication *auth,
2482 			      struct dpp_config_obj *conf,
2483 			      struct json_token *cred)
2484 {
2485 	struct dpp_signed_connector_info info;
2486 	struct json_token *token, *csign, *ppkey;
2487 	int ret = -1;
2488 	EVP_PKEY *csign_pub = NULL, *pp_pub = NULL;
2489 	const struct dpp_curve_params *key_curve = NULL, *pp_curve = NULL;
2490 	const char *signed_connector;
2491 
2492 	os_memset(&info, 0, sizeof(info));
2493 
2494 	if (dpp_akm_psk(conf->akm) || dpp_akm_sae(conf->akm)) {
2495 		wpa_printf(MSG_DEBUG,
2496 			   "DPP: Legacy credential included in Connector credential");
2497 		if (dpp_parse_cred_legacy(conf, cred) < 0)
2498 			return -1;
2499 	}
2500 
2501 	wpa_printf(MSG_DEBUG, "DPP: Connector credential");
2502 
2503 	csign = json_get_member(cred, "csign");
2504 	if (!csign || csign->type != JSON_OBJECT) {
2505 		wpa_printf(MSG_DEBUG, "DPP: No csign JWK in JSON");
2506 		goto fail;
2507 	}
2508 
2509 	csign_pub = dpp_parse_jwk(csign, &key_curve);
2510 	if (!csign_pub) {
2511 		wpa_printf(MSG_DEBUG, "DPP: Failed to parse csign JWK");
2512 		goto fail;
2513 	}
2514 	dpp_debug_print_key("DPP: Received C-sign-key", csign_pub);
2515 
2516 	ppkey = json_get_member(cred, "ppKey");
2517 	if (ppkey && ppkey->type == JSON_OBJECT) {
2518 		pp_pub = dpp_parse_jwk(ppkey, &pp_curve);
2519 		if (!pp_pub) {
2520 			wpa_printf(MSG_DEBUG, "DPP: Failed to parse ppKey JWK");
2521 			goto fail;
2522 		}
2523 		dpp_debug_print_key("DPP: Received ppKey", pp_pub);
2524 		if (key_curve != pp_curve) {
2525 			wpa_printf(MSG_DEBUG,
2526 				   "DPP: C-sign-key and ppKey do not use the same curve");
2527 			goto fail;
2528 		}
2529 	}
2530 
2531 	token = json_get_member(cred, "signedConnector");
2532 	if (!token || token->type != JSON_STRING) {
2533 		wpa_printf(MSG_DEBUG, "DPP: No signedConnector string found");
2534 		goto fail;
2535 	}
2536 	wpa_hexdump_ascii(MSG_DEBUG, "DPP: signedConnector",
2537 			  token->string, os_strlen(token->string));
2538 	signed_connector = token->string;
2539 
2540 	if (os_strchr(signed_connector, '"') ||
2541 	    os_strchr(signed_connector, '\n')) {
2542 		wpa_printf(MSG_DEBUG,
2543 			   "DPP: Unexpected character in signedConnector");
2544 		goto fail;
2545 	}
2546 
2547 	if (dpp_process_signed_connector(&info, csign_pub,
2548 					 signed_connector) != DPP_STATUS_OK)
2549 		goto fail;
2550 
2551 	if (dpp_parse_connector(auth, conf,
2552 				info.payload, info.payload_len) < 0) {
2553 		wpa_printf(MSG_DEBUG, "DPP: Failed to parse connector");
2554 		goto fail;
2555 	}
2556 
2557 	os_free(conf->connector);
2558 	conf->connector = os_strdup(signed_connector);
2559 
2560 	dpp_copy_csign(conf, csign_pub);
2561 	if (pp_pub)
2562 		dpp_copy_ppkey(conf, pp_pub);
2563 	if (dpp_akm_dpp(conf->akm) || auth->peer_version >= 2)
2564 		dpp_copy_netaccesskey(auth, conf);
2565 
2566 	ret = 0;
2567 fail:
2568 	EVP_PKEY_free(csign_pub);
2569 	EVP_PKEY_free(pp_pub);
2570 	os_free(info.payload);
2571 	return ret;
2572 }
2573 
2574 
2575 #ifdef CONFIG_DPP2
dpp_parse_cred_dot1x(struct dpp_authentication * auth,struct dpp_config_obj * conf,struct json_token * cred)2576 static int dpp_parse_cred_dot1x(struct dpp_authentication *auth,
2577 				struct dpp_config_obj *conf,
2578 				struct json_token *cred)
2579 {
2580 	struct json_token *ent, *name;
2581 
2582 	ent = json_get_member(cred, "entCreds");
2583 	if (!ent || ent->type != JSON_OBJECT) {
2584 		dpp_auth_fail(auth, "No entCreds in JSON");
2585 		return -1;
2586 	}
2587 
2588 	conf->certbag = json_get_member_base64(ent, "certBag");
2589 	if (!conf->certbag) {
2590 		dpp_auth_fail(auth, "No certBag in JSON");
2591 		return -1;
2592 	}
2593 	wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Received certBag", conf->certbag);
2594 	conf->certs = dpp_pkcs7_certs(conf->certbag);
2595 	if (!conf->certs) {
2596 		dpp_auth_fail(auth, "No certificates in certBag");
2597 		return -1;
2598 	}
2599 
2600 	conf->cacert = json_get_member_base64(ent, "caCert");
2601 	if (conf->cacert)
2602 		wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Received caCert",
2603 				conf->cacert);
2604 
2605 	name = json_get_member(ent, "trustedEapServerName");
2606 	if (name &&
2607 	    (name->type != JSON_STRING ||
2608 	     has_ctrl_char((const u8 *) name->string,
2609 			   os_strlen(name->string)))) {
2610 		dpp_auth_fail(auth,
2611 			      "Invalid trustedEapServerName type in JSON");
2612 		return -1;
2613 	}
2614 	if (name && name->string) {
2615 		wpa_printf(MSG_DEBUG, "DPP: Received trustedEapServerName: %s",
2616 			   name->string);
2617 		conf->server_name = os_strdup(name->string);
2618 		if (!conf->server_name)
2619 			return -1;
2620 	}
2621 
2622 	return 0;
2623 }
2624 #endif /* CONFIG_DPP2 */
2625 
2626 
dpp_akm_str(enum dpp_akm akm)2627 const char * dpp_akm_str(enum dpp_akm akm)
2628 {
2629 	switch (akm) {
2630 	case DPP_AKM_DPP:
2631 		return "dpp";
2632 	case DPP_AKM_PSK:
2633 		return "psk";
2634 	case DPP_AKM_SAE:
2635 		return "sae";
2636 	case DPP_AKM_PSK_SAE:
2637 		return "psk+sae";
2638 	case DPP_AKM_SAE_DPP:
2639 		return "dpp+sae";
2640 	case DPP_AKM_PSK_SAE_DPP:
2641 		return "dpp+psk+sae";
2642 	case DPP_AKM_DOT1X:
2643 		return "dot1x";
2644 	default:
2645 		return "??";
2646 	}
2647 }
2648 
2649 
dpp_akm_selector_str(enum dpp_akm akm)2650 const char * dpp_akm_selector_str(enum dpp_akm akm)
2651 {
2652 	switch (akm) {
2653 	case DPP_AKM_DPP:
2654 		return "506F9A02";
2655 	case DPP_AKM_PSK:
2656 		return "000FAC02+000FAC06";
2657 	case DPP_AKM_SAE:
2658 		return "000FAC08";
2659 	case DPP_AKM_PSK_SAE:
2660 		return "000FAC02+000FAC06+000FAC08";
2661 	case DPP_AKM_SAE_DPP:
2662 		return "506F9A02+000FAC08";
2663 	case DPP_AKM_PSK_SAE_DPP:
2664 		return "506F9A02+000FAC08+000FAC02+000FAC06";
2665 	case DPP_AKM_DOT1X:
2666 		return "000FAC01+000FAC05";
2667 	default:
2668 		return "??";
2669 	}
2670 }
2671 
2672 
dpp_akm_from_str(const char * akm)2673 static enum dpp_akm dpp_akm_from_str(const char *akm)
2674 {
2675 	const char *pos;
2676 	int dpp = 0, psk = 0, sae = 0, dot1x = 0;
2677 
2678 	if (os_strcmp(akm, "psk") == 0)
2679 		return DPP_AKM_PSK;
2680 	if (os_strcmp(akm, "sae") == 0)
2681 		return DPP_AKM_SAE;
2682 	if (os_strcmp(akm, "psk+sae") == 0)
2683 		return DPP_AKM_PSK_SAE;
2684 	if (os_strcmp(akm, "dpp") == 0)
2685 		return DPP_AKM_DPP;
2686 	if (os_strcmp(akm, "dpp+sae") == 0)
2687 		return DPP_AKM_SAE_DPP;
2688 	if (os_strcmp(akm, "dpp+psk+sae") == 0)
2689 		return DPP_AKM_PSK_SAE_DPP;
2690 	if (os_strcmp(akm, "dot1x") == 0)
2691 		return DPP_AKM_DOT1X;
2692 
2693 	pos = akm;
2694 	while (*pos) {
2695 		if (os_strlen(pos) < 8)
2696 			break;
2697 		if (os_strncasecmp(pos, "506F9A02", 8) == 0)
2698 			dpp = 1;
2699 		else if (os_strncasecmp(pos, "000FAC02", 8) == 0)
2700 			psk = 1;
2701 		else if (os_strncasecmp(pos, "000FAC06", 8) == 0)
2702 			psk = 1;
2703 		else if (os_strncasecmp(pos, "000FAC08", 8) == 0)
2704 			sae = 1;
2705 		else if (os_strncasecmp(pos, "000FAC01", 8) == 0)
2706 			dot1x = 1;
2707 		else if (os_strncasecmp(pos, "000FAC05", 8) == 0)
2708 			dot1x = 1;
2709 		pos += 8;
2710 		if (*pos != '+')
2711 			break;
2712 		pos++;
2713 	}
2714 
2715 	if (dpp && psk && sae)
2716 		return DPP_AKM_PSK_SAE_DPP;
2717 	if (dpp && sae)
2718 		return DPP_AKM_SAE_DPP;
2719 	if (dpp)
2720 		return DPP_AKM_DPP;
2721 	if (psk && sae)
2722 		return DPP_AKM_PSK_SAE;
2723 	if (sae)
2724 		return DPP_AKM_SAE;
2725 	if (psk)
2726 		return DPP_AKM_PSK;
2727 	if (dot1x)
2728 		return DPP_AKM_DOT1X;
2729 
2730 	return DPP_AKM_UNKNOWN;
2731 }
2732 
2733 
dpp_parse_conf_obj(struct dpp_authentication * auth,const u8 * conf_obj,u16 conf_obj_len)2734 static int dpp_parse_conf_obj(struct dpp_authentication *auth,
2735 			      const u8 *conf_obj, u16 conf_obj_len)
2736 {
2737 	int ret = -1;
2738 	struct json_token *root, *token, *discovery, *cred;
2739 	struct dpp_config_obj *conf;
2740 	struct wpabuf *ssid64 = NULL;
2741 	int legacy;
2742 
2743 	root = json_parse((const char *) conf_obj, conf_obj_len);
2744 	if (!root)
2745 		return -1;
2746 	if (root->type != JSON_OBJECT) {
2747 		dpp_auth_fail(auth, "JSON root is not an object");
2748 		goto fail;
2749 	}
2750 
2751 	token = json_get_member(root, "wi-fi_tech");
2752 	if (!token || token->type != JSON_STRING) {
2753 		dpp_auth_fail(auth, "No wi-fi_tech string value found");
2754 		goto fail;
2755 	}
2756 	if (os_strcmp(token->string, "infra") != 0) {
2757 		wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech value: '%s'",
2758 			   token->string);
2759 		dpp_auth_fail(auth, "Unsupported wi-fi_tech value");
2760 		goto fail;
2761 	}
2762 
2763 	discovery = json_get_member(root, "discovery");
2764 	if (!discovery || discovery->type != JSON_OBJECT) {
2765 		dpp_auth_fail(auth, "No discovery object in JSON");
2766 		goto fail;
2767 	}
2768 
2769 	ssid64 = json_get_member_base64url(discovery, "ssid64");
2770 	if (ssid64) {
2771 		wpa_hexdump_ascii(MSG_DEBUG, "DPP: discovery::ssid64",
2772 				  wpabuf_head(ssid64), wpabuf_len(ssid64));
2773 		if (wpabuf_len(ssid64) > SSID_MAX_LEN) {
2774 			dpp_auth_fail(auth, "Too long discovery::ssid64 value");
2775 			goto fail;
2776 		}
2777 	} else {
2778 		token = json_get_member(discovery, "ssid");
2779 		if (!token || token->type != JSON_STRING) {
2780 			dpp_auth_fail(auth,
2781 				      "No discovery::ssid string value found");
2782 			goto fail;
2783 		}
2784 		wpa_hexdump_ascii(MSG_DEBUG, "DPP: discovery::ssid",
2785 				  token->string, os_strlen(token->string));
2786 		if (os_strlen(token->string) > SSID_MAX_LEN) {
2787 			dpp_auth_fail(auth,
2788 				      "Too long discovery::ssid string value");
2789 			goto fail;
2790 		}
2791 	}
2792 
2793 	if (auth->num_conf_obj == DPP_MAX_CONF_OBJ) {
2794 		wpa_printf(MSG_DEBUG,
2795 			   "DPP: No room for this many Config Objects - ignore this one");
2796 		ret = 0;
2797 		goto fail;
2798 	}
2799 	conf = &auth->conf_obj[auth->num_conf_obj++];
2800 
2801 	if (ssid64) {
2802 		conf->ssid_len = wpabuf_len(ssid64);
2803 		os_memcpy(conf->ssid, wpabuf_head(ssid64), conf->ssid_len);
2804 	} else {
2805 		conf->ssid_len = os_strlen(token->string);
2806 		os_memcpy(conf->ssid, token->string, conf->ssid_len);
2807 	}
2808 
2809 	token = json_get_member(discovery, "ssid_charset");
2810 	if (token && token->type == JSON_NUMBER) {
2811 		conf->ssid_charset = token->number;
2812 		wpa_printf(MSG_DEBUG, "DPP: ssid_charset=%d",
2813 			   conf->ssid_charset);
2814 	}
2815 
2816 	cred = json_get_member(root, "cred");
2817 	if (!cred || cred->type != JSON_OBJECT) {
2818 		dpp_auth_fail(auth, "No cred object in JSON");
2819 		goto fail;
2820 	}
2821 
2822 	token = json_get_member(cred, "akm");
2823 	if (!token || token->type != JSON_STRING) {
2824 		dpp_auth_fail(auth, "No cred::akm string value found");
2825 		goto fail;
2826 	}
2827 	conf->akm = dpp_akm_from_str(token->string);
2828 
2829 	legacy = dpp_akm_legacy(conf->akm);
2830 	if (legacy && auth->peer_version >= 2) {
2831 		struct json_token *csign, *s_conn;
2832 
2833 		csign = json_get_member(cred, "csign");
2834 		s_conn = json_get_member(cred, "signedConnector");
2835 		if (csign && csign->type == JSON_OBJECT &&
2836 		    s_conn && s_conn->type == JSON_STRING)
2837 			legacy = 0;
2838 	}
2839 	if (legacy) {
2840 		if (dpp_parse_cred_legacy(conf, cred) < 0)
2841 			goto fail;
2842 	} else if (dpp_akm_dpp(conf->akm) ||
2843 		   (auth->peer_version >= 2 && dpp_akm_legacy(conf->akm))) {
2844 		if (dpp_parse_cred_dpp(auth, conf, cred) < 0)
2845 			goto fail;
2846 #ifdef CONFIG_DPP2
2847 	} else if (conf->akm == DPP_AKM_DOT1X) {
2848 		if (dpp_parse_cred_dot1x(auth, conf, cred) < 0 ||
2849 		    dpp_parse_cred_dpp(auth, conf, cred) < 0)
2850 			goto fail;
2851 #endif /* CONFIG_DPP2 */
2852 	} else {
2853 		wpa_printf(MSG_DEBUG, "DPP: Unsupported akm: %s",
2854 			   token->string);
2855 		dpp_auth_fail(auth, "Unsupported akm");
2856 		goto fail;
2857 	}
2858 
2859 	wpa_printf(MSG_DEBUG, "DPP: JSON parsing completed successfully");
2860 	ret = 0;
2861 fail:
2862 	wpabuf_free(ssid64);
2863 	json_free(root);
2864 	return ret;
2865 }
2866 
2867 
2868 #ifdef CONFIG_DPP2
dpp_get_csr_attrs(const u8 * attrs,size_t attrs_len,size_t * len)2869 static u8 * dpp_get_csr_attrs(const u8 *attrs, size_t attrs_len, size_t *len)
2870 {
2871 	const u8 *b64;
2872 	u16 b64_len;
2873 
2874 	b64 = dpp_get_attr(attrs, attrs_len, DPP_ATTR_CSR_ATTR_REQ, &b64_len);
2875 	if (!b64)
2876 		return NULL;
2877 	return base64_decode((const char *) b64, b64_len, len);
2878 }
2879 #endif /* CONFIG_DPP2 */
2880 
2881 
dpp_conf_resp_rx(struct dpp_authentication * auth,const struct wpabuf * resp)2882 int dpp_conf_resp_rx(struct dpp_authentication *auth,
2883 		     const struct wpabuf *resp)
2884 {
2885 	const u8 *wrapped_data, *e_nonce, *status, *conf_obj;
2886 	u16 wrapped_data_len, e_nonce_len, status_len, conf_obj_len;
2887 	const u8 *env_data;
2888 	u16 env_data_len;
2889 	const u8 *addr[1];
2890 	size_t len[1];
2891 	u8 *unwrapped = NULL;
2892 	size_t unwrapped_len = 0;
2893 	int ret = -1;
2894 
2895 	auth->conf_resp_status = 255;
2896 
2897 	if (dpp_check_attrs(wpabuf_head(resp), wpabuf_len(resp)) < 0) {
2898 		dpp_auth_fail(auth, "Invalid attribute in config response");
2899 		return -1;
2900 	}
2901 
2902 	wrapped_data = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp),
2903 				    DPP_ATTR_WRAPPED_DATA,
2904 				    &wrapped_data_len);
2905 	if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
2906 		dpp_auth_fail(auth,
2907 			      "Missing or invalid required Wrapped Data attribute");
2908 		return -1;
2909 	}
2910 
2911 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
2912 		    wrapped_data, wrapped_data_len);
2913 	unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
2914 	unwrapped = os_malloc(unwrapped_len);
2915 	if (!unwrapped)
2916 		return -1;
2917 
2918 	addr[0] = wpabuf_head(resp);
2919 	len[0] = wrapped_data - 4 - (const u8 *) wpabuf_head(resp);
2920 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
2921 
2922 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
2923 			    wrapped_data, wrapped_data_len,
2924 			    1, addr, len, unwrapped) < 0) {
2925 		dpp_auth_fail(auth, "AES-SIV decryption failed");
2926 		goto fail;
2927 	}
2928 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
2929 		    unwrapped, unwrapped_len);
2930 
2931 	if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
2932 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
2933 		goto fail;
2934 	}
2935 
2936 	e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
2937 			       DPP_ATTR_ENROLLEE_NONCE,
2938 			       &e_nonce_len);
2939 	if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
2940 		dpp_auth_fail(auth,
2941 			      "Missing or invalid Enrollee Nonce attribute");
2942 		goto fail;
2943 	}
2944 	wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
2945 	if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
2946 		dpp_auth_fail(auth, "Enrollee Nonce mismatch");
2947 		goto fail;
2948 	}
2949 
2950 	status = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp),
2951 			      DPP_ATTR_STATUS, &status_len);
2952 	if (!status || status_len < 1) {
2953 		dpp_auth_fail(auth,
2954 			      "Missing or invalid required DPP Status attribute");
2955 		goto fail;
2956 	}
2957 	auth->conf_resp_status = status[0];
2958 	wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]);
2959 #ifdef CONFIG_DPP2
2960 	if (status[0] == DPP_STATUS_CSR_NEEDED) {
2961 		u8 *csrattrs;
2962 		size_t csrattrs_len;
2963 
2964 		wpa_printf(MSG_DEBUG, "DPP: Configurator requested CSR");
2965 
2966 		csrattrs = dpp_get_csr_attrs(unwrapped, unwrapped_len,
2967 					     &csrattrs_len);
2968 		if (!csrattrs) {
2969 			dpp_auth_fail(auth,
2970 				      "Missing or invalid CSR Attributes Request attribute");
2971 			goto fail;
2972 		}
2973 		wpa_hexdump(MSG_DEBUG, "DPP: CsrAttrs", csrattrs, csrattrs_len);
2974 		os_free(auth->csrattrs);
2975 		auth->csrattrs = csrattrs;
2976 		auth->csrattrs_len = csrattrs_len;
2977 		ret = -2;
2978 		goto fail;
2979 	}
2980 #endif /* CONFIG_DPP2 */
2981 	if (status[0] != DPP_STATUS_OK) {
2982 		dpp_auth_fail(auth, "Configurator rejected configuration");
2983 		goto fail;
2984 	}
2985 
2986 	env_data = dpp_get_attr(unwrapped, unwrapped_len,
2987 				DPP_ATTR_ENVELOPED_DATA, &env_data_len);
2988 #ifdef CONFIG_DPP2
2989 	if (env_data &&
2990 	    dpp_conf_resp_env_data(auth, env_data, env_data_len) < 0)
2991 		goto fail;
2992 #endif /* CONFIG_DPP2 */
2993 
2994 	conf_obj = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_CONFIG_OBJ,
2995 				&conf_obj_len);
2996 	if (!conf_obj && !env_data) {
2997 		dpp_auth_fail(auth,
2998 			      "Missing required Configuration Object attribute");
2999 		goto fail;
3000 	}
3001 	while (conf_obj) {
3002 		wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON",
3003 				  conf_obj, conf_obj_len);
3004 		if (dpp_parse_conf_obj(auth, conf_obj, conf_obj_len) < 0)
3005 			goto fail;
3006 		conf_obj = dpp_get_attr_next(conf_obj, unwrapped, unwrapped_len,
3007 					     DPP_ATTR_CONFIG_OBJ,
3008 					     &conf_obj_len);
3009 	}
3010 
3011 #ifdef CONFIG_DPP2
3012 	status = dpp_get_attr(unwrapped, unwrapped_len,
3013 			      DPP_ATTR_SEND_CONN_STATUS, &status_len);
3014 	if (status) {
3015 		wpa_printf(MSG_DEBUG,
3016 			   "DPP: Configurator requested connection status result");
3017 		auth->conn_status_requested = 1;
3018 	}
3019 #endif /* CONFIG_DPP2 */
3020 
3021 	ret = 0;
3022 
3023 fail:
3024 	os_free(unwrapped);
3025 	return ret;
3026 }
3027 
3028 
3029 #ifdef CONFIG_DPP2
3030 
dpp_conf_result_rx(struct dpp_authentication * auth,const u8 * hdr,const u8 * attr_start,size_t attr_len)3031 enum dpp_status_error dpp_conf_result_rx(struct dpp_authentication *auth,
3032 					 const u8 *hdr,
3033 					 const u8 *attr_start, size_t attr_len)
3034 {
3035 	const u8 *wrapped_data, *status, *e_nonce;
3036 	u16 wrapped_data_len, status_len, e_nonce_len;
3037 	const u8 *addr[2];
3038 	size_t len[2];
3039 	u8 *unwrapped = NULL;
3040 	size_t unwrapped_len = 0;
3041 	enum dpp_status_error ret = 256;
3042 
3043 	wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
3044 				    &wrapped_data_len);
3045 	if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
3046 		dpp_auth_fail(auth,
3047 			      "Missing or invalid required Wrapped Data attribute");
3048 		goto fail;
3049 	}
3050 	wpa_hexdump(MSG_DEBUG, "DPP: Wrapped data",
3051 		    wrapped_data, wrapped_data_len);
3052 
3053 	attr_len = wrapped_data - 4 - attr_start;
3054 
3055 	addr[0] = hdr;
3056 	len[0] = DPP_HDR_LEN;
3057 	addr[1] = attr_start;
3058 	len[1] = attr_len;
3059 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3060 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3061 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
3062 		    wrapped_data, wrapped_data_len);
3063 	unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
3064 	unwrapped = os_malloc(unwrapped_len);
3065 	if (!unwrapped)
3066 		goto fail;
3067 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
3068 			    wrapped_data, wrapped_data_len,
3069 			    2, addr, len, unwrapped) < 0) {
3070 		dpp_auth_fail(auth, "AES-SIV decryption failed");
3071 		goto fail;
3072 	}
3073 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
3074 		    unwrapped, unwrapped_len);
3075 
3076 	if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
3077 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
3078 		goto fail;
3079 	}
3080 
3081 	e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
3082 			       DPP_ATTR_ENROLLEE_NONCE,
3083 			       &e_nonce_len);
3084 	if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
3085 		dpp_auth_fail(auth,
3086 			      "Missing or invalid Enrollee Nonce attribute");
3087 		goto fail;
3088 	}
3089 	wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
3090 	if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
3091 		dpp_auth_fail(auth, "Enrollee Nonce mismatch");
3092 		wpa_hexdump(MSG_DEBUG, "DPP: Expected Enrollee Nonce",
3093 			    auth->e_nonce, e_nonce_len);
3094 		goto fail;
3095 	}
3096 
3097 	status = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_STATUS,
3098 			      &status_len);
3099 	if (!status || status_len < 1) {
3100 		dpp_auth_fail(auth,
3101 			      "Missing or invalid required DPP Status attribute");
3102 		goto fail;
3103 	}
3104 	wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]);
3105 	ret = status[0];
3106 
3107 fail:
3108 	bin_clear_free(unwrapped, unwrapped_len);
3109 	return ret;
3110 }
3111 
3112 
dpp_build_conf_result(struct dpp_authentication * auth,enum dpp_status_error status)3113 struct wpabuf * dpp_build_conf_result(struct dpp_authentication *auth,
3114 				      enum dpp_status_error status)
3115 {
3116 	struct wpabuf *msg, *clear;
3117 	size_t nonce_len, clear_len, attr_len;
3118 	const u8 *addr[2];
3119 	size_t len[2];
3120 	u8 *wrapped;
3121 
3122 	nonce_len = auth->curve->nonce_len;
3123 	clear_len = 5 + 4 + nonce_len;
3124 	attr_len = 4 + clear_len + AES_BLOCK_SIZE;
3125 	clear = wpabuf_alloc(clear_len);
3126 	msg = dpp_alloc_msg(DPP_PA_CONFIGURATION_RESULT, attr_len);
3127 	if (!clear || !msg)
3128 		goto fail;
3129 
3130 	/* DPP Status */
3131 	dpp_build_attr_status(clear, status);
3132 
3133 	/* E-nonce */
3134 	wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
3135 	wpabuf_put_le16(clear, nonce_len);
3136 	wpabuf_put_data(clear, auth->e_nonce, nonce_len);
3137 
3138 	/* OUI, OUI type, Crypto Suite, DPP frame type */
3139 	addr[0] = wpabuf_head_u8(msg) + 2;
3140 	len[0] = 3 + 1 + 1 + 1;
3141 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3142 
3143 	/* Attributes before Wrapped Data (none) */
3144 	addr[1] = wpabuf_put(msg, 0);
3145 	len[1] = 0;
3146 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3147 
3148 	/* Wrapped Data */
3149 	wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
3150 	wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3151 	wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3152 
3153 	wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
3154 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
3155 			    wpabuf_head(clear), wpabuf_len(clear),
3156 			    2, addr, len, wrapped) < 0)
3157 		goto fail;
3158 
3159 	wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Result attributes", msg);
3160 	wpabuf_free(clear);
3161 	return msg;
3162 fail:
3163 	wpabuf_free(clear);
3164 	wpabuf_free(msg);
3165 	return NULL;
3166 }
3167 
3168 
valid_channel_list(const char * val)3169 static int valid_channel_list(const char *val)
3170 {
3171 	while (*val) {
3172 		if (!((*val >= '0' && *val <= '9') ||
3173 		      *val == '/' || *val == ','))
3174 			return 0;
3175 		val++;
3176 	}
3177 
3178 	return 1;
3179 }
3180 
3181 
dpp_conn_status_result_rx(struct dpp_authentication * auth,const u8 * hdr,const u8 * attr_start,size_t attr_len,u8 * ssid,size_t * ssid_len,char ** channel_list)3182 enum dpp_status_error dpp_conn_status_result_rx(struct dpp_authentication *auth,
3183 						const u8 *hdr,
3184 						const u8 *attr_start,
3185 						size_t attr_len,
3186 						u8 *ssid, size_t *ssid_len,
3187 						char **channel_list)
3188 {
3189 	const u8 *wrapped_data, *status, *e_nonce;
3190 	u16 wrapped_data_len, status_len, e_nonce_len;
3191 	const u8 *addr[2];
3192 	size_t len[2];
3193 	u8 *unwrapped = NULL;
3194 	size_t unwrapped_len = 0;
3195 	enum dpp_status_error ret = 256;
3196 	struct json_token *root = NULL, *token;
3197 	struct wpabuf *ssid64;
3198 
3199 	*ssid_len = 0;
3200 	*channel_list = NULL;
3201 
3202 	wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
3203 				    &wrapped_data_len);
3204 	if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
3205 		dpp_auth_fail(auth,
3206 			      "Missing or invalid required Wrapped Data attribute");
3207 		goto fail;
3208 	}
3209 	wpa_hexdump(MSG_DEBUG, "DPP: Wrapped data",
3210 		    wrapped_data, wrapped_data_len);
3211 
3212 	attr_len = wrapped_data - 4 - attr_start;
3213 
3214 	addr[0] = hdr;
3215 	len[0] = DPP_HDR_LEN;
3216 	addr[1] = attr_start;
3217 	len[1] = attr_len;
3218 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3219 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3220 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
3221 		    wrapped_data, wrapped_data_len);
3222 	unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
3223 	unwrapped = os_malloc(unwrapped_len);
3224 	if (!unwrapped)
3225 		goto fail;
3226 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
3227 			    wrapped_data, wrapped_data_len,
3228 			    2, addr, len, unwrapped) < 0) {
3229 		dpp_auth_fail(auth, "AES-SIV decryption failed");
3230 		goto fail;
3231 	}
3232 	wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
3233 		    unwrapped, unwrapped_len);
3234 
3235 	if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
3236 		dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
3237 		goto fail;
3238 	}
3239 
3240 	e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
3241 			       DPP_ATTR_ENROLLEE_NONCE,
3242 			       &e_nonce_len);
3243 	if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
3244 		dpp_auth_fail(auth,
3245 			      "Missing or invalid Enrollee Nonce attribute");
3246 		goto fail;
3247 	}
3248 	wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
3249 	if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
3250 		dpp_auth_fail(auth, "Enrollee Nonce mismatch");
3251 		wpa_hexdump(MSG_DEBUG, "DPP: Expected Enrollee Nonce",
3252 			    auth->e_nonce, e_nonce_len);
3253 		goto fail;
3254 	}
3255 
3256 	status = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_CONN_STATUS,
3257 			      &status_len);
3258 	if (!status) {
3259 		dpp_auth_fail(auth,
3260 			      "Missing required DPP Connection Status attribute");
3261 		goto fail;
3262 	}
3263 	wpa_hexdump_ascii(MSG_DEBUG, "DPP: connStatus JSON",
3264 			  status, status_len);
3265 
3266 	root = json_parse((const char *) status, status_len);
3267 	if (!root) {
3268 		dpp_auth_fail(auth, "Could not parse connStatus");
3269 		goto fail;
3270 	}
3271 
3272 	ssid64 = json_get_member_base64url(root, "ssid64");
3273 	if (ssid64 && wpabuf_len(ssid64) <= SSID_MAX_LEN) {
3274 		*ssid_len = wpabuf_len(ssid64);
3275 		os_memcpy(ssid, wpabuf_head(ssid64), *ssid_len);
3276 	}
3277 	wpabuf_free(ssid64);
3278 
3279 	token = json_get_member(root, "channelList");
3280 	if (token && token->type == JSON_STRING &&
3281 	    valid_channel_list(token->string))
3282 		*channel_list = os_strdup(token->string);
3283 
3284 	token = json_get_member(root, "result");
3285 	if (!token || token->type != JSON_NUMBER) {
3286 		dpp_auth_fail(auth, "No connStatus - result");
3287 		goto fail;
3288 	}
3289 	wpa_printf(MSG_DEBUG, "DPP: result %d", token->number);
3290 	ret = token->number;
3291 
3292 fail:
3293 	json_free(root);
3294 	bin_clear_free(unwrapped, unwrapped_len);
3295 	return ret;
3296 }
3297 
3298 
dpp_build_conn_status(enum dpp_status_error result,const u8 * ssid,size_t ssid_len,const char * channel_list)3299 struct wpabuf * dpp_build_conn_status(enum dpp_status_error result,
3300 				      const u8 *ssid, size_t ssid_len,
3301 				      const char *channel_list)
3302 {
3303 	struct wpabuf *json;
3304 
3305 	json = wpabuf_alloc(1000);
3306 	if (!json)
3307 		return NULL;
3308 	json_start_object(json, NULL);
3309 	json_add_int(json, "result", result);
3310 	if (ssid) {
3311 		json_value_sep(json);
3312 		if (json_add_base64url(json, "ssid64", ssid, ssid_len) < 0) {
3313 			wpabuf_free(json);
3314 			return NULL;
3315 		}
3316 	}
3317 	if (channel_list) {
3318 		json_value_sep(json);
3319 		json_add_string(json, "channelList", channel_list);
3320 	}
3321 	json_end_object(json);
3322 	wpa_hexdump_ascii(MSG_DEBUG, "DPP: connStatus JSON",
3323 			  wpabuf_head(json), wpabuf_len(json));
3324 
3325 	return json;
3326 }
3327 
3328 
dpp_build_conn_status_result(struct dpp_authentication * auth,enum dpp_status_error result,const u8 * ssid,size_t ssid_len,const char * channel_list)3329 struct wpabuf * dpp_build_conn_status_result(struct dpp_authentication *auth,
3330 					     enum dpp_status_error result,
3331 					     const u8 *ssid, size_t ssid_len,
3332 					     const char *channel_list)
3333 {
3334 	struct wpabuf *msg = NULL, *clear = NULL, *json;
3335 	size_t nonce_len, clear_len, attr_len;
3336 	const u8 *addr[2];
3337 	size_t len[2];
3338 	u8 *wrapped;
3339 
3340 	json = dpp_build_conn_status(result, ssid, ssid_len, channel_list);
3341 	if (!json)
3342 		return NULL;
3343 
3344 	nonce_len = auth->curve->nonce_len;
3345 	clear_len = 5 + 4 + nonce_len + 4 + wpabuf_len(json);
3346 	attr_len = 4 + clear_len + AES_BLOCK_SIZE;
3347 	clear = wpabuf_alloc(clear_len);
3348 	msg = dpp_alloc_msg(DPP_PA_CONNECTION_STATUS_RESULT, attr_len);
3349 	if (!clear || !msg)
3350 		goto fail;
3351 
3352 	/* E-nonce */
3353 	wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
3354 	wpabuf_put_le16(clear, nonce_len);
3355 	wpabuf_put_data(clear, auth->e_nonce, nonce_len);
3356 
3357 	/* DPP Connection Status */
3358 	wpabuf_put_le16(clear, DPP_ATTR_CONN_STATUS);
3359 	wpabuf_put_le16(clear, wpabuf_len(json));
3360 	wpabuf_put_buf(clear, json);
3361 
3362 	/* OUI, OUI type, Crypto Suite, DPP frame type */
3363 	addr[0] = wpabuf_head_u8(msg) + 2;
3364 	len[0] = 3 + 1 + 1 + 1;
3365 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3366 
3367 	/* Attributes before Wrapped Data (none) */
3368 	addr[1] = wpabuf_put(msg, 0);
3369 	len[1] = 0;
3370 	wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3371 
3372 	/* Wrapped Data */
3373 	wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
3374 	wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3375 	wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3376 
3377 	wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
3378 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
3379 			    wpabuf_head(clear), wpabuf_len(clear),
3380 			    2, addr, len, wrapped) < 0)
3381 		goto fail;
3382 
3383 	wpa_hexdump_buf(MSG_DEBUG, "DPP: Connection Status Result attributes",
3384 			msg);
3385 	wpabuf_free(json);
3386 	wpabuf_free(clear);
3387 	return msg;
3388 fail:
3389 	wpabuf_free(json);
3390 	wpabuf_free(clear);
3391 	wpabuf_free(msg);
3392 	return NULL;
3393 }
3394 
3395 #endif /* CONFIG_DPP2 */
3396 
3397 
dpp_configurator_free(struct dpp_configurator * conf)3398 void dpp_configurator_free(struct dpp_configurator *conf)
3399 {
3400 	if (!conf)
3401 		return;
3402 	EVP_PKEY_free(conf->csign);
3403 	os_free(conf->kid);
3404 	os_free(conf->connector);
3405 	EVP_PKEY_free(conf->connector_key);
3406 	EVP_PKEY_free(conf->pp_key);
3407 	os_free(conf);
3408 }
3409 
3410 
dpp_configurator_get_key(const struct dpp_configurator * conf,char * buf,size_t buflen)3411 int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf,
3412 			     size_t buflen)
3413 {
3414 	EC_KEY *eckey;
3415 	int key_len, ret = -1;
3416 	unsigned char *key = NULL;
3417 
3418 	if (!conf->csign)
3419 		return -1;
3420 
3421 	eckey = EVP_PKEY_get1_EC_KEY(conf->csign);
3422 	if (!eckey)
3423 		return -1;
3424 
3425 	key_len = i2d_ECPrivateKey(eckey, &key);
3426 	if (key_len > 0)
3427 		ret = wpa_snprintf_hex(buf, buflen, key, key_len);
3428 
3429 	EC_KEY_free(eckey);
3430 	OPENSSL_free(key);
3431 	return ret;
3432 }
3433 
3434 
dpp_configurator_gen_kid(struct dpp_configurator * conf)3435 static int dpp_configurator_gen_kid(struct dpp_configurator *conf)
3436 {
3437 	struct wpabuf *csign_pub = NULL;
3438 	const u8 *addr[1];
3439 	size_t len[1];
3440 	int res;
3441 
3442 	csign_pub = dpp_get_pubkey_point(conf->csign, 1);
3443 	if (!csign_pub) {
3444 		wpa_printf(MSG_INFO, "DPP: Failed to extract C-sign-key");
3445 		return -1;
3446 	}
3447 
3448 	/* kid = SHA256(ANSI X9.63 uncompressed C-sign-key) */
3449 	addr[0] = wpabuf_head(csign_pub);
3450 	len[0] = wpabuf_len(csign_pub);
3451 	res = sha256_vector(1, addr, len, conf->kid_hash);
3452 	wpabuf_free(csign_pub);
3453 	if (res < 0) {
3454 		wpa_printf(MSG_DEBUG,
3455 			   "DPP: Failed to derive kid for C-sign-key");
3456 		return -1;
3457 	}
3458 
3459 	conf->kid = base64_url_encode(conf->kid_hash, sizeof(conf->kid_hash),
3460 				      NULL);
3461 	return conf->kid ? 0 : -1;
3462 }
3463 
3464 
3465 static struct dpp_configurator *
dpp_keygen_configurator(const char * curve,const u8 * privkey,size_t privkey_len,const u8 * pp_key,size_t pp_key_len)3466 dpp_keygen_configurator(const char *curve, const u8 *privkey,
3467 			size_t privkey_len, const u8 *pp_key, size_t pp_key_len)
3468 {
3469 	struct dpp_configurator *conf;
3470 
3471 	conf = os_zalloc(sizeof(*conf));
3472 	if (!conf)
3473 		return NULL;
3474 
3475 	conf->curve = dpp_get_curve_name(curve);
3476 	if (!conf->curve) {
3477 		wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", curve);
3478 		os_free(conf);
3479 		return NULL;
3480 	}
3481 
3482 	if (privkey)
3483 		conf->csign = dpp_set_keypair(&conf->curve, privkey,
3484 					      privkey_len);
3485 	else
3486 		conf->csign = dpp_gen_keypair(conf->curve);
3487 	if (pp_key)
3488 		conf->pp_key = dpp_set_keypair(&conf->curve, pp_key,
3489 					       pp_key_len);
3490 	else
3491 		conf->pp_key = dpp_gen_keypair(conf->curve);
3492 	if (!conf->csign || !conf->pp_key)
3493 		goto fail;
3494 	conf->own = 1;
3495 
3496 	if (dpp_configurator_gen_kid(conf) < 0)
3497 		goto fail;
3498 	return conf;
3499 fail:
3500 	dpp_configurator_free(conf);
3501 	return NULL;
3502 }
3503 
3504 
dpp_configurator_own_config(struct dpp_authentication * auth,const char * curve,int ap)3505 int dpp_configurator_own_config(struct dpp_authentication *auth,
3506 				const char *curve, int ap)
3507 {
3508 	struct wpabuf *conf_obj;
3509 	int ret = -1;
3510 
3511 	if (!auth->conf) {
3512 		wpa_printf(MSG_DEBUG, "DPP: No configurator specified");
3513 		return -1;
3514 	}
3515 
3516 	auth->curve = dpp_get_curve_name(curve);
3517 	if (!auth->curve) {
3518 		wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", curve);
3519 		return -1;
3520 	}
3521 
3522 	wpa_printf(MSG_DEBUG,
3523 		   "DPP: Building own configuration/connector with curve %s",
3524 		   auth->curve->name);
3525 
3526 	auth->own_protocol_key = dpp_gen_keypair(auth->curve);
3527 	if (!auth->own_protocol_key)
3528 		return -1;
3529 	dpp_copy_netaccesskey(auth, &auth->conf_obj[0]);
3530 	auth->peer_protocol_key = auth->own_protocol_key;
3531 	dpp_copy_csign(&auth->conf_obj[0], auth->conf->csign);
3532 
3533 	conf_obj = dpp_build_conf_obj(auth, ap, 0, NULL);
3534 	if (!conf_obj) {
3535 		wpabuf_free(auth->conf_obj[0].c_sign_key);
3536 		auth->conf_obj[0].c_sign_key = NULL;
3537 		goto fail;
3538 	}
3539 	ret = dpp_parse_conf_obj(auth, wpabuf_head(conf_obj),
3540 				 wpabuf_len(conf_obj));
3541 fail:
3542 	wpabuf_free(conf_obj);
3543 	auth->peer_protocol_key = NULL;
3544 	return ret;
3545 }
3546 
3547 
dpp_compatible_netrole(const char * role1,const char * role2)3548 static int dpp_compatible_netrole(const char *role1, const char *role2)
3549 {
3550 	return (os_strcmp(role1, "sta") == 0 && os_strcmp(role2, "ap") == 0) ||
3551 		(os_strcmp(role1, "ap") == 0 && os_strcmp(role2, "sta") == 0);
3552 }
3553 
3554 
dpp_connector_compatible_group(struct json_token * root,const char * group_id,const char * net_role,bool reconfig)3555 static int dpp_connector_compatible_group(struct json_token *root,
3556 					  const char *group_id,
3557 					  const char *net_role,
3558 					  bool reconfig)
3559 {
3560 	struct json_token *groups, *token;
3561 
3562 	groups = json_get_member(root, "groups");
3563 	if (!groups || groups->type != JSON_ARRAY)
3564 		return 0;
3565 
3566 	for (token = groups->child; token; token = token->sibling) {
3567 		struct json_token *id, *role;
3568 
3569 		id = json_get_member(token, "groupId");
3570 		if (!id || id->type != JSON_STRING)
3571 			continue;
3572 
3573 		role = json_get_member(token, "netRole");
3574 		if (!role || role->type != JSON_STRING)
3575 			continue;
3576 
3577 		if (os_strcmp(id->string, "*") != 0 &&
3578 		    os_strcmp(group_id, "*") != 0 &&
3579 		    os_strcmp(id->string, group_id) != 0)
3580 			continue;
3581 
3582 		if (reconfig && os_strcmp(net_role, "configurator") == 0)
3583 			return 1;
3584 		if (!reconfig && dpp_compatible_netrole(role->string, net_role))
3585 			return 1;
3586 	}
3587 
3588 	return 0;
3589 }
3590 
3591 
dpp_connector_match_groups(struct json_token * own_root,struct json_token * peer_root,bool reconfig)3592 int dpp_connector_match_groups(struct json_token *own_root,
3593 			       struct json_token *peer_root, bool reconfig)
3594 {
3595 	struct json_token *groups, *token;
3596 
3597 	groups = json_get_member(peer_root, "groups");
3598 	if (!groups || groups->type != JSON_ARRAY) {
3599 		wpa_printf(MSG_DEBUG, "DPP: No peer groups array found");
3600 		return 0;
3601 	}
3602 
3603 	for (token = groups->child; token; token = token->sibling) {
3604 		struct json_token *id, *role;
3605 
3606 		id = json_get_member(token, "groupId");
3607 		if (!id || id->type != JSON_STRING) {
3608 			wpa_printf(MSG_DEBUG,
3609 				   "DPP: Missing peer groupId string");
3610 			continue;
3611 		}
3612 
3613 		role = json_get_member(token, "netRole");
3614 		if (!role || role->type != JSON_STRING) {
3615 			wpa_printf(MSG_DEBUG,
3616 				   "DPP: Missing peer groups::netRole string");
3617 			continue;
3618 		}
3619 		wpa_printf(MSG_DEBUG,
3620 			   "DPP: peer connector group: groupId='%s' netRole='%s'",
3621 			   id->string, role->string);
3622 		if (dpp_connector_compatible_group(own_root, id->string,
3623 						   role->string, reconfig)) {
3624 			wpa_printf(MSG_DEBUG,
3625 				   "DPP: Compatible group/netRole in own connector");
3626 			return 1;
3627 		}
3628 	}
3629 
3630 	return 0;
3631 }
3632 
3633 
dpp_parse_own_connector(const char * own_connector)3634 struct json_token * dpp_parse_own_connector(const char *own_connector)
3635 {
3636 	unsigned char *own_conn;
3637 	size_t own_conn_len;
3638 	const char *pos, *end;
3639 	struct json_token *own_root;
3640 
3641 	pos = os_strchr(own_connector, '.');
3642 	if (!pos) {
3643 		wpa_printf(MSG_DEBUG, "DPP: Own connector is missing the first dot (.)");
3644 		return NULL;
3645 	}
3646 	pos++;
3647 	end = os_strchr(pos, '.');
3648 	if (!end) {
3649 		wpa_printf(MSG_DEBUG, "DPP: Own connector is missing the second dot (.)");
3650 		return NULL;
3651 	}
3652 	own_conn = base64_url_decode(pos, end - pos, &own_conn_len);
3653 	if (!own_conn) {
3654 		wpa_printf(MSG_DEBUG,
3655 			   "DPP: Failed to base64url decode own signedConnector JWS Payload");
3656 		return NULL;
3657 	}
3658 
3659 	own_root = json_parse((const char *) own_conn, own_conn_len);
3660 	os_free(own_conn);
3661 	if (!own_root)
3662 		wpa_printf(MSG_DEBUG, "DPP: Failed to parse local connector");
3663 
3664 	return own_root;
3665 }
3666 
3667 
3668 enum dpp_status_error
dpp_peer_intro(struct dpp_introduction * intro,const char * own_connector,const u8 * net_access_key,size_t net_access_key_len,const u8 * csign_key,size_t csign_key_len,const u8 * peer_connector,size_t peer_connector_len,os_time_t * expiry)3669 dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
3670 	       const u8 *net_access_key, size_t net_access_key_len,
3671 	       const u8 *csign_key, size_t csign_key_len,
3672 	       const u8 *peer_connector, size_t peer_connector_len,
3673 	       os_time_t *expiry)
3674 {
3675 	struct json_token *root = NULL, *netkey, *token;
3676 	struct json_token *own_root = NULL;
3677 	enum dpp_status_error ret = 255, res;
3678 	EVP_PKEY *own_key = NULL, *peer_key = NULL;
3679 	struct wpabuf *own_key_pub = NULL;
3680 	const struct dpp_curve_params *curve, *own_curve;
3681 	struct dpp_signed_connector_info info;
3682 	size_t Nx_len;
3683 	u8 Nx[DPP_MAX_SHARED_SECRET_LEN];
3684 
3685 	os_memset(intro, 0, sizeof(*intro));
3686 	os_memset(&info, 0, sizeof(info));
3687 	if (expiry)
3688 		*expiry = 0;
3689 
3690 	own_key = dpp_set_keypair(&own_curve, net_access_key,
3691 				  net_access_key_len);
3692 	if (!own_key) {
3693 		wpa_printf(MSG_ERROR, "DPP: Failed to parse own netAccessKey");
3694 		goto fail;
3695 	}
3696 
3697 	own_root = dpp_parse_own_connector(own_connector);
3698 	if (!own_root)
3699 		goto fail;
3700 
3701 	res = dpp_check_signed_connector(&info, csign_key, csign_key_len,
3702 					 peer_connector, peer_connector_len);
3703 	if (res != DPP_STATUS_OK) {
3704 		ret = res;
3705 		goto fail;
3706 	}
3707 
3708 	root = json_parse((const char *) info.payload, info.payload_len);
3709 	if (!root) {
3710 		wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed");
3711 		ret = DPP_STATUS_INVALID_CONNECTOR;
3712 		goto fail;
3713 	}
3714 
3715 	if (!dpp_connector_match_groups(own_root, root, false)) {
3716 		wpa_printf(MSG_DEBUG,
3717 			   "DPP: Peer connector does not include compatible group netrole with own connector");
3718 		ret = DPP_STATUS_NO_MATCH;
3719 		goto fail;
3720 	}
3721 
3722 	token = json_get_member(root, "expiry");
3723 	if (!token || token->type != JSON_STRING) {
3724 		wpa_printf(MSG_DEBUG,
3725 			   "DPP: No expiry string found - connector does not expire");
3726 	} else {
3727 		wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
3728 		if (dpp_key_expired(token->string, expiry)) {
3729 			wpa_printf(MSG_DEBUG,
3730 				   "DPP: Connector (netAccessKey) has expired");
3731 			ret = DPP_STATUS_INVALID_CONNECTOR;
3732 			goto fail;
3733 		}
3734 	}
3735 
3736 	netkey = json_get_member(root, "netAccessKey");
3737 	if (!netkey || netkey->type != JSON_OBJECT) {
3738 		wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found");
3739 		ret = DPP_STATUS_INVALID_CONNECTOR;
3740 		goto fail;
3741 	}
3742 
3743 	peer_key = dpp_parse_jwk(netkey, &curve);
3744 	if (!peer_key) {
3745 		ret = DPP_STATUS_INVALID_CONNECTOR;
3746 		goto fail;
3747 	}
3748 	dpp_debug_print_key("DPP: Received netAccessKey", peer_key);
3749 
3750 	if (own_curve != curve) {
3751 		wpa_printf(MSG_DEBUG,
3752 			   "DPP: Mismatching netAccessKey curves (%s != %s)",
3753 			   own_curve->name, curve->name);
3754 		ret = DPP_STATUS_INVALID_CONNECTOR;
3755 		goto fail;
3756 	}
3757 
3758 	/* ECDH: N = nk * PK */
3759 	if (dpp_ecdh(own_key, peer_key, Nx, &Nx_len) < 0)
3760 		goto fail;
3761 
3762 	wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (N.x)",
3763 			Nx, Nx_len);
3764 
3765 	/* PMK = HKDF(<>, "DPP PMK", N.x) */
3766 	if (dpp_derive_pmk(Nx, Nx_len, intro->pmk, curve->hash_len) < 0) {
3767 		wpa_printf(MSG_ERROR, "DPP: Failed to derive PMK");
3768 		goto fail;
3769 	}
3770 	intro->pmk_len = curve->hash_len;
3771 
3772 	/* PMKID = Truncate-128(H(min(NK.x, PK.x) | max(NK.x, PK.x))) */
3773 	if (dpp_derive_pmkid(curve, own_key, peer_key, intro->pmkid) < 0) {
3774 		wpa_printf(MSG_ERROR, "DPP: Failed to derive PMKID");
3775 		goto fail;
3776 	}
3777 
3778 	ret = DPP_STATUS_OK;
3779 fail:
3780 	if (ret != DPP_STATUS_OK)
3781 		os_memset(intro, 0, sizeof(*intro));
3782 	os_memset(Nx, 0, sizeof(Nx));
3783 	os_free(info.payload);
3784 	EVP_PKEY_free(own_key);
3785 	wpabuf_free(own_key_pub);
3786 	EVP_PKEY_free(peer_key);
3787 	json_free(root);
3788 	json_free(own_root);
3789 	return ret;
3790 }
3791 
3792 
dpp_next_id(struct dpp_global * dpp)3793 unsigned int dpp_next_id(struct dpp_global *dpp)
3794 {
3795 	struct dpp_bootstrap_info *bi;
3796 	unsigned int max_id = 0;
3797 
3798 	dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
3799 		if (bi->id > max_id)
3800 			max_id = bi->id;
3801 	}
3802 	return max_id + 1;
3803 }
3804 
3805 
dpp_bootstrap_del(struct dpp_global * dpp,unsigned int id)3806 static int dpp_bootstrap_del(struct dpp_global *dpp, unsigned int id)
3807 {
3808 	struct dpp_bootstrap_info *bi, *tmp;
3809 	int found = 0;
3810 
3811 	if (!dpp)
3812 		return -1;
3813 
3814 	dl_list_for_each_safe(bi, tmp, &dpp->bootstrap,
3815 			      struct dpp_bootstrap_info, list) {
3816 		if (id && bi->id != id)
3817 			continue;
3818 		found = 1;
3819 #ifdef CONFIG_DPP2
3820 		if (dpp->remove_bi)
3821 			dpp->remove_bi(dpp->cb_ctx, bi);
3822 #endif /* CONFIG_DPP2 */
3823 		dl_list_del(&bi->list);
3824 		dpp_bootstrap_info_free(bi);
3825 	}
3826 
3827 	if (id == 0)
3828 		return 0; /* flush succeeds regardless of entries found */
3829 	return found ? 0 : -1;
3830 }
3831 
3832 
dpp_add_qr_code(struct dpp_global * dpp,const char * uri)3833 struct dpp_bootstrap_info * dpp_add_qr_code(struct dpp_global *dpp,
3834 					    const char *uri)
3835 {
3836 	struct dpp_bootstrap_info *bi;
3837 
3838 	if (!dpp)
3839 		return NULL;
3840 
3841 	bi = dpp_parse_uri(uri);
3842 	if (!bi)
3843 		return NULL;
3844 
3845 	bi->type = DPP_BOOTSTRAP_QR_CODE;
3846 	bi->id = dpp_next_id(dpp);
3847 	dl_list_add(&dpp->bootstrap, &bi->list);
3848 	return bi;
3849 }
3850 
3851 
dpp_add_nfc_uri(struct dpp_global * dpp,const char * uri)3852 struct dpp_bootstrap_info * dpp_add_nfc_uri(struct dpp_global *dpp,
3853 					    const char *uri)
3854 {
3855 	struct dpp_bootstrap_info *bi;
3856 
3857 	if (!dpp)
3858 		return NULL;
3859 
3860 	bi = dpp_parse_uri(uri);
3861 	if (!bi)
3862 		return NULL;
3863 
3864 	bi->type = DPP_BOOTSTRAP_NFC_URI;
3865 	bi->id = dpp_next_id(dpp);
3866 	dl_list_add(&dpp->bootstrap, &bi->list);
3867 	return bi;
3868 }
3869 
3870 
dpp_bootstrap_gen(struct dpp_global * dpp,const char * cmd)3871 int dpp_bootstrap_gen(struct dpp_global *dpp, const char *cmd)
3872 {
3873 	char *mac = NULL, *info = NULL, *curve = NULL;
3874 	char *key = NULL;
3875 	u8 *privkey = NULL;
3876 	size_t privkey_len = 0;
3877 	int ret = -1;
3878 	struct dpp_bootstrap_info *bi;
3879 
3880 	if (!dpp)
3881 		return -1;
3882 
3883 	bi = os_zalloc(sizeof(*bi));
3884 	if (!bi)
3885 		goto fail;
3886 
3887 	if (os_strstr(cmd, "type=qrcode"))
3888 		bi->type = DPP_BOOTSTRAP_QR_CODE;
3889 	else if (os_strstr(cmd, "type=pkex"))
3890 		bi->type = DPP_BOOTSTRAP_PKEX;
3891 	else if (os_strstr(cmd, "type=nfc-uri"))
3892 		bi->type = DPP_BOOTSTRAP_NFC_URI;
3893 	else
3894 		goto fail;
3895 
3896 	bi->chan = get_param(cmd, " chan=");
3897 	mac = get_param(cmd, " mac=");
3898 	info = get_param(cmd, " info=");
3899 	curve = get_param(cmd, " curve=");
3900 	key = get_param(cmd, " key=");
3901 
3902 	if (key) {
3903 		privkey_len = os_strlen(key) / 2;
3904 		privkey = os_malloc(privkey_len);
3905 		if (!privkey ||
3906 		    hexstr2bin(key, privkey, privkey_len) < 0)
3907 			goto fail;
3908 	}
3909 
3910 	if (dpp_keygen(bi, curve, privkey, privkey_len) < 0 ||
3911 	    dpp_parse_uri_chan_list(bi, bi->chan) < 0 ||
3912 	    dpp_parse_uri_mac(bi, mac) < 0 ||
3913 	    dpp_parse_uri_info(bi, info) < 0 ||
3914 	    dpp_gen_uri(bi) < 0)
3915 		goto fail;
3916 
3917 	bi->id = dpp_next_id(dpp);
3918 	dl_list_add(&dpp->bootstrap, &bi->list);
3919 	ret = bi->id;
3920 	bi = NULL;
3921 fail:
3922 	os_free(curve);
3923 	os_free(mac);
3924 	os_free(info);
3925 	str_clear_free(key);
3926 	bin_clear_free(privkey, privkey_len);
3927 	dpp_bootstrap_info_free(bi);
3928 	return ret;
3929 }
3930 
3931 
3932 struct dpp_bootstrap_info *
dpp_bootstrap_get_id(struct dpp_global * dpp,unsigned int id)3933 dpp_bootstrap_get_id(struct dpp_global *dpp, unsigned int id)
3934 {
3935 	struct dpp_bootstrap_info *bi;
3936 
3937 	if (!dpp)
3938 		return NULL;
3939 
3940 	dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
3941 		if (bi->id == id)
3942 			return bi;
3943 	}
3944 	return NULL;
3945 }
3946 
3947 
dpp_bootstrap_remove(struct dpp_global * dpp,const char * id)3948 int dpp_bootstrap_remove(struct dpp_global *dpp, const char *id)
3949 {
3950 	unsigned int id_val;
3951 
3952 	if (os_strcmp(id, "*") == 0) {
3953 		id_val = 0;
3954 	} else {
3955 		id_val = atoi(id);
3956 		if (id_val == 0)
3957 			return -1;
3958 	}
3959 
3960 	return dpp_bootstrap_del(dpp, id_val);
3961 }
3962 
3963 
dpp_bootstrap_get_uri(struct dpp_global * dpp,unsigned int id)3964 const char * dpp_bootstrap_get_uri(struct dpp_global *dpp, unsigned int id)
3965 {
3966 	struct dpp_bootstrap_info *bi;
3967 
3968 	bi = dpp_bootstrap_get_id(dpp, id);
3969 	if (!bi)
3970 		return NULL;
3971 	return bi->uri;
3972 }
3973 
3974 
dpp_bootstrap_info(struct dpp_global * dpp,int id,char * reply,int reply_size)3975 int dpp_bootstrap_info(struct dpp_global *dpp, int id,
3976 		       char *reply, int reply_size)
3977 {
3978 	struct dpp_bootstrap_info *bi;
3979 	char pkhash[2 * SHA256_MAC_LEN + 1];
3980 
3981 	bi = dpp_bootstrap_get_id(dpp, id);
3982 	if (!bi)
3983 		return -1;
3984 	wpa_snprintf_hex(pkhash, sizeof(pkhash), bi->pubkey_hash,
3985 			 SHA256_MAC_LEN);
3986 	return os_snprintf(reply, reply_size, "type=%s\n"
3987 			   "mac_addr=" MACSTR "\n"
3988 			   "info=%s\n"
3989 			   "num_freq=%u\n"
3990 			   "use_freq=%u\n"
3991 			   "curve=%s\n"
3992 			   "pkhash=%s\n"
3993 			   "version=%d\n",
3994 			   dpp_bootstrap_type_txt(bi->type),
3995 			   MAC2STR(bi->mac_addr),
3996 			   bi->info ? bi->info : "",
3997 			   bi->num_freq,
3998 			   bi->num_freq == 1 ? bi->freq[0] : 0,
3999 			   bi->curve->name,
4000 			   pkhash,
4001 			   bi->version);
4002 }
4003 
4004 
dpp_bootstrap_set(struct dpp_global * dpp,int id,const char * params)4005 int dpp_bootstrap_set(struct dpp_global *dpp, int id, const char *params)
4006 {
4007 	struct dpp_bootstrap_info *bi;
4008 
4009 	bi = dpp_bootstrap_get_id(dpp, id);
4010 	if (!bi)
4011 		return -1;
4012 
4013 	str_clear_free(bi->configurator_params);
4014 
4015 	if (params) {
4016 		bi->configurator_params = os_strdup(params);
4017 		return bi->configurator_params ? 0 : -1;
4018 	}
4019 
4020 	bi->configurator_params = NULL;
4021 	return 0;
4022 }
4023 
4024 
dpp_bootstrap_find_pair(struct dpp_global * dpp,const u8 * i_bootstrap,const u8 * r_bootstrap,struct dpp_bootstrap_info ** own_bi,struct dpp_bootstrap_info ** peer_bi)4025 void dpp_bootstrap_find_pair(struct dpp_global *dpp, const u8 *i_bootstrap,
4026 			     const u8 *r_bootstrap,
4027 			     struct dpp_bootstrap_info **own_bi,
4028 			     struct dpp_bootstrap_info **peer_bi)
4029 {
4030 	struct dpp_bootstrap_info *bi;
4031 
4032 	*own_bi = NULL;
4033 	*peer_bi = NULL;
4034 	if (!dpp)
4035 		return;
4036 
4037 	dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
4038 		if (!*own_bi && bi->own &&
4039 		    os_memcmp(bi->pubkey_hash, r_bootstrap,
4040 			      SHA256_MAC_LEN) == 0) {
4041 			wpa_printf(MSG_DEBUG,
4042 				   "DPP: Found matching own bootstrapping information");
4043 			*own_bi = bi;
4044 		}
4045 
4046 		if (!*peer_bi && !bi->own &&
4047 		    os_memcmp(bi->pubkey_hash, i_bootstrap,
4048 			      SHA256_MAC_LEN) == 0) {
4049 			wpa_printf(MSG_DEBUG,
4050 				   "DPP: Found matching peer bootstrapping information");
4051 			*peer_bi = bi;
4052 		}
4053 
4054 		if (*own_bi && *peer_bi)
4055 			break;
4056 	}
4057 }
4058 
4059 
4060 #ifdef CONFIG_DPP2
dpp_bootstrap_find_chirp(struct dpp_global * dpp,const u8 * hash)4061 struct dpp_bootstrap_info * dpp_bootstrap_find_chirp(struct dpp_global *dpp,
4062 						     const u8 *hash)
4063 {
4064 	struct dpp_bootstrap_info *bi;
4065 
4066 	if (!dpp)
4067 		return NULL;
4068 
4069 	dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
4070 		if (!bi->own && os_memcmp(bi->pubkey_hash_chirp, hash,
4071 					  SHA256_MAC_LEN) == 0)
4072 			return bi;
4073 	}
4074 
4075 	return NULL;
4076 }
4077 #endif /* CONFIG_DPP2 */
4078 
4079 
dpp_nfc_update_bi_channel(struct dpp_bootstrap_info * own_bi,struct dpp_bootstrap_info * peer_bi)4080 static int dpp_nfc_update_bi_channel(struct dpp_bootstrap_info *own_bi,
4081 				     struct dpp_bootstrap_info *peer_bi)
4082 {
4083 	unsigned int i, freq = 0;
4084 	enum hostapd_hw_mode mode;
4085 	u8 op_class, channel;
4086 	char chan[20];
4087 
4088 	if (peer_bi->num_freq == 0 && !peer_bi->channels_listed)
4089 		return 0; /* no channel preference/constraint */
4090 
4091 	for (i = 0; i < peer_bi->num_freq; i++) {
4092 		if ((own_bi->num_freq == 0 && !own_bi->channels_listed) ||
4093 		    freq_included(own_bi->freq, own_bi->num_freq,
4094 				  peer_bi->freq[i])) {
4095 			freq = peer_bi->freq[i];
4096 			break;
4097 		}
4098 	}
4099 	if (!freq) {
4100 		wpa_printf(MSG_DEBUG, "DPP: No common channel found");
4101 		return -1;
4102 	}
4103 
4104 	mode = ieee80211_freq_to_channel_ext(freq, 0, 0, &op_class, &channel);
4105 	if (mode == NUM_HOSTAPD_MODES) {
4106 		wpa_printf(MSG_DEBUG,
4107 			   "DPP: Could not determine operating class or channel number for %u MHz",
4108 			   freq);
4109 	}
4110 
4111 	wpa_printf(MSG_DEBUG,
4112 		   "DPP: Selected %u MHz (op_class %u channel %u) as the negotiation channel based on information from NFC negotiated handover",
4113 		   freq, op_class, channel);
4114 	os_snprintf(chan, sizeof(chan), "%u/%u", op_class, channel);
4115 	os_free(own_bi->chan);
4116 	own_bi->chan = os_strdup(chan);
4117 	own_bi->freq[0] = freq;
4118 	own_bi->num_freq = 1;
4119 	os_free(peer_bi->chan);
4120 	peer_bi->chan = os_strdup(chan);
4121 	peer_bi->freq[0] = freq;
4122 	peer_bi->num_freq = 1;
4123 
4124 	return dpp_gen_uri(own_bi);
4125 }
4126 
4127 
dpp_nfc_update_bi_key(struct dpp_bootstrap_info * own_bi,struct dpp_bootstrap_info * peer_bi)4128 static int dpp_nfc_update_bi_key(struct dpp_bootstrap_info *own_bi,
4129 				 struct dpp_bootstrap_info *peer_bi)
4130 {
4131 	if (peer_bi->curve == own_bi->curve)
4132 		return 0;
4133 
4134 	wpa_printf(MSG_DEBUG,
4135 		   "DPP: Update own bootstrapping key to match peer curve from NFC handover");
4136 
4137 	EVP_PKEY_free(own_bi->pubkey);
4138 	own_bi->pubkey = NULL;
4139 
4140 	if (dpp_keygen(own_bi, peer_bi->curve->name, NULL, 0) < 0 ||
4141 	    dpp_gen_uri(own_bi) < 0)
4142 		goto fail;
4143 
4144 	return 0;
4145 fail:
4146 	dl_list_del(&own_bi->list);
4147 	dpp_bootstrap_info_free(own_bi);
4148 	return -1;
4149 }
4150 
4151 
dpp_nfc_update_bi(struct dpp_bootstrap_info * own_bi,struct dpp_bootstrap_info * peer_bi)4152 int dpp_nfc_update_bi(struct dpp_bootstrap_info *own_bi,
4153 		      struct dpp_bootstrap_info *peer_bi)
4154 {
4155 	if (dpp_nfc_update_bi_channel(own_bi, peer_bi) < 0 ||
4156 	    dpp_nfc_update_bi_key(own_bi, peer_bi) < 0)
4157 		return -1;
4158 	return 0;
4159 }
4160 
4161 
dpp_next_configurator_id(struct dpp_global * dpp)4162 static unsigned int dpp_next_configurator_id(struct dpp_global *dpp)
4163 {
4164 	struct dpp_configurator *conf;
4165 	unsigned int max_id = 0;
4166 
4167 	dl_list_for_each(conf, &dpp->configurator, struct dpp_configurator,
4168 			 list) {
4169 		if (conf->id > max_id)
4170 			max_id = conf->id;
4171 	}
4172 	return max_id + 1;
4173 }
4174 
4175 
dpp_configurator_add(struct dpp_global * dpp,const char * cmd)4176 int dpp_configurator_add(struct dpp_global *dpp, const char *cmd)
4177 {
4178 	char *curve = NULL;
4179 	char *key = NULL, *ppkey = NULL;
4180 	u8 *privkey = NULL, *pp_key = NULL;
4181 	size_t privkey_len = 0, pp_key_len = 0;
4182 	int ret = -1;
4183 	struct dpp_configurator *conf = NULL;
4184 
4185 	curve = get_param(cmd, " curve=");
4186 	key = get_param(cmd, " key=");
4187 	ppkey = get_param(cmd, " ppkey=");
4188 
4189 	if (key) {
4190 		privkey_len = os_strlen(key) / 2;
4191 		privkey = os_malloc(privkey_len);
4192 		if (!privkey ||
4193 		    hexstr2bin(key, privkey, privkey_len) < 0)
4194 			goto fail;
4195 	}
4196 
4197 	if (ppkey) {
4198 		pp_key_len = os_strlen(ppkey) / 2;
4199 		pp_key = os_malloc(pp_key_len);
4200 		if (!pp_key ||
4201 		    hexstr2bin(ppkey, pp_key, pp_key_len) < 0)
4202 			goto fail;
4203 	}
4204 
4205 	conf = dpp_keygen_configurator(curve, privkey, privkey_len,
4206 				       pp_key, pp_key_len);
4207 	if (!conf)
4208 		goto fail;
4209 
4210 	conf->id = dpp_next_configurator_id(dpp);
4211 	dl_list_add(&dpp->configurator, &conf->list);
4212 	ret = conf->id;
4213 	conf = NULL;
4214 fail:
4215 	os_free(curve);
4216 	str_clear_free(key);
4217 	str_clear_free(ppkey);
4218 	bin_clear_free(privkey, privkey_len);
4219 	bin_clear_free(pp_key, pp_key_len);
4220 	dpp_configurator_free(conf);
4221 	return ret;
4222 }
4223 
4224 
dpp_configurator_del(struct dpp_global * dpp,unsigned int id)4225 static int dpp_configurator_del(struct dpp_global *dpp, unsigned int id)
4226 {
4227 	struct dpp_configurator *conf, *tmp;
4228 	int found = 0;
4229 
4230 	if (!dpp)
4231 		return -1;
4232 
4233 	dl_list_for_each_safe(conf, tmp, &dpp->configurator,
4234 			      struct dpp_configurator, list) {
4235 		if (id && conf->id != id)
4236 			continue;
4237 		found = 1;
4238 		dl_list_del(&conf->list);
4239 		dpp_configurator_free(conf);
4240 	}
4241 
4242 	if (id == 0)
4243 		return 0; /* flush succeeds regardless of entries found */
4244 	return found ? 0 : -1;
4245 }
4246 
4247 
dpp_configurator_remove(struct dpp_global * dpp,const char * id)4248 int dpp_configurator_remove(struct dpp_global *dpp, const char *id)
4249 {
4250 	unsigned int id_val;
4251 
4252 	if (os_strcmp(id, "*") == 0) {
4253 		id_val = 0;
4254 	} else {
4255 		id_val = atoi(id);
4256 		if (id_val == 0)
4257 			return -1;
4258 	}
4259 
4260 	return dpp_configurator_del(dpp, id_val);
4261 }
4262 
4263 
dpp_configurator_get_key_id(struct dpp_global * dpp,unsigned int id,char * buf,size_t buflen)4264 int dpp_configurator_get_key_id(struct dpp_global *dpp, unsigned int id,
4265 				char *buf, size_t buflen)
4266 {
4267 	struct dpp_configurator *conf;
4268 
4269 	conf = dpp_configurator_get_id(dpp, id);
4270 	if (!conf)
4271 		return -1;
4272 
4273 	return dpp_configurator_get_key(conf, buf, buflen);
4274 }
4275 
4276 
4277 #ifdef CONFIG_DPP2
4278 
dpp_configurator_from_backup(struct dpp_global * dpp,struct dpp_asymmetric_key * key)4279 int dpp_configurator_from_backup(struct dpp_global *dpp,
4280 				 struct dpp_asymmetric_key *key)
4281 {
4282 	struct dpp_configurator *conf;
4283 	const EC_KEY *eckey, *eckey_pp;
4284 	const EC_GROUP *group, *group_pp;
4285 	int nid;
4286 	const struct dpp_curve_params *curve;
4287 
4288 	if (!key->csign || !key->pp_key)
4289 		return -1;
4290 	eckey = EVP_PKEY_get0_EC_KEY(key->csign);
4291 	if (!eckey)
4292 		return -1;
4293 	group = EC_KEY_get0_group(eckey);
4294 	if (!group)
4295 		return -1;
4296 	nid = EC_GROUP_get_curve_name(group);
4297 	curve = dpp_get_curve_nid(nid);
4298 	if (!curve) {
4299 		wpa_printf(MSG_INFO, "DPP: Unsupported group in c-sign-key");
4300 		return -1;
4301 	}
4302 	eckey_pp = EVP_PKEY_get0_EC_KEY(key->pp_key);
4303 	if (!eckey_pp)
4304 		return -1;
4305 	group_pp = EC_KEY_get0_group(eckey_pp);
4306 	if (!group_pp)
4307 		return -1;
4308 	if (EC_GROUP_get_curve_name(group) !=
4309 	    EC_GROUP_get_curve_name(group_pp)) {
4310 		wpa_printf(MSG_INFO,
4311 			   "DPP: Mismatch in c-sign-key and ppKey groups");
4312 		return -1;
4313 	}
4314 
4315 	conf = os_zalloc(sizeof(*conf));
4316 	if (!conf)
4317 		return -1;
4318 	conf->curve = curve;
4319 	conf->csign = key->csign;
4320 	key->csign = NULL;
4321 	conf->pp_key = key->pp_key;
4322 	key->pp_key = NULL;
4323 	conf->own = 1;
4324 	if (dpp_configurator_gen_kid(conf) < 0) {
4325 		dpp_configurator_free(conf);
4326 		return -1;
4327 	}
4328 
4329 	conf->id = dpp_next_configurator_id(dpp);
4330 	dl_list_add(&dpp->configurator, &conf->list);
4331 	return conf->id;
4332 }
4333 
4334 
dpp_configurator_find_kid(struct dpp_global * dpp,const u8 * kid)4335 struct dpp_configurator * dpp_configurator_find_kid(struct dpp_global *dpp,
4336 						    const u8 *kid)
4337 {
4338 	struct dpp_configurator *conf;
4339 
4340 	if (!dpp)
4341 		return NULL;
4342 
4343 	dl_list_for_each(conf, &dpp->configurator,
4344 			 struct dpp_configurator, list) {
4345 		if (os_memcmp(conf->kid_hash, kid, SHA256_MAC_LEN) == 0)
4346 			return conf;
4347 	}
4348 	return NULL;
4349 }
4350 
4351 #endif /* CONFIG_DPP2 */
4352 
4353 
dpp_global_init(struct dpp_global_config * config)4354 struct dpp_global * dpp_global_init(struct dpp_global_config *config)
4355 {
4356 	struct dpp_global *dpp;
4357 
4358 	dpp = os_zalloc(sizeof(*dpp));
4359 	if (!dpp)
4360 		return NULL;
4361 #ifdef CONFIG_DPP2
4362 	dpp->cb_ctx = config->cb_ctx;
4363 	dpp->remove_bi = config->remove_bi;
4364 #endif /* CONFIG_DPP2 */
4365 
4366 	dl_list_init(&dpp->bootstrap);
4367 	dl_list_init(&dpp->configurator);
4368 #ifdef CONFIG_DPP2
4369 	dl_list_init(&dpp->controllers);
4370 	dl_list_init(&dpp->tcp_init);
4371 #endif /* CONFIG_DPP2 */
4372 
4373 	return dpp;
4374 }
4375 
4376 
dpp_global_clear(struct dpp_global * dpp)4377 void dpp_global_clear(struct dpp_global *dpp)
4378 {
4379 	if (!dpp)
4380 		return;
4381 
4382 	dpp_bootstrap_del(dpp, 0);
4383 	dpp_configurator_del(dpp, 0);
4384 #ifdef CONFIG_DPP2
4385 	dpp_tcp_init_flush(dpp);
4386 	dpp_relay_flush_controllers(dpp);
4387 	dpp_controller_stop(dpp);
4388 #endif /* CONFIG_DPP2 */
4389 }
4390 
4391 
dpp_global_deinit(struct dpp_global * dpp)4392 void dpp_global_deinit(struct dpp_global *dpp)
4393 {
4394 	dpp_global_clear(dpp);
4395 	os_free(dpp);
4396 }
4397 
4398 
4399 #ifdef CONFIG_DPP2
4400 
dpp_build_presence_announcement(struct dpp_bootstrap_info * bi)4401 struct wpabuf * dpp_build_presence_announcement(struct dpp_bootstrap_info *bi)
4402 {
4403 	struct wpabuf *msg;
4404 
4405 	wpa_printf(MSG_DEBUG, "DPP: Build Presence Announcement frame");
4406 
4407 	msg = dpp_alloc_msg(DPP_PA_PRESENCE_ANNOUNCEMENT, 4 + SHA256_MAC_LEN);
4408 	if (!msg)
4409 		return NULL;
4410 
4411 	/* Responder Bootstrapping Key Hash */
4412 	dpp_build_attr_r_bootstrap_key_hash(msg, bi->pubkey_hash_chirp);
4413 	wpa_hexdump_buf(MSG_DEBUG,
4414 			"DPP: Presence Announcement frame attributes", msg);
4415 	return msg;
4416 }
4417 
4418 
dpp_notify_chirp_received(void * msg_ctx,int id,const u8 * src,unsigned int freq,const u8 * hash)4419 void dpp_notify_chirp_received(void *msg_ctx, int id, const u8 *src,
4420 				unsigned int freq, const u8 *hash)
4421 {
4422 	char hex[SHA256_MAC_LEN * 2 + 1];
4423 
4424 	wpa_snprintf_hex(hex, sizeof(hex), hash, SHA256_MAC_LEN);
4425 	wpa_msg(msg_ctx, MSG_INFO,
4426 		DPP_EVENT_CHIRP_RX "id=%d src=" MACSTR " freq=%u hash=%s",
4427 		id, MAC2STR(src), freq, hex);
4428 }
4429 
4430 #endif /* CONFIG_DPP2 */
4431