1 /*
2 * DPP functionality shared between hostapd and wpa_supplicant
3 * Copyright (c) 2017, Qualcomm Atheros, Inc.
4 * Copyright (c) 2018-2020, The Linux Foundation
5 * Copyright (c) 2021-2022, Qualcomm Innovation Center, Inc.
6 *
7 * This software may be distributed under the terms of the BSD license.
8 * See README for more details.
9 */
10
11 #include "utils/includes.h"
12
13 #include "utils/common.h"
14 #include "utils/base64.h"
15 #include "utils/json.h"
16 #include "common/ieee802_11_common.h"
17 #include "common/wpa_ctrl.h"
18 #include "common/gas.h"
19 #include "eap_common/eap_defs.h"
20 #include "crypto/crypto.h"
21 #include "crypto/random.h"
22 #include "crypto/aes.h"
23 #include "crypto/aes_siv.h"
24 #include "drivers/driver.h"
25 #include "dpp.h"
26 #include "dpp_i.h"
27
28
29 #ifdef CONFIG_TESTING_OPTIONS
30 #ifdef CONFIG_DPP3
31 int dpp_version_override = 3;
32 #elif defined(CONFIG_DPP2)
33 int dpp_version_override = 2;
34 #else
35 int dpp_version_override = 1;
36 #endif
37 enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED;
38 #endif /* CONFIG_TESTING_OPTIONS */
39
40
dpp_auth_fail(struct dpp_authentication * auth,const char * txt)41 void dpp_auth_fail(struct dpp_authentication *auth, const char *txt)
42 {
43 wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_FAIL "%s", txt);
44 }
45
46
dpp_alloc_msg(enum dpp_public_action_frame_type type,size_t len)47 struct wpabuf * dpp_alloc_msg(enum dpp_public_action_frame_type type,
48 size_t len)
49 {
50 struct wpabuf *msg;
51
52 msg = wpabuf_alloc(8 + len);
53 if (!msg)
54 return NULL;
55 wpabuf_put_u8(msg, WLAN_ACTION_PUBLIC);
56 wpabuf_put_u8(msg, WLAN_PA_VENDOR_SPECIFIC);
57 wpabuf_put_be24(msg, OUI_WFA);
58 wpabuf_put_u8(msg, DPP_OUI_TYPE);
59 wpabuf_put_u8(msg, 1); /* Crypto Suite */
60 wpabuf_put_u8(msg, type);
61 return msg;
62 }
63
64
dpp_get_attr(const u8 * buf,size_t len,u16 req_id,u16 * ret_len)65 const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len)
66 {
67 u16 id, alen;
68 const u8 *pos = buf, *end = buf + len;
69
70 while (end - pos >= 4) {
71 id = WPA_GET_LE16(pos);
72 pos += 2;
73 alen = WPA_GET_LE16(pos);
74 pos += 2;
75 if (alen > end - pos)
76 return NULL;
77 if (id == req_id) {
78 *ret_len = alen;
79 return pos;
80 }
81 pos += alen;
82 }
83
84 return NULL;
85 }
86
87
dpp_get_attr_next(const u8 * prev,const u8 * buf,size_t len,u16 req_id,u16 * ret_len)88 static const u8 * dpp_get_attr_next(const u8 *prev, const u8 *buf, size_t len,
89 u16 req_id, u16 *ret_len)
90 {
91 u16 id, alen;
92 const u8 *pos, *end = buf + len;
93
94 if (!prev)
95 pos = buf;
96 else
97 pos = prev + WPA_GET_LE16(prev - 2);
98 while (end - pos >= 4) {
99 id = WPA_GET_LE16(pos);
100 pos += 2;
101 alen = WPA_GET_LE16(pos);
102 pos += 2;
103 if (alen > end - pos)
104 return NULL;
105 if (id == req_id) {
106 *ret_len = alen;
107 return pos;
108 }
109 pos += alen;
110 }
111
112 return NULL;
113 }
114
115
dpp_check_attrs(const u8 * buf,size_t len)116 int dpp_check_attrs(const u8 *buf, size_t len)
117 {
118 const u8 *pos, *end;
119 int wrapped_data = 0;
120
121 pos = buf;
122 end = buf + len;
123 while (end - pos >= 4) {
124 u16 id, alen;
125
126 id = WPA_GET_LE16(pos);
127 pos += 2;
128 alen = WPA_GET_LE16(pos);
129 pos += 2;
130 wpa_printf(MSG_MSGDUMP, "DPP: Attribute ID %04x len %u",
131 id, alen);
132 if (alen > end - pos) {
133 wpa_printf(MSG_DEBUG,
134 "DPP: Truncated message - not enough room for the attribute - dropped");
135 return -1;
136 }
137 if (wrapped_data) {
138 wpa_printf(MSG_DEBUG,
139 "DPP: An unexpected attribute included after the Wrapped Data attribute");
140 return -1;
141 }
142 if (id == DPP_ATTR_WRAPPED_DATA)
143 wrapped_data = 1;
144 pos += alen;
145 }
146
147 if (end != pos) {
148 wpa_printf(MSG_DEBUG,
149 "DPP: Unexpected octets (%d) after the last attribute",
150 (int) (end - pos));
151 return -1;
152 }
153
154 return 0;
155 }
156
157
dpp_bootstrap_info_free(struct dpp_bootstrap_info * info)158 void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info)
159 {
160 if (!info)
161 return;
162 os_free(info->uri);
163 os_free(info->info);
164 os_free(info->chan);
165 os_free(info->pk);
166 crypto_ec_key_deinit(info->pubkey);
167 str_clear_free(info->configurator_params);
168 os_free(info);
169 }
170
171
dpp_bootstrap_type_txt(enum dpp_bootstrap_type type)172 const char * dpp_bootstrap_type_txt(enum dpp_bootstrap_type type)
173 {
174 switch (type) {
175 case DPP_BOOTSTRAP_QR_CODE:
176 return "QRCODE";
177 case DPP_BOOTSTRAP_PKEX:
178 return "PKEX";
179 case DPP_BOOTSTRAP_NFC_URI:
180 return "NFC-URI";
181 }
182 return "??";
183 }
184
185
dpp_uri_valid_info(const char * info)186 static int dpp_uri_valid_info(const char *info)
187 {
188 while (*info) {
189 unsigned char val = *info++;
190
191 if (val < 0x20 || val > 0x7e || val == 0x3b)
192 return 0;
193 }
194
195 return 1;
196 }
197
198
dpp_clone_uri(struct dpp_bootstrap_info * bi,const char * uri)199 static int dpp_clone_uri(struct dpp_bootstrap_info *bi, const char *uri)
200 {
201 bi->uri = os_strdup(uri);
202 return bi->uri ? 0 : -1;
203 }
204
205
dpp_parse_uri_chan_list(struct dpp_bootstrap_info * bi,const char * chan_list)206 int dpp_parse_uri_chan_list(struct dpp_bootstrap_info *bi,
207 const char *chan_list)
208 {
209 const char *pos = chan_list, *pos2;
210 int opclass = -1, channel, freq;
211
212 while (pos && *pos && *pos != ';') {
213 pos2 = pos;
214 while (*pos2 >= '0' && *pos2 <= '9')
215 pos2++;
216 if (*pos2 == '/') {
217 opclass = atoi(pos);
218 pos = pos2 + 1;
219 }
220 if (opclass <= 0)
221 goto fail;
222 channel = atoi(pos);
223 if (channel <= 0)
224 goto fail;
225 while (*pos >= '0' && *pos <= '9')
226 pos++;
227 freq = ieee80211_chan_to_freq(NULL, opclass, channel);
228 wpa_printf(MSG_DEBUG,
229 "DPP: URI channel-list: opclass=%d channel=%d ==> freq=%d",
230 opclass, channel, freq);
231 bi->channels_listed = true;
232 if (freq < 0) {
233 wpa_printf(MSG_DEBUG,
234 "DPP: Ignore unknown URI channel-list channel (opclass=%d channel=%d)",
235 opclass, channel);
236 } else if (bi->num_freq == DPP_BOOTSTRAP_MAX_FREQ) {
237 wpa_printf(MSG_DEBUG,
238 "DPP: Too many channels in URI channel-list - ignore list");
239 bi->num_freq = 0;
240 break;
241 } else {
242 bi->freq[bi->num_freq++] = freq;
243 }
244
245 if (*pos == ';' || *pos == '\0')
246 break;
247 if (*pos != ',')
248 goto fail;
249 pos++;
250 }
251
252 return 0;
253 fail:
254 wpa_printf(MSG_DEBUG, "DPP: Invalid URI channel-list");
255 return -1;
256 }
257
258
dpp_parse_uri_mac(struct dpp_bootstrap_info * bi,const char * mac)259 int dpp_parse_uri_mac(struct dpp_bootstrap_info *bi, const char *mac)
260 {
261 if (!mac)
262 return 0;
263
264 if (hwaddr_aton2(mac, bi->mac_addr) < 0) {
265 wpa_printf(MSG_DEBUG, "DPP: Invalid URI mac");
266 return -1;
267 }
268
269 wpa_printf(MSG_DEBUG, "DPP: URI mac: " MACSTR, MAC2STR(bi->mac_addr));
270
271 return 0;
272 }
273
274
dpp_parse_uri_info(struct dpp_bootstrap_info * bi,const char * info)275 int dpp_parse_uri_info(struct dpp_bootstrap_info *bi, const char *info)
276 {
277 const char *end;
278
279 if (!info)
280 return 0;
281
282 end = os_strchr(info, ';');
283 if (!end)
284 end = info + os_strlen(info);
285 bi->info = os_malloc(end - info + 1);
286 if (!bi->info)
287 return -1;
288 os_memcpy(bi->info, info, end - info);
289 bi->info[end - info] = '\0';
290 wpa_printf(MSG_DEBUG, "DPP: URI(information): %s", bi->info);
291 if (!dpp_uri_valid_info(bi->info)) {
292 wpa_printf(MSG_DEBUG, "DPP: Invalid URI information payload");
293 return -1;
294 }
295
296 return 0;
297 }
298
299
dpp_parse_uri_version(struct dpp_bootstrap_info * bi,const char * version)300 int dpp_parse_uri_version(struct dpp_bootstrap_info *bi, const char *version)
301 {
302 #ifdef CONFIG_DPP2
303 if (!version || DPP_VERSION < 2)
304 return 0;
305
306 if (*version == '1')
307 bi->version = 1;
308 else if (*version == '2')
309 bi->version = 2;
310 else if (*version == '3')
311 bi->version = 3;
312 else
313 wpa_printf(MSG_DEBUG, "DPP: Unknown URI version");
314
315 wpa_printf(MSG_DEBUG, "DPP: URI version: %d", bi->version);
316 #endif /* CONFIG_DPP2 */
317
318 return 0;
319 }
320
321
dpp_parse_uri_pk(struct dpp_bootstrap_info * bi,const char * info)322 static int dpp_parse_uri_pk(struct dpp_bootstrap_info *bi, const char *info)
323 {
324 u8 *data;
325 size_t data_len;
326 int res;
327 const char *end;
328
329 end = os_strchr(info, ';');
330 if (!end)
331 return -1;
332
333 data = base64_decode(info, end - info, &data_len);
334 if (!data) {
335 wpa_printf(MSG_DEBUG,
336 "DPP: Invalid base64 encoding on URI public-key");
337 return -1;
338 }
339 wpa_hexdump(MSG_DEBUG, "DPP: Base64 decoded URI public-key",
340 data, data_len);
341
342 res = dpp_get_subject_public_key(bi, data, data_len);
343 os_free(data);
344 return res;
345 }
346
347
dpp_parse_uri_supported_curves(struct dpp_bootstrap_info * bi,const char * txt)348 static int dpp_parse_uri_supported_curves(struct dpp_bootstrap_info *bi,
349 const char *txt)
350 {
351 int val;
352
353 if (!txt)
354 return 0;
355
356 val = hex2num(txt[0]);
357 if (val < 0)
358 return -1;
359 bi->supported_curves = val;
360
361 val = hex2num(txt[1]);
362 if (val > 0)
363 bi->supported_curves |= val << 4;
364
365 wpa_printf(MSG_DEBUG, "DPP: URI supported curves: 0x%x",
366 bi->supported_curves);
367
368 return 0;
369 }
370
371
dpp_parse_uri(const char * uri)372 static struct dpp_bootstrap_info * dpp_parse_uri(const char *uri)
373 {
374 const char *pos = uri;
375 const char *end;
376 const char *chan_list = NULL, *mac = NULL, *info = NULL, *pk = NULL;
377 const char *version = NULL, *supported_curves = NULL;
378 struct dpp_bootstrap_info *bi;
379
380 wpa_hexdump_ascii(MSG_DEBUG, "DPP: URI", uri, os_strlen(uri));
381
382 if (os_strncmp(pos, "DPP:", 4) != 0) {
383 wpa_printf(MSG_INFO, "DPP: Not a DPP URI");
384 return NULL;
385 }
386 pos += 4;
387
388 for (;;) {
389 end = os_strchr(pos, ';');
390 if (!end)
391 break;
392
393 if (end == pos) {
394 /* Handle terminating ";;" and ignore unexpected ";"
395 * for parsing robustness. */
396 pos++;
397 continue;
398 }
399
400 if (pos[0] == 'C' && pos[1] == ':' && !chan_list)
401 chan_list = pos + 2;
402 else if (pos[0] == 'M' && pos[1] == ':' && !mac)
403 mac = pos + 2;
404 else if (pos[0] == 'I' && pos[1] == ':' && !info)
405 info = pos + 2;
406 else if (pos[0] == 'K' && pos[1] == ':' && !pk)
407 pk = pos + 2;
408 else if (pos[0] == 'V' && pos[1] == ':' && !version)
409 version = pos + 2;
410 else if (pos[0] == 'B' && pos[1] == ':' && !supported_curves)
411 supported_curves = pos + 2;
412 else
413 wpa_hexdump_ascii(MSG_DEBUG,
414 "DPP: Ignore unrecognized URI parameter",
415 pos, end - pos);
416 pos = end + 1;
417 }
418
419 if (!pk) {
420 wpa_printf(MSG_INFO, "DPP: URI missing public-key");
421 return NULL;
422 }
423
424 bi = os_zalloc(sizeof(*bi));
425 if (!bi)
426 return NULL;
427
428 if (dpp_clone_uri(bi, uri) < 0 ||
429 dpp_parse_uri_chan_list(bi, chan_list) < 0 ||
430 dpp_parse_uri_mac(bi, mac) < 0 ||
431 dpp_parse_uri_info(bi, info) < 0 ||
432 dpp_parse_uri_version(bi, version) < 0 ||
433 dpp_parse_uri_supported_curves(bi, supported_curves) < 0 ||
434 dpp_parse_uri_pk(bi, pk) < 0) {
435 dpp_bootstrap_info_free(bi);
436 bi = NULL;
437 }
438
439 return bi;
440 }
441
442
dpp_build_attr_status(struct wpabuf * msg,enum dpp_status_error status)443 void dpp_build_attr_status(struct wpabuf *msg, enum dpp_status_error status)
444 {
445 wpa_printf(MSG_DEBUG, "DPP: Status %d", status);
446 wpabuf_put_le16(msg, DPP_ATTR_STATUS);
447 wpabuf_put_le16(msg, 1);
448 wpabuf_put_u8(msg, status);
449 }
450
451
dpp_build_attr_r_bootstrap_key_hash(struct wpabuf * msg,const u8 * hash)452 void dpp_build_attr_r_bootstrap_key_hash(struct wpabuf *msg, const u8 *hash)
453 {
454 if (hash) {
455 wpa_printf(MSG_DEBUG, "DPP: R-Bootstrap Key Hash");
456 wpabuf_put_le16(msg, DPP_ATTR_R_BOOTSTRAP_KEY_HASH);
457 wpabuf_put_le16(msg, SHA256_MAC_LEN);
458 wpabuf_put_data(msg, hash, SHA256_MAC_LEN);
459 }
460 }
461
462
dpp_channel_ok_init(struct hostapd_hw_modes * own_modes,u16 num_modes,unsigned int freq)463 static int dpp_channel_ok_init(struct hostapd_hw_modes *own_modes,
464 u16 num_modes, unsigned int freq)
465 {
466 u16 m;
467 int c, flag;
468
469 if (!own_modes || !num_modes)
470 return 1;
471
472 for (m = 0; m < num_modes; m++) {
473 for (c = 0; c < own_modes[m].num_channels; c++) {
474 if ((unsigned int) own_modes[m].channels[c].freq !=
475 freq)
476 continue;
477 flag = own_modes[m].channels[c].flag;
478 if (!(flag & (HOSTAPD_CHAN_DISABLED |
479 HOSTAPD_CHAN_NO_IR |
480 HOSTAPD_CHAN_RADAR)))
481 return 1;
482 }
483 }
484
485 wpa_printf(MSG_DEBUG, "DPP: Peer channel %u MHz not supported", freq);
486 return 0;
487 }
488
489
freq_included(const unsigned int freqs[],unsigned int num,unsigned int freq)490 static int freq_included(const unsigned int freqs[], unsigned int num,
491 unsigned int freq)
492 {
493 while (num > 0) {
494 if (freqs[--num] == freq)
495 return 1;
496 }
497 return 0;
498 }
499
500
freq_to_start(unsigned int freqs[],unsigned int num,unsigned int freq)501 static void freq_to_start(unsigned int freqs[], unsigned int num,
502 unsigned int freq)
503 {
504 unsigned int i;
505
506 for (i = 0; i < num; i++) {
507 if (freqs[i] == freq)
508 break;
509 }
510 if (i == 0 || i >= num)
511 return;
512 os_memmove(&freqs[1], &freqs[0], i * sizeof(freqs[0]));
513 freqs[0] = freq;
514 }
515
516
dpp_channel_intersect(struct dpp_authentication * auth,struct hostapd_hw_modes * own_modes,u16 num_modes)517 static int dpp_channel_intersect(struct dpp_authentication *auth,
518 struct hostapd_hw_modes *own_modes,
519 u16 num_modes)
520 {
521 struct dpp_bootstrap_info *peer_bi = auth->peer_bi;
522 unsigned int i, freq;
523
524 for (i = 0; i < peer_bi->num_freq; i++) {
525 freq = peer_bi->freq[i];
526 if (freq_included(auth->freq, auth->num_freq, freq))
527 continue;
528 if (dpp_channel_ok_init(own_modes, num_modes, freq))
529 auth->freq[auth->num_freq++] = freq;
530 }
531 if (!auth->num_freq) {
532 wpa_printf(MSG_INFO,
533 "DPP: No available channels for initiating DPP Authentication");
534 return -1;
535 }
536 auth->curr_freq = auth->freq[0];
537 return 0;
538 }
539
540
dpp_channel_local_list(struct dpp_authentication * auth,struct hostapd_hw_modes * own_modes,u16 num_modes)541 static int dpp_channel_local_list(struct dpp_authentication *auth,
542 struct hostapd_hw_modes *own_modes,
543 u16 num_modes)
544 {
545 u16 m;
546 int c, flag;
547 unsigned int freq;
548
549 auth->num_freq = 0;
550
551 if (!own_modes || !num_modes) {
552 auth->freq[0] = 2412;
553 auth->freq[1] = 2437;
554 auth->freq[2] = 2462;
555 auth->num_freq = 3;
556 return 0;
557 }
558
559 for (m = 0; m < num_modes; m++) {
560 for (c = 0; c < own_modes[m].num_channels; c++) {
561 freq = own_modes[m].channels[c].freq;
562 flag = own_modes[m].channels[c].flag;
563 if (flag & (HOSTAPD_CHAN_DISABLED |
564 HOSTAPD_CHAN_NO_IR |
565 HOSTAPD_CHAN_RADAR))
566 continue;
567 if (freq_included(auth->freq, auth->num_freq, freq))
568 continue;
569 auth->freq[auth->num_freq++] = freq;
570 if (auth->num_freq == DPP_BOOTSTRAP_MAX_FREQ) {
571 m = num_modes;
572 break;
573 }
574 }
575 }
576
577 return auth->num_freq == 0 ? -1 : 0;
578 }
579
580
dpp_prepare_channel_list(struct dpp_authentication * auth,unsigned int neg_freq,struct hostapd_hw_modes * own_modes,u16 num_modes)581 int dpp_prepare_channel_list(struct dpp_authentication *auth,
582 unsigned int neg_freq,
583 struct hostapd_hw_modes *own_modes, u16 num_modes)
584 {
585 int res;
586 char freqs[DPP_BOOTSTRAP_MAX_FREQ * 6 + 10], *pos, *end;
587 unsigned int i;
588
589 if (!own_modes) {
590 if (!neg_freq)
591 return -1;
592 auth->num_freq = 1;
593 auth->freq[0] = neg_freq;
594 auth->curr_freq = neg_freq;
595 return 0;
596 }
597
598 if (auth->peer_bi->num_freq > 0)
599 res = dpp_channel_intersect(auth, own_modes, num_modes);
600 else
601 res = dpp_channel_local_list(auth, own_modes, num_modes);
602 if (res < 0)
603 return res;
604
605 /* Prioritize 2.4 GHz channels 6, 1, 11 (in this order) to hit the most
606 * likely channels first. */
607 freq_to_start(auth->freq, auth->num_freq, 2462);
608 freq_to_start(auth->freq, auth->num_freq, 2412);
609 freq_to_start(auth->freq, auth->num_freq, 2437);
610
611 auth->freq_idx = 0;
612 auth->curr_freq = auth->freq[0];
613
614 pos = freqs;
615 end = pos + sizeof(freqs);
616 for (i = 0; i < auth->num_freq; i++) {
617 res = os_snprintf(pos, end - pos, " %u", auth->freq[i]);
618 if (os_snprintf_error(end - pos, res))
619 break;
620 pos += res;
621 }
622 *pos = '\0';
623 wpa_printf(MSG_DEBUG, "DPP: Possible frequencies for initiating:%s",
624 freqs);
625
626 return 0;
627 }
628
629
dpp_gen_uri(struct dpp_bootstrap_info * bi)630 int dpp_gen_uri(struct dpp_bootstrap_info *bi)
631 {
632 char macstr[ETH_ALEN * 2 + 10];
633 size_t len;
634 char supp_curves[10];
635
636 len = 4; /* "DPP:" */
637 if (bi->chan)
638 len += 3 + os_strlen(bi->chan); /* C:...; */
639 if (is_zero_ether_addr(bi->mac_addr))
640 macstr[0] = '\0';
641 else
642 os_snprintf(macstr, sizeof(macstr), "M:" COMPACT_MACSTR ";",
643 MAC2STR(bi->mac_addr));
644 len += os_strlen(macstr); /* M:...; */
645 if (bi->info)
646 len += 3 + os_strlen(bi->info); /* I:...; */
647 #ifdef CONFIG_DPP2
648 len += 4; /* V:2; */
649 #endif /* CONFIG_DPP2 */
650 len += 4 + os_strlen(bi->pk); /* K:...;; */
651
652 if (bi->supported_curves) {
653 u8 val = bi->supported_curves;
654
655 if (val & 0xf0) {
656 val = ((val & 0xf0) >> 4) | ((val & 0x0f) << 4);
657 len += os_snprintf(supp_curves, sizeof(supp_curves),
658 "B:%02x;", val);
659 } else {
660 len += os_snprintf(supp_curves, sizeof(supp_curves),
661 "B:%x;", val);
662 }
663 } else {
664 supp_curves[0] = '\0';
665 }
666
667 os_free(bi->uri);
668 bi->uri = os_malloc(len + 1);
669 if (!bi->uri)
670 return -1;
671 os_snprintf(bi->uri, len + 1, "DPP:%s%s%s%s%s%s%s%s%sK:%s;;",
672 bi->chan ? "C:" : "", bi->chan ? bi->chan : "",
673 bi->chan ? ";" : "",
674 macstr,
675 bi->info ? "I:" : "", bi->info ? bi->info : "",
676 bi->info ? ";" : "",
677 DPP_VERSION == 3 ? "V:3;" :
678 (DPP_VERSION == 2 ? "V:2;" : ""),
679 supp_curves,
680 bi->pk);
681 return 0;
682 }
683
684
685 struct dpp_authentication *
dpp_alloc_auth(struct dpp_global * dpp,void * msg_ctx)686 dpp_alloc_auth(struct dpp_global *dpp, void *msg_ctx)
687 {
688 struct dpp_authentication *auth;
689
690 auth = os_zalloc(sizeof(*auth));
691 if (!auth)
692 return NULL;
693 auth->global = dpp;
694 auth->msg_ctx = msg_ctx;
695 auth->conf_resp_status = 255;
696 return auth;
697 }
698
699
dpp_build_conf_req_attr(struct dpp_authentication * auth,const char * json)700 static struct wpabuf * dpp_build_conf_req_attr(struct dpp_authentication *auth,
701 const char *json)
702 {
703 size_t nonce_len;
704 size_t json_len, clear_len;
705 struct wpabuf *clear = NULL, *msg = NULL, *pe = NULL;
706 u8 *wrapped;
707 size_t attr_len;
708 #ifdef CONFIG_DPP3
709 u8 auth_i[DPP_MAX_HASH_LEN];
710 #endif /* CONFIG_DPP3 */
711
712 wpa_printf(MSG_DEBUG, "DPP: Build configuration request");
713
714 nonce_len = auth->curve->nonce_len;
715 if (random_get_bytes(auth->e_nonce, nonce_len)) {
716 wpa_printf(MSG_ERROR, "DPP: Failed to generate E-nonce");
717 goto fail;
718 }
719 wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", auth->e_nonce, nonce_len);
720 json_len = os_strlen(json);
721 wpa_hexdump_ascii(MSG_DEBUG, "DPP: configRequest JSON", json, json_len);
722
723 /* { E-nonce, configAttrib }ke */
724 clear_len = 4 + nonce_len + 4 + json_len;
725 #ifdef CONFIG_DPP3
726 if (auth->waiting_new_key) {
727 pe = crypto_ec_key_get_pubkey_point(auth->own_protocol_key, 0);
728 if (!pe)
729 goto fail;
730 clear_len += 4 + wpabuf_len(pe);
731
732 if (dpp_derive_auth_i(auth, auth_i) < 0)
733 goto fail;
734 clear_len += 4 + auth->curve->hash_len;
735 }
736 #endif /* CONFIG_DPP3 */
737 clear = wpabuf_alloc(clear_len);
738 attr_len = 4 + clear_len + AES_BLOCK_SIZE;
739 #ifdef CONFIG_TESTING_OPTIONS
740 if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ)
741 attr_len += 5;
742 #endif /* CONFIG_TESTING_OPTIONS */
743 msg = wpabuf_alloc(attr_len);
744 if (!clear || !msg)
745 goto fail;
746
747 #ifdef CONFIG_TESTING_OPTIONS
748 if (dpp_test == DPP_TEST_NO_E_NONCE_CONF_REQ) {
749 wpa_printf(MSG_INFO, "DPP: TESTING - no E-nonce");
750 goto skip_e_nonce;
751 }
752 if (dpp_test == DPP_TEST_INVALID_E_NONCE_CONF_REQ) {
753 wpa_printf(MSG_INFO, "DPP: TESTING - invalid E-nonce");
754 wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
755 wpabuf_put_le16(clear, nonce_len - 1);
756 wpabuf_put_data(clear, auth->e_nonce, nonce_len - 1);
757 goto skip_e_nonce;
758 }
759 if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_CONF_REQ) {
760 wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
761 goto skip_wrapped_data;
762 }
763 #endif /* CONFIG_TESTING_OPTIONS */
764
765 /* E-nonce */
766 wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
767 wpabuf_put_le16(clear, nonce_len);
768 wpabuf_put_data(clear, auth->e_nonce, nonce_len);
769
770 #ifdef CONFIG_TESTING_OPTIONS
771 skip_e_nonce:
772 if (dpp_test == DPP_TEST_NO_CONFIG_ATTR_OBJ_CONF_REQ) {
773 wpa_printf(MSG_INFO, "DPP: TESTING - no configAttrib");
774 goto skip_conf_attr_obj;
775 }
776 #endif /* CONFIG_TESTING_OPTIONS */
777
778 #ifdef CONFIG_DPP3
779 if (pe) {
780 wpa_printf(MSG_DEBUG, "DPP: Pe");
781 wpabuf_put_le16(clear, DPP_ATTR_I_PROTOCOL_KEY);
782 wpabuf_put_le16(clear, wpabuf_len(pe));
783 wpabuf_put_buf(clear, pe);
784 }
785 if (auth->waiting_new_key) {
786 wpa_printf(MSG_DEBUG, "DPP: Initiator Authentication Tag");
787 wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG);
788 wpabuf_put_le16(clear, auth->curve->hash_len);
789 wpabuf_put_data(clear, auth_i, auth->curve->hash_len);
790 }
791 #endif /* CONFIG_DPP3 */
792
793 /* configAttrib */
794 wpabuf_put_le16(clear, DPP_ATTR_CONFIG_ATTR_OBJ);
795 wpabuf_put_le16(clear, json_len);
796 wpabuf_put_data(clear, json, json_len);
797
798 #ifdef CONFIG_TESTING_OPTIONS
799 skip_conf_attr_obj:
800 #endif /* CONFIG_TESTING_OPTIONS */
801
802 wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
803 wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
804 wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
805
806 /* No AES-SIV AD */
807 wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
808 if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
809 wpabuf_head(clear), wpabuf_len(clear),
810 0, NULL, NULL, wrapped) < 0)
811 goto fail;
812 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
813 wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
814
815 #ifdef CONFIG_TESTING_OPTIONS
816 if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_REQ) {
817 wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data");
818 dpp_build_attr_status(msg, DPP_STATUS_OK);
819 }
820 skip_wrapped_data:
821 #endif /* CONFIG_TESTING_OPTIONS */
822
823 wpa_hexdump_buf(MSG_DEBUG,
824 "DPP: Configuration Request frame attributes", msg);
825 out:
826 wpabuf_free(clear);
827 wpabuf_free(pe);
828 return msg;
829
830 fail:
831 wpabuf_free(msg);
832 msg = NULL;
833 goto out;
834 }
835
836
dpp_write_adv_proto(struct wpabuf * buf)837 void dpp_write_adv_proto(struct wpabuf *buf)
838 {
839 /* Advertisement Protocol IE */
840 wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO);
841 wpabuf_put_u8(buf, 8); /* Length */
842 wpabuf_put_u8(buf, 0x7f);
843 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
844 wpabuf_put_u8(buf, 5);
845 wpabuf_put_be24(buf, OUI_WFA);
846 wpabuf_put_u8(buf, DPP_OUI_TYPE);
847 wpabuf_put_u8(buf, 0x01);
848 }
849
850
dpp_write_gas_query(struct wpabuf * buf,struct wpabuf * query)851 void dpp_write_gas_query(struct wpabuf *buf, struct wpabuf *query)
852 {
853 /* GAS Query */
854 wpabuf_put_le16(buf, wpabuf_len(query));
855 wpabuf_put_buf(buf, query);
856 }
857
858
dpp_build_conf_req(struct dpp_authentication * auth,const char * json)859 struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
860 const char *json)
861 {
862 struct wpabuf *buf, *conf_req;
863
864 conf_req = dpp_build_conf_req_attr(auth, json);
865 if (!conf_req) {
866 wpa_printf(MSG_DEBUG,
867 "DPP: No configuration request data available");
868 return NULL;
869 }
870
871 buf = gas_build_initial_req(0, 10 + 2 + wpabuf_len(conf_req));
872 if (!buf) {
873 wpabuf_free(conf_req);
874 return NULL;
875 }
876
877 dpp_write_adv_proto(buf);
878 dpp_write_gas_query(buf, conf_req);
879 wpabuf_free(conf_req);
880 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: GAS Config Request", buf);
881
882 return buf;
883 }
884
885
dpp_build_conf_req_helper(struct dpp_authentication * auth,const char * name,enum dpp_netrole netrole,const char * mud_url,int * opclasses)886 struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
887 const char *name,
888 enum dpp_netrole netrole,
889 const char *mud_url, int *opclasses)
890 {
891 size_t len, name_len;
892 const char *tech = "infra";
893 const char *dpp_name;
894 struct wpabuf *buf = NULL, *json = NULL;
895 char *csr = NULL;
896
897 #ifdef CONFIG_TESTING_OPTIONS
898 if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) {
899 static const char *bogus_tech = "knfra";
900
901 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr");
902 tech = bogus_tech;
903 }
904 #endif /* CONFIG_TESTING_OPTIONS */
905
906 dpp_name = name ? name : "Test";
907 name_len = os_strlen(dpp_name);
908
909 len = 100 + name_len * 6 + 1 + int_array_len(opclasses) * 4;
910 if (mud_url && mud_url[0])
911 len += 10 + os_strlen(mud_url);
912 #ifdef CONFIG_DPP2
913 if (auth->csr) {
914 size_t csr_len;
915
916 csr = base64_encode_no_lf(wpabuf_head(auth->csr),
917 wpabuf_len(auth->csr), &csr_len);
918 if (!csr)
919 goto fail;
920 len += 30 + csr_len;
921 }
922 #endif /* CONFIG_DPP2 */
923 json = wpabuf_alloc(len);
924 if (!json)
925 goto fail;
926
927 json_start_object(json, NULL);
928 if (json_add_string_escape(json, "name", dpp_name, name_len) < 0)
929 goto fail;
930 json_value_sep(json);
931 json_add_string(json, "wi-fi_tech", tech);
932 json_value_sep(json);
933 json_add_string(json, "netRole", dpp_netrole_str(netrole));
934 if (mud_url && mud_url[0]) {
935 json_value_sep(json);
936 json_add_string(json, "mudurl", mud_url);
937 }
938 if (opclasses) {
939 int i;
940
941 json_value_sep(json);
942 json_start_array(json, "bandSupport");
943 for (i = 0; opclasses[i]; i++)
944 wpabuf_printf(json, "%s%u", i ? "," : "", opclasses[i]);
945 json_end_array(json);
946 }
947 if (csr) {
948 json_value_sep(json);
949 json_add_string(json, "pkcs10", csr);
950 }
951 json_end_object(json);
952
953 buf = dpp_build_conf_req(auth, wpabuf_head(json));
954 fail:
955 wpabuf_free(json);
956 os_free(csr);
957
958 return buf;
959 }
960
961
bin_str_eq(const char * val,size_t len,const char * cmp)962 static int bin_str_eq(const char *val, size_t len, const char *cmp)
963 {
964 return os_strlen(cmp) == len && os_memcmp(val, cmp, len) == 0;
965 }
966
967
dpp_configuration_alloc(const char * type)968 struct dpp_configuration * dpp_configuration_alloc(const char *type)
969 {
970 struct dpp_configuration *conf;
971 const char *end;
972 size_t len;
973
974 conf = os_zalloc(sizeof(*conf));
975 if (!conf)
976 goto fail;
977
978 end = os_strchr(type, ' ');
979 if (end)
980 len = end - type;
981 else
982 len = os_strlen(type);
983
984 if (bin_str_eq(type, len, "psk"))
985 conf->akm = DPP_AKM_PSK;
986 else if (bin_str_eq(type, len, "sae"))
987 conf->akm = DPP_AKM_SAE;
988 else if (bin_str_eq(type, len, "psk-sae") ||
989 bin_str_eq(type, len, "psk+sae"))
990 conf->akm = DPP_AKM_PSK_SAE;
991 else if (bin_str_eq(type, len, "sae-dpp") ||
992 bin_str_eq(type, len, "dpp+sae"))
993 conf->akm = DPP_AKM_SAE_DPP;
994 else if (bin_str_eq(type, len, "psk-sae-dpp") ||
995 bin_str_eq(type, len, "dpp+psk+sae"))
996 conf->akm = DPP_AKM_PSK_SAE_DPP;
997 else if (bin_str_eq(type, len, "dpp"))
998 conf->akm = DPP_AKM_DPP;
999 else if (bin_str_eq(type, len, "dot1x"))
1000 conf->akm = DPP_AKM_DOT1X;
1001 else
1002 goto fail;
1003
1004 return conf;
1005 fail:
1006 dpp_configuration_free(conf);
1007 return NULL;
1008 }
1009
1010
dpp_akm_psk(enum dpp_akm akm)1011 int dpp_akm_psk(enum dpp_akm akm)
1012 {
1013 return akm == DPP_AKM_PSK || akm == DPP_AKM_PSK_SAE ||
1014 akm == DPP_AKM_PSK_SAE_DPP;
1015 }
1016
1017
dpp_akm_sae(enum dpp_akm akm)1018 int dpp_akm_sae(enum dpp_akm akm)
1019 {
1020 return akm == DPP_AKM_SAE || akm == DPP_AKM_PSK_SAE ||
1021 akm == DPP_AKM_SAE_DPP || akm == DPP_AKM_PSK_SAE_DPP;
1022 }
1023
1024
dpp_akm_legacy(enum dpp_akm akm)1025 int dpp_akm_legacy(enum dpp_akm akm)
1026 {
1027 return akm == DPP_AKM_PSK || akm == DPP_AKM_PSK_SAE ||
1028 akm == DPP_AKM_SAE;
1029 }
1030
1031
dpp_akm_dpp(enum dpp_akm akm)1032 int dpp_akm_dpp(enum dpp_akm akm)
1033 {
1034 return akm == DPP_AKM_DPP || akm == DPP_AKM_SAE_DPP ||
1035 akm == DPP_AKM_PSK_SAE_DPP;
1036 }
1037
1038
dpp_akm_ver2(enum dpp_akm akm)1039 int dpp_akm_ver2(enum dpp_akm akm)
1040 {
1041 return akm == DPP_AKM_SAE_DPP || akm == DPP_AKM_PSK_SAE_DPP;
1042 }
1043
1044
dpp_configuration_valid(const struct dpp_configuration * conf)1045 int dpp_configuration_valid(const struct dpp_configuration *conf)
1046 {
1047 if (conf->ssid_len == 0)
1048 return 0;
1049 if (dpp_akm_psk(conf->akm) && !conf->passphrase && !conf->psk_set)
1050 return 0;
1051 if (dpp_akm_sae(conf->akm) && !conf->passphrase)
1052 return 0;
1053 return 1;
1054 }
1055
1056
dpp_configuration_free(struct dpp_configuration * conf)1057 void dpp_configuration_free(struct dpp_configuration *conf)
1058 {
1059 if (!conf)
1060 return;
1061 str_clear_free(conf->passphrase);
1062 os_free(conf->group_id);
1063 os_free(conf->csrattrs);
1064 bin_clear_free(conf, sizeof(*conf));
1065 }
1066
1067
dpp_configuration_parse_helper(struct dpp_authentication * auth,const char * cmd,int idx)1068 static int dpp_configuration_parse_helper(struct dpp_authentication *auth,
1069 const char *cmd, int idx)
1070 {
1071 const char *pos, *end;
1072 struct dpp_configuration *conf_sta = NULL, *conf_ap = NULL;
1073 struct dpp_configuration *conf = NULL;
1074 size_t len;
1075
1076 pos = os_strstr(cmd, " conf=sta-");
1077 if (pos) {
1078 conf_sta = dpp_configuration_alloc(pos + 10);
1079 if (!conf_sta)
1080 goto fail;
1081 conf_sta->netrole = DPP_NETROLE_STA;
1082 conf = conf_sta;
1083 }
1084
1085 pos = os_strstr(cmd, " conf=ap-");
1086 if (pos) {
1087 conf_ap = dpp_configuration_alloc(pos + 9);
1088 if (!conf_ap)
1089 goto fail;
1090 conf_ap->netrole = DPP_NETROLE_AP;
1091 conf = conf_ap;
1092 }
1093
1094 pos = os_strstr(cmd, " conf=configurator");
1095 if (pos)
1096 auth->provision_configurator = 1;
1097
1098 if (!conf)
1099 return 0;
1100
1101 pos = os_strstr(cmd, " ssid=");
1102 if (pos) {
1103 pos += 6;
1104 end = os_strchr(pos, ' ');
1105 conf->ssid_len = end ? (size_t) (end - pos) : os_strlen(pos);
1106 conf->ssid_len /= 2;
1107 if (conf->ssid_len > sizeof(conf->ssid) ||
1108 hexstr2bin(pos, conf->ssid, conf->ssid_len) < 0)
1109 goto fail;
1110 } else {
1111 #ifdef CONFIG_TESTING_OPTIONS
1112 /* use a default SSID for legacy testing reasons */
1113 os_memcpy(conf->ssid, "test", 4);
1114 conf->ssid_len = 4;
1115 #else /* CONFIG_TESTING_OPTIONS */
1116 goto fail;
1117 #endif /* CONFIG_TESTING_OPTIONS */
1118 }
1119
1120 pos = os_strstr(cmd, " ssid_charset=");
1121 if (pos) {
1122 if (conf_ap) {
1123 wpa_printf(MSG_INFO,
1124 "DPP: ssid64 option (ssid_charset param) not allowed for AP enrollee");
1125 goto fail;
1126 }
1127 conf->ssid_charset = atoi(pos + 14);
1128 }
1129
1130 pos = os_strstr(cmd, " pass=");
1131 if (pos) {
1132 size_t pass_len;
1133
1134 pos += 6;
1135 end = os_strchr(pos, ' ');
1136 pass_len = end ? (size_t) (end - pos) : os_strlen(pos);
1137 pass_len /= 2;
1138 if (pass_len > 63 || pass_len < 8)
1139 goto fail;
1140 conf->passphrase = os_zalloc(pass_len + 1);
1141 if (!conf->passphrase ||
1142 hexstr2bin(pos, (u8 *) conf->passphrase, pass_len) < 0)
1143 goto fail;
1144 }
1145
1146 pos = os_strstr(cmd, " psk=");
1147 if (pos) {
1148 pos += 5;
1149 if (hexstr2bin(pos, conf->psk, PMK_LEN) < 0)
1150 goto fail;
1151 conf->psk_set = 1;
1152 }
1153
1154 pos = os_strstr(cmd, " group_id=");
1155 if (pos) {
1156 size_t group_id_len;
1157
1158 pos += 10;
1159 end = os_strchr(pos, ' ');
1160 group_id_len = end ? (size_t) (end - pos) : os_strlen(pos);
1161 conf->group_id = os_malloc(group_id_len + 1);
1162 if (!conf->group_id)
1163 goto fail;
1164 os_memcpy(conf->group_id, pos, group_id_len);
1165 conf->group_id[group_id_len] = '\0';
1166 }
1167
1168 pos = os_strstr(cmd, " expiry=");
1169 if (pos) {
1170 long int val;
1171
1172 pos += 8;
1173 val = strtol(pos, NULL, 0);
1174 if (val <= 0)
1175 goto fail;
1176 conf->netaccesskey_expiry = val;
1177 }
1178
1179 pos = os_strstr(cmd, " csrattrs=");
1180 if (pos) {
1181 pos += 10;
1182 end = os_strchr(pos, ' ');
1183 len = end ? (size_t) (end - pos) : os_strlen(pos);
1184 conf->csrattrs = os_zalloc(len + 1);
1185 if (!conf->csrattrs)
1186 goto fail;
1187 os_memcpy(conf->csrattrs, pos, len);
1188 }
1189
1190 if (!dpp_configuration_valid(conf))
1191 goto fail;
1192
1193 if (idx == 0) {
1194 auth->conf_sta = conf_sta;
1195 auth->conf_ap = conf_ap;
1196 } else if (idx == 1) {
1197 auth->conf2_sta = conf_sta;
1198 auth->conf2_ap = conf_ap;
1199 } else {
1200 goto fail;
1201 }
1202 return 0;
1203
1204 fail:
1205 dpp_configuration_free(conf_sta);
1206 dpp_configuration_free(conf_ap);
1207 return -1;
1208 }
1209
1210
dpp_configuration_parse(struct dpp_authentication * auth,const char * cmd)1211 static int dpp_configuration_parse(struct dpp_authentication *auth,
1212 const char *cmd)
1213 {
1214 const char *pos;
1215 char *tmp;
1216 size_t len;
1217 int res;
1218
1219 pos = os_strstr(cmd, " @CONF-OBJ-SEP@ ");
1220 if (!pos)
1221 return dpp_configuration_parse_helper(auth, cmd, 0);
1222
1223 len = pos - cmd;
1224 tmp = os_malloc(len + 1);
1225 if (!tmp)
1226 goto fail;
1227 os_memcpy(tmp, cmd, len);
1228 tmp[len] = '\0';
1229 res = dpp_configuration_parse_helper(auth, cmd, 0);
1230 str_clear_free(tmp);
1231 if (res)
1232 goto fail;
1233 res = dpp_configuration_parse_helper(auth, cmd + len, 1);
1234 if (res)
1235 goto fail;
1236 return 0;
1237 fail:
1238 dpp_configuration_free(auth->conf_sta);
1239 dpp_configuration_free(auth->conf2_sta);
1240 dpp_configuration_free(auth->conf_ap);
1241 dpp_configuration_free(auth->conf2_ap);
1242 return -1;
1243 }
1244
1245
1246 static struct dpp_configurator *
dpp_configurator_get_id(struct dpp_global * dpp,unsigned int id)1247 dpp_configurator_get_id(struct dpp_global *dpp, unsigned int id)
1248 {
1249 struct dpp_configurator *conf;
1250
1251 if (!dpp)
1252 return NULL;
1253
1254 dl_list_for_each(conf, &dpp->configurator,
1255 struct dpp_configurator, list) {
1256 if (conf->id == id)
1257 return conf;
1258 }
1259 return NULL;
1260 }
1261
1262
dpp_set_configurator(struct dpp_authentication * auth,const char * cmd)1263 int dpp_set_configurator(struct dpp_authentication *auth, const char *cmd)
1264 {
1265 const char *pos;
1266 char *tmp = NULL;
1267 int ret = -1;
1268
1269 if (!cmd || auth->configurator_set)
1270 return 0;
1271 auth->configurator_set = 1;
1272
1273 if (cmd[0] != ' ') {
1274 size_t len;
1275
1276 len = os_strlen(cmd);
1277 tmp = os_malloc(len + 2);
1278 if (!tmp)
1279 goto fail;
1280 tmp[0] = ' ';
1281 os_memcpy(tmp + 1, cmd, len + 1);
1282 cmd = tmp;
1283 }
1284
1285 wpa_printf(MSG_DEBUG, "DPP: Set configurator parameters: %s", cmd);
1286
1287 if (os_strstr(cmd, " conf=query")) {
1288 auth->configurator_set = 0;
1289 auth->use_config_query = true;
1290 ret = 0;
1291 goto fail;
1292 }
1293
1294 pos = os_strstr(cmd, " configurator=");
1295 if (!auth->conf && pos) {
1296 pos += 14;
1297 auth->conf = dpp_configurator_get_id(auth->global, atoi(pos));
1298 if (!auth->conf) {
1299 wpa_printf(MSG_INFO,
1300 "DPP: Could not find the specified configurator");
1301 goto fail;
1302 }
1303 }
1304
1305 pos = os_strstr(cmd, " conn_status=");
1306 if (pos) {
1307 pos += 13;
1308 auth->send_conn_status = atoi(pos);
1309 }
1310
1311 pos = os_strstr(cmd, " akm_use_selector=");
1312 if (pos) {
1313 pos += 18;
1314 auth->akm_use_selector = atoi(pos);
1315 }
1316
1317 if (dpp_configuration_parse(auth, cmd) < 0) {
1318 wpa_msg(auth->msg_ctx, MSG_INFO,
1319 "DPP: Failed to set configurator parameters");
1320 goto fail;
1321 }
1322 ret = 0;
1323 fail:
1324 os_free(tmp);
1325 return ret;
1326 }
1327
1328
dpp_auth_deinit(struct dpp_authentication * auth)1329 void dpp_auth_deinit(struct dpp_authentication *auth)
1330 {
1331 unsigned int i;
1332
1333 if (!auth)
1334 return;
1335 dpp_configuration_free(auth->conf_ap);
1336 dpp_configuration_free(auth->conf2_ap);
1337 dpp_configuration_free(auth->conf_sta);
1338 dpp_configuration_free(auth->conf2_sta);
1339 crypto_ec_key_deinit(auth->own_protocol_key);
1340 crypto_ec_key_deinit(auth->peer_protocol_key);
1341 crypto_ec_key_deinit(auth->reconfig_old_protocol_key);
1342 wpabuf_free(auth->req_msg);
1343 wpabuf_free(auth->resp_msg);
1344 wpabuf_free(auth->conf_req);
1345 wpabuf_free(auth->reconfig_req_msg);
1346 wpabuf_free(auth->reconfig_resp_msg);
1347 for (i = 0; i < auth->num_conf_obj; i++) {
1348 struct dpp_config_obj *conf = &auth->conf_obj[i];
1349
1350 os_free(conf->connector);
1351 wpabuf_free(conf->c_sign_key);
1352 wpabuf_free(conf->certbag);
1353 wpabuf_free(conf->certs);
1354 wpabuf_free(conf->cacert);
1355 os_free(conf->server_name);
1356 wpabuf_free(conf->pp_key);
1357 }
1358 #ifdef CONFIG_DPP2
1359 dpp_free_asymmetric_key(auth->conf_key_pkg);
1360 os_free(auth->csrattrs);
1361 wpabuf_free(auth->csr);
1362 wpabuf_free(auth->priv_key);
1363 wpabuf_free(auth->cacert);
1364 wpabuf_free(auth->certbag);
1365 os_free(auth->trusted_eap_server_name);
1366 wpabuf_free(auth->conf_resp_tcp);
1367 #endif /* CONFIG_DPP2 */
1368 wpabuf_free(auth->net_access_key);
1369 dpp_bootstrap_info_free(auth->tmp_own_bi);
1370 if (auth->tmp_peer_bi) {
1371 dl_list_del(&auth->tmp_peer_bi->list);
1372 dpp_bootstrap_info_free(auth->tmp_peer_bi);
1373 }
1374 os_free(auth->e_name);
1375 os_free(auth->e_mud_url);
1376 os_free(auth->e_band_support);
1377 #ifdef CONFIG_TESTING_OPTIONS
1378 os_free(auth->config_obj_override);
1379 os_free(auth->discovery_override);
1380 os_free(auth->groups_override);
1381 #endif /* CONFIG_TESTING_OPTIONS */
1382 bin_clear_free(auth, sizeof(*auth));
1383 }
1384
1385
1386 static struct wpabuf *
dpp_build_conf_start(struct dpp_authentication * auth,struct dpp_configuration * conf,size_t tailroom)1387 dpp_build_conf_start(struct dpp_authentication *auth,
1388 struct dpp_configuration *conf, size_t tailroom)
1389 {
1390 struct wpabuf *buf;
1391
1392 #ifdef CONFIG_TESTING_OPTIONS
1393 if (auth->discovery_override)
1394 tailroom += os_strlen(auth->discovery_override);
1395 #endif /* CONFIG_TESTING_OPTIONS */
1396
1397 buf = wpabuf_alloc(200 + tailroom);
1398 if (!buf)
1399 return NULL;
1400 json_start_object(buf, NULL);
1401 json_add_string(buf, "wi-fi_tech", "infra");
1402 json_value_sep(buf);
1403 #ifdef CONFIG_TESTING_OPTIONS
1404 if (auth->discovery_override) {
1405 wpa_printf(MSG_DEBUG, "DPP: TESTING - discovery override: '%s'",
1406 auth->discovery_override);
1407 wpabuf_put_str(buf, "\"discovery\":");
1408 wpabuf_put_str(buf, auth->discovery_override);
1409 json_value_sep(buf);
1410 return buf;
1411 }
1412 #endif /* CONFIG_TESTING_OPTIONS */
1413 json_start_object(buf, "discovery");
1414 if (((!conf->ssid_charset || auth->peer_version < 2) &&
1415 json_add_string_escape(buf, "ssid", conf->ssid,
1416 conf->ssid_len) < 0) ||
1417 ((conf->ssid_charset && auth->peer_version >= 2) &&
1418 json_add_base64url(buf, "ssid64", conf->ssid,
1419 conf->ssid_len) < 0)) {
1420 wpabuf_free(buf);
1421 return NULL;
1422 }
1423 if (conf->ssid_charset > 0) {
1424 json_value_sep(buf);
1425 json_add_int(buf, "ssid_charset", conf->ssid_charset);
1426 }
1427 json_end_object(buf);
1428 json_value_sep(buf);
1429
1430 return buf;
1431 }
1432
1433
dpp_build_jwk(struct wpabuf * buf,const char * name,struct crypto_ec_key * key,const char * kid,const struct dpp_curve_params * curve)1434 int dpp_build_jwk(struct wpabuf *buf, const char *name,
1435 struct crypto_ec_key *key, const char *kid,
1436 const struct dpp_curve_params *curve)
1437 {
1438 struct wpabuf *pub;
1439 const u8 *pos;
1440 int ret = -1;
1441
1442 pub = crypto_ec_key_get_pubkey_point(key, 0);
1443 if (!pub)
1444 goto fail;
1445
1446 json_start_object(buf, name);
1447 json_add_string(buf, "kty", "EC");
1448 json_value_sep(buf);
1449 json_add_string(buf, "crv", curve->jwk_crv);
1450 json_value_sep(buf);
1451 pos = wpabuf_head(pub);
1452 if (json_add_base64url(buf, "x", pos, curve->prime_len) < 0)
1453 goto fail;
1454 json_value_sep(buf);
1455 pos += curve->prime_len;
1456 if (json_add_base64url(buf, "y", pos, curve->prime_len) < 0)
1457 goto fail;
1458 if (kid) {
1459 json_value_sep(buf);
1460 json_add_string(buf, "kid", kid);
1461 }
1462 json_end_object(buf);
1463 ret = 0;
1464 fail:
1465 wpabuf_free(pub);
1466 return ret;
1467 }
1468
1469
dpp_build_legacy_cred_params(struct wpabuf * buf,struct dpp_configuration * conf)1470 static void dpp_build_legacy_cred_params(struct wpabuf *buf,
1471 struct dpp_configuration *conf)
1472 {
1473 if (conf->passphrase && os_strlen(conf->passphrase) < 64) {
1474 json_add_string_escape(buf, "pass", conf->passphrase,
1475 os_strlen(conf->passphrase));
1476 } else if (conf->psk_set) {
1477 char psk[2 * sizeof(conf->psk) + 1];
1478
1479 wpa_snprintf_hex(psk, sizeof(psk),
1480 conf->psk, sizeof(conf->psk));
1481 json_add_string(buf, "psk_hex", psk);
1482 forced_memzero(psk, sizeof(psk));
1483 }
1484 }
1485
1486
dpp_netrole_str(enum dpp_netrole netrole)1487 const char * dpp_netrole_str(enum dpp_netrole netrole)
1488 {
1489 switch (netrole) {
1490 case DPP_NETROLE_STA:
1491 return "sta";
1492 case DPP_NETROLE_AP:
1493 return "ap";
1494 case DPP_NETROLE_CONFIGURATOR:
1495 return "configurator";
1496 default:
1497 return "??";
1498 }
1499 }
1500
1501
1502 static struct wpabuf *
dpp_build_conf_obj_dpp(struct dpp_authentication * auth,struct dpp_configuration * conf)1503 dpp_build_conf_obj_dpp(struct dpp_authentication *auth,
1504 struct dpp_configuration *conf)
1505 {
1506 struct wpabuf *buf = NULL;
1507 char *signed_conn = NULL;
1508 size_t tailroom;
1509 const struct dpp_curve_params *curve; /* C-sign-key curve */
1510 const struct dpp_curve_params *nak_curve; /* netAccessKey curve */
1511 struct wpabuf *dppcon = NULL;
1512 size_t extra_len = 1000;
1513 int incl_legacy;
1514 enum dpp_akm akm;
1515 const char *akm_str;
1516
1517 if (!auth->conf) {
1518 wpa_printf(MSG_INFO,
1519 "DPP: No configurator specified - cannot generate DPP config object");
1520 goto fail;
1521 }
1522 curve = auth->conf->curve;
1523 if (auth->new_curve && auth->new_key_received)
1524 nak_curve = auth->new_curve;
1525 else
1526 nak_curve = auth->curve;
1527
1528 akm = conf->akm;
1529 if (dpp_akm_ver2(akm) && auth->peer_version < 2) {
1530 wpa_printf(MSG_DEBUG,
1531 "DPP: Convert DPP+legacy credential to DPP-only for peer that does not support version 2");
1532 akm = DPP_AKM_DPP;
1533 }
1534
1535 #ifdef CONFIG_TESTING_OPTIONS
1536 if (auth->groups_override)
1537 extra_len += os_strlen(auth->groups_override);
1538 #endif /* CONFIG_TESTING_OPTIONS */
1539
1540 if (conf->group_id)
1541 extra_len += os_strlen(conf->group_id);
1542
1543 /* Connector (JSON dppCon object) */
1544 dppcon = wpabuf_alloc(extra_len + 2 * nak_curve->prime_len * 4 / 3);
1545 if (!dppcon)
1546 goto fail;
1547 #ifdef CONFIG_TESTING_OPTIONS
1548 if (auth->groups_override) {
1549 wpabuf_put_u8(dppcon, '{');
1550 if (auth->groups_override) {
1551 wpa_printf(MSG_DEBUG,
1552 "DPP: TESTING - groups override: '%s'",
1553 auth->groups_override);
1554 wpabuf_put_str(dppcon, "\"groups\":");
1555 wpabuf_put_str(dppcon, auth->groups_override);
1556 json_value_sep(dppcon);
1557 }
1558 goto skip_groups;
1559 }
1560 #endif /* CONFIG_TESTING_OPTIONS */
1561 json_start_object(dppcon, NULL);
1562 json_start_array(dppcon, "groups");
1563 json_start_object(dppcon, NULL);
1564 json_add_string(dppcon, "groupId",
1565 conf->group_id ? conf->group_id : "*");
1566 json_value_sep(dppcon);
1567 json_add_string(dppcon, "netRole", dpp_netrole_str(conf->netrole));
1568 json_end_object(dppcon);
1569 json_end_array(dppcon);
1570 json_value_sep(dppcon);
1571 #ifdef CONFIG_TESTING_OPTIONS
1572 skip_groups:
1573 #endif /* CONFIG_TESTING_OPTIONS */
1574 if (!auth->peer_protocol_key) {
1575 wpa_printf(MSG_DEBUG,
1576 "DPP: No peer protocol key available to build netAccessKey JWK");
1577 goto fail;
1578 }
1579 #ifdef CONFIG_DPP3
1580 if (auth->conf->net_access_key_curve &&
1581 auth->curve != auth->conf->net_access_key_curve &&
1582 !auth->new_key_received) {
1583 wpa_printf(MSG_DEBUG,
1584 "DPP: Peer protocol key curve (%s) does not match the required netAccessKey curve (%s) - %s",
1585 auth->curve->name,
1586 auth->conf->net_access_key_curve->name,
1587 auth->waiting_new_key ?
1588 "the required key not received" :
1589 "request a new key");
1590 if (auth->waiting_new_key)
1591 auth->waiting_new_key = false; /* failed */
1592 else
1593 auth->waiting_new_key = true;
1594 goto fail;
1595 }
1596 #endif /* CONFIG_DPP3 */
1597 if (dpp_build_jwk(dppcon, "netAccessKey", auth->peer_protocol_key, NULL,
1598 nak_curve) < 0) {
1599 wpa_printf(MSG_DEBUG, "DPP: Failed to build netAccessKey JWK");
1600 goto fail;
1601 }
1602 if (conf->netaccesskey_expiry) {
1603 struct os_tm tm;
1604 char expiry[30];
1605
1606 if (os_gmtime(conf->netaccesskey_expiry, &tm) < 0) {
1607 wpa_printf(MSG_DEBUG,
1608 "DPP: Failed to generate expiry string");
1609 goto fail;
1610 }
1611 os_snprintf(expiry, sizeof(expiry),
1612 "%04u-%02u-%02uT%02u:%02u:%02uZ",
1613 tm.year, tm.month, tm.day,
1614 tm.hour, tm.min, tm.sec);
1615 json_value_sep(dppcon);
1616 json_add_string(dppcon, "expiry", expiry);
1617 }
1618 #ifdef CONFIG_DPP3
1619 json_value_sep(dppcon);
1620 json_add_int(dppcon, "version", auth->peer_version);
1621 #endif /* CONFIG_DPP3 */
1622 json_end_object(dppcon);
1623 wpa_printf(MSG_DEBUG, "DPP: dppCon: %s",
1624 (const char *) wpabuf_head(dppcon));
1625
1626 signed_conn = dpp_sign_connector(auth->conf, dppcon);
1627 if (!signed_conn)
1628 goto fail;
1629
1630 incl_legacy = dpp_akm_psk(akm) || dpp_akm_sae(akm);
1631 tailroom = 1000;
1632 tailroom += 2 * curve->prime_len * 4 / 3 + os_strlen(auth->conf->kid);
1633 tailroom += os_strlen(signed_conn);
1634 if (incl_legacy)
1635 tailroom += 1000;
1636 if (akm == DPP_AKM_DOT1X) {
1637 if (auth->certbag)
1638 tailroom += 2 * wpabuf_len(auth->certbag);
1639 if (auth->cacert)
1640 tailroom += 2 * wpabuf_len(auth->cacert);
1641 if (auth->trusted_eap_server_name)
1642 tailroom += os_strlen(auth->trusted_eap_server_name);
1643 tailroom += 1000;
1644 }
1645 buf = dpp_build_conf_start(auth, conf, tailroom);
1646 if (!buf)
1647 goto fail;
1648
1649 if (auth->akm_use_selector && dpp_akm_ver2(akm))
1650 akm_str = dpp_akm_selector_str(akm);
1651 else
1652 akm_str = dpp_akm_str(akm);
1653 json_start_object(buf, "cred");
1654 json_add_string(buf, "akm", akm_str);
1655 json_value_sep(buf);
1656 if (incl_legacy) {
1657 dpp_build_legacy_cred_params(buf, conf);
1658 json_value_sep(buf);
1659 }
1660 if (akm == DPP_AKM_DOT1X) {
1661 json_start_object(buf, "entCreds");
1662 if (!auth->certbag)
1663 goto fail;
1664 json_add_base64(buf, "certBag", wpabuf_head(auth->certbag),
1665 wpabuf_len(auth->certbag));
1666 if (auth->cacert) {
1667 json_value_sep(buf);
1668 json_add_base64(buf, "caCert",
1669 wpabuf_head(auth->cacert),
1670 wpabuf_len(auth->cacert));
1671 }
1672 if (auth->trusted_eap_server_name) {
1673 json_value_sep(buf);
1674 json_add_string(buf, "trustedEapServerName",
1675 auth->trusted_eap_server_name);
1676 }
1677 json_value_sep(buf);
1678 json_start_array(buf, "eapMethods");
1679 wpabuf_printf(buf, "%d", EAP_TYPE_TLS);
1680 json_end_array(buf);
1681 json_end_object(buf);
1682 json_value_sep(buf);
1683 }
1684 wpabuf_put_str(buf, "\"signedConnector\":\"");
1685 wpabuf_put_str(buf, signed_conn);
1686 wpabuf_put_str(buf, "\"");
1687 json_value_sep(buf);
1688 if (dpp_build_jwk(buf, "csign", auth->conf->csign, auth->conf->kid,
1689 curve) < 0) {
1690 wpa_printf(MSG_DEBUG, "DPP: Failed to build csign JWK");
1691 goto fail;
1692 }
1693 #ifdef CONFIG_DPP2
1694 if (auth->peer_version >= 2 && auth->conf->pp_key) {
1695 json_value_sep(buf);
1696 if (dpp_build_jwk(buf, "ppKey", auth->conf->pp_key, NULL,
1697 curve) < 0) {
1698 wpa_printf(MSG_DEBUG, "DPP: Failed to build ppKey JWK");
1699 goto fail;
1700 }
1701 }
1702 #endif /* CONFIG_DPP2 */
1703
1704 json_end_object(buf);
1705 json_end_object(buf);
1706
1707 wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object",
1708 wpabuf_head(buf), wpabuf_len(buf));
1709
1710 #ifdef CONFIG_DPP3
1711 if (!auth->conf->net_access_key_curve) {
1712 /* All netAccessKey values used in the network will have to be
1713 * from the same curve for network introduction to work, so
1714 * hardcode the first used netAccessKey curve for consecutive
1715 * operations if there was no explicit configuration of which
1716 * curve to use. */
1717 wpa_printf(MSG_DEBUG,
1718 "DPP: Update Configurator to require netAccessKey curve %s based on first provisioning",
1719 nak_curve->name);
1720 auth->conf->net_access_key_curve = nak_curve;
1721 }
1722 #endif /* CONFIG_DPP3 */
1723
1724 out:
1725 os_free(signed_conn);
1726 wpabuf_free(dppcon);
1727 return buf;
1728 fail:
1729 wpa_printf(MSG_DEBUG, "DPP: Failed to build configuration object");
1730 wpabuf_free(buf);
1731 buf = NULL;
1732 goto out;
1733 }
1734
1735
1736 static struct wpabuf *
dpp_build_conf_obj_legacy(struct dpp_authentication * auth,struct dpp_configuration * conf)1737 dpp_build_conf_obj_legacy(struct dpp_authentication *auth,
1738 struct dpp_configuration *conf)
1739 {
1740 struct wpabuf *buf;
1741 const char *akm_str;
1742
1743 buf = dpp_build_conf_start(auth, conf, 1000);
1744 if (!buf)
1745 return NULL;
1746
1747 if (auth->akm_use_selector && dpp_akm_ver2(conf->akm))
1748 akm_str = dpp_akm_selector_str(conf->akm);
1749 else
1750 akm_str = dpp_akm_str(conf->akm);
1751 json_start_object(buf, "cred");
1752 json_add_string(buf, "akm", akm_str);
1753 json_value_sep(buf);
1754 dpp_build_legacy_cred_params(buf, conf);
1755 json_end_object(buf);
1756 json_end_object(buf);
1757
1758 wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Configuration Object (legacy)",
1759 wpabuf_head(buf), wpabuf_len(buf));
1760
1761 return buf;
1762 }
1763
1764
dpp_get_peer_bi_id(struct dpp_authentication * auth)1765 static int dpp_get_peer_bi_id(struct dpp_authentication *auth)
1766 {
1767 struct dpp_bootstrap_info *bi;
1768
1769 if (auth->peer_bi)
1770 return auth->peer_bi->id;
1771 if (auth->tmp_peer_bi)
1772 return auth->tmp_peer_bi->id;
1773
1774 bi = os_zalloc(sizeof(*bi));
1775 if (!bi)
1776 return -1;
1777 bi->id = dpp_next_id(auth->global);
1778 dl_list_add(&auth->global->bootstrap, &bi->list);
1779 auth->tmp_peer_bi = bi;
1780 return bi->id;
1781 }
1782
1783
1784 static struct wpabuf *
dpp_build_conf_obj(struct dpp_authentication * auth,enum dpp_netrole netrole,int idx,bool cert_req)1785 dpp_build_conf_obj(struct dpp_authentication *auth, enum dpp_netrole netrole,
1786 int idx, bool cert_req)
1787 {
1788 struct dpp_configuration *conf = NULL;
1789
1790 #ifdef CONFIG_TESTING_OPTIONS
1791 if (auth->config_obj_override) {
1792 if (idx != 0)
1793 return NULL;
1794 wpa_printf(MSG_DEBUG, "DPP: Testing - Config Object override");
1795 return wpabuf_alloc_copy(auth->config_obj_override,
1796 os_strlen(auth->config_obj_override));
1797 }
1798 #endif /* CONFIG_TESTING_OPTIONS */
1799
1800 if (idx == 0) {
1801 if (netrole == DPP_NETROLE_STA)
1802 conf = auth->conf_sta;
1803 else if (netrole == DPP_NETROLE_AP)
1804 conf = auth->conf_ap;
1805 } else if (idx == 1) {
1806 if (netrole == DPP_NETROLE_STA)
1807 conf = auth->conf2_sta;
1808 else if (netrole == DPP_NETROLE_AP)
1809 conf = auth->conf2_ap;
1810 }
1811 if (!conf) {
1812 if (idx == 0) {
1813 if (auth->use_config_query) {
1814 wpa_printf(MSG_DEBUG,
1815 "DPP: No configuration available for Enrollee(%s) - waiting for configuration",
1816 dpp_netrole_str(netrole));
1817 auth->waiting_config = true;
1818 dpp_get_peer_bi_id(auth);
1819 return NULL;
1820 }
1821 wpa_printf(MSG_DEBUG,
1822 "DPP: No configuration available for Enrollee(%s) - reject configuration request",
1823 dpp_netrole_str(netrole));
1824 }
1825 return NULL;
1826 }
1827
1828 if (conf->akm == DPP_AKM_DOT1X) {
1829 if (!auth->conf) {
1830 wpa_printf(MSG_DEBUG,
1831 "DPP: No Configurator data available");
1832 return NULL;
1833 }
1834 if (!cert_req && !auth->certbag) {
1835 wpa_printf(MSG_DEBUG,
1836 "DPP: No certificate data available for dot1x configuration");
1837 return NULL;
1838 }
1839 return dpp_build_conf_obj_dpp(auth, conf);
1840 }
1841 if (dpp_akm_dpp(conf->akm) || (auth->peer_version >= 2 && auth->conf))
1842 return dpp_build_conf_obj_dpp(auth, conf);
1843 return dpp_build_conf_obj_legacy(auth, conf);
1844 }
1845
1846
1847 struct wpabuf *
dpp_build_conf_resp(struct dpp_authentication * auth,const u8 * e_nonce,u16 e_nonce_len,enum dpp_netrole netrole,bool cert_req)1848 dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce,
1849 u16 e_nonce_len, enum dpp_netrole netrole, bool cert_req)
1850 {
1851 struct wpabuf *conf = NULL, *conf2 = NULL, *env_data = NULL, *pc = NULL;
1852 size_t clear_len, attr_len;
1853 struct wpabuf *clear = NULL, *msg = NULL;
1854 u8 *wrapped;
1855 const u8 *addr[1];
1856 size_t len[1];
1857 enum dpp_status_error status;
1858
1859 if (auth->force_conf_resp_status != DPP_STATUS_OK) {
1860 status = auth->force_conf_resp_status;
1861 goto forced_status;
1862 }
1863
1864 if (netrole == DPP_NETROLE_CONFIGURATOR) {
1865 #ifdef CONFIG_DPP2
1866 env_data = dpp_build_enveloped_data(auth);
1867 #endif /* CONFIG_DPP2 */
1868 } else {
1869 conf = dpp_build_conf_obj(auth, netrole, 0, cert_req);
1870 if (conf) {
1871 wpa_hexdump_ascii(MSG_DEBUG,
1872 "DPP: configurationObject JSON",
1873 wpabuf_head(conf), wpabuf_len(conf));
1874 conf2 = dpp_build_conf_obj(auth, netrole, 1, cert_req);
1875 }
1876 }
1877
1878 if (!conf && auth->waiting_config)
1879 return NULL;
1880 if (conf || env_data)
1881 status = DPP_STATUS_OK;
1882 else if (!cert_req && netrole == DPP_NETROLE_STA && auth->conf_sta &&
1883 auth->conf_sta->akm == DPP_AKM_DOT1X && !auth->waiting_csr)
1884 status = DPP_STATUS_CSR_NEEDED;
1885 #ifdef CONFIG_DPP3
1886 else if (auth->waiting_new_key)
1887 status = DPP_STATUS_NEW_KEY_NEEDED;
1888 #endif /* CONFIG_DPP3 */
1889 else
1890 status = DPP_STATUS_CONFIGURE_FAILURE;
1891 forced_status:
1892 auth->conf_resp_status = status;
1893
1894 /* { E-nonce, configurationObject[, sendConnStatus]}ke */
1895 clear_len = 4 + e_nonce_len;
1896 if (conf)
1897 clear_len += 4 + wpabuf_len(conf);
1898 if (conf2)
1899 clear_len += 4 + wpabuf_len(conf2);
1900 if (env_data)
1901 clear_len += 4 + wpabuf_len(env_data);
1902 if (auth->peer_version >= 2 && auth->send_conn_status &&
1903 netrole == DPP_NETROLE_STA)
1904 clear_len += 4;
1905 if (status == DPP_STATUS_CSR_NEEDED && auth->conf_sta &&
1906 auth->conf_sta->csrattrs)
1907 clear_len += 4 + os_strlen(auth->conf_sta->csrattrs);
1908 #ifdef CONFIG_DPP3
1909 if (status == DPP_STATUS_NEW_KEY_NEEDED) {
1910 struct crypto_ec_key *new_pc;
1911
1912 clear_len += 6; /* Finite Cyclic Group attribute */
1913
1914 wpa_printf(MSG_DEBUG,
1915 "DPP: Generate a new own protocol key for the curve %s",
1916 auth->conf->net_access_key_curve->name);
1917 new_pc = dpp_gen_keypair(auth->conf->net_access_key_curve);
1918 if (!new_pc) {
1919 wpa_printf(MSG_DEBUG, "DPP: Failed to generate new Pc");
1920 return NULL;
1921 }
1922 pc = crypto_ec_key_get_pubkey_point(new_pc, 0);
1923 if (!pc) {
1924 crypto_ec_key_deinit(new_pc);
1925 return NULL;
1926 }
1927 crypto_ec_key_deinit(auth->own_protocol_key);
1928 auth->own_protocol_key = new_pc;
1929 auth->new_curve = auth->conf->net_access_key_curve;
1930 clear_len += 4 + wpabuf_len(pc);
1931 }
1932 #endif /* CONFIG_DPP3 */
1933 clear = wpabuf_alloc(clear_len);
1934 attr_len = 4 + 1 + 4 + clear_len + AES_BLOCK_SIZE;
1935 #ifdef CONFIG_TESTING_OPTIONS
1936 if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP)
1937 attr_len += 5;
1938 #endif /* CONFIG_TESTING_OPTIONS */
1939 msg = wpabuf_alloc(attr_len);
1940 if (!clear || !msg)
1941 goto fail;
1942
1943 #ifdef CONFIG_TESTING_OPTIONS
1944 if (dpp_test == DPP_TEST_NO_E_NONCE_CONF_RESP) {
1945 wpa_printf(MSG_INFO, "DPP: TESTING - no E-nonce");
1946 goto skip_e_nonce;
1947 }
1948 if (dpp_test == DPP_TEST_E_NONCE_MISMATCH_CONF_RESP) {
1949 wpa_printf(MSG_INFO, "DPP: TESTING - E-nonce mismatch");
1950 wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
1951 wpabuf_put_le16(clear, e_nonce_len);
1952 wpabuf_put_data(clear, e_nonce, e_nonce_len - 1);
1953 wpabuf_put_u8(clear, e_nonce[e_nonce_len - 1] ^ 0x01);
1954 goto skip_e_nonce;
1955 }
1956 if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_CONF_RESP) {
1957 wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
1958 goto skip_wrapped_data;
1959 }
1960 #endif /* CONFIG_TESTING_OPTIONS */
1961
1962 /* E-nonce */
1963 wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
1964 wpabuf_put_le16(clear, e_nonce_len);
1965 wpabuf_put_data(clear, e_nonce, e_nonce_len);
1966
1967 #ifdef CONFIG_TESTING_OPTIONS
1968 skip_e_nonce:
1969 if (dpp_test == DPP_TEST_NO_CONFIG_OBJ_CONF_RESP) {
1970 wpa_printf(MSG_INFO, "DPP: TESTING - Config Object");
1971 goto skip_config_obj;
1972 }
1973 #endif /* CONFIG_TESTING_OPTIONS */
1974
1975 if (conf) {
1976 wpabuf_put_le16(clear, DPP_ATTR_CONFIG_OBJ);
1977 wpabuf_put_le16(clear, wpabuf_len(conf));
1978 wpabuf_put_buf(clear, conf);
1979 }
1980 if (auth->peer_version >= 2 && conf2) {
1981 wpabuf_put_le16(clear, DPP_ATTR_CONFIG_OBJ);
1982 wpabuf_put_le16(clear, wpabuf_len(conf2));
1983 wpabuf_put_buf(clear, conf2);
1984 } else if (conf2) {
1985 wpa_printf(MSG_DEBUG,
1986 "DPP: Second Config Object available, but peer does not support more than one");
1987 }
1988 if (env_data) {
1989 wpabuf_put_le16(clear, DPP_ATTR_ENVELOPED_DATA);
1990 wpabuf_put_le16(clear, wpabuf_len(env_data));
1991 wpabuf_put_buf(clear, env_data);
1992 }
1993
1994 if (auth->peer_version >= 2 && auth->send_conn_status &&
1995 netrole == DPP_NETROLE_STA && status == DPP_STATUS_OK) {
1996 wpa_printf(MSG_DEBUG, "DPP: sendConnStatus");
1997 wpabuf_put_le16(clear, DPP_ATTR_SEND_CONN_STATUS);
1998 wpabuf_put_le16(clear, 0);
1999 }
2000
2001 if (status == DPP_STATUS_CSR_NEEDED && auth->conf_sta &&
2002 auth->conf_sta->csrattrs) {
2003 auth->waiting_csr = true;
2004 wpa_printf(MSG_DEBUG, "DPP: CSR Attributes Request");
2005 wpabuf_put_le16(clear, DPP_ATTR_CSR_ATTR_REQ);
2006 wpabuf_put_le16(clear, os_strlen(auth->conf_sta->csrattrs));
2007 wpabuf_put_str(clear, auth->conf_sta->csrattrs);
2008 }
2009
2010 #ifdef CONFIG_DPP3
2011 if (status == DPP_STATUS_NEW_KEY_NEEDED && auth->conf &&
2012 auth->conf->net_access_key_curve) {
2013 u16 ike_group = auth->conf->net_access_key_curve->ike_group;
2014
2015 /* Finite Cyclic Group attribute */
2016 wpa_printf(MSG_DEBUG, "DPP: Finite Cyclic Group: %u",
2017 ike_group);
2018 wpabuf_put_le16(clear, DPP_ATTR_FINITE_CYCLIC_GROUP);
2019 wpabuf_put_le16(clear, 2);
2020 wpabuf_put_le16(clear, ike_group);
2021
2022 if (pc) {
2023 wpa_printf(MSG_DEBUG, "DPP: Pc");
2024 wpabuf_put_le16(clear, DPP_ATTR_R_PROTOCOL_KEY);
2025 wpabuf_put_le16(clear, wpabuf_len(pc));
2026 wpabuf_put_buf(clear, pc);
2027 }
2028 }
2029 #endif /* CONFIG_DPP3 */
2030
2031 #ifdef CONFIG_TESTING_OPTIONS
2032 skip_config_obj:
2033 if (dpp_test == DPP_TEST_NO_STATUS_CONF_RESP) {
2034 wpa_printf(MSG_INFO, "DPP: TESTING - Status");
2035 goto skip_status;
2036 }
2037 if (dpp_test == DPP_TEST_INVALID_STATUS_CONF_RESP) {
2038 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status");
2039 status = 255;
2040 }
2041 #endif /* CONFIG_TESTING_OPTIONS */
2042
2043 /* DPP Status */
2044 dpp_build_attr_status(msg, status);
2045
2046 #ifdef CONFIG_TESTING_OPTIONS
2047 skip_status:
2048 #endif /* CONFIG_TESTING_OPTIONS */
2049
2050 addr[0] = wpabuf_head(msg);
2051 len[0] = wpabuf_len(msg);
2052 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
2053
2054 wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
2055 wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
2056 wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
2057
2058 wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
2059 if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
2060 wpabuf_head(clear), wpabuf_len(clear),
2061 1, addr, len, wrapped) < 0)
2062 goto fail;
2063 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
2064 wrapped, wpabuf_len(clear) + AES_BLOCK_SIZE);
2065
2066 #ifdef CONFIG_TESTING_OPTIONS
2067 if (dpp_test == DPP_TEST_AFTER_WRAPPED_DATA_CONF_RESP) {
2068 wpa_printf(MSG_INFO, "DPP: TESTING - attr after Wrapped Data");
2069 dpp_build_attr_status(msg, DPP_STATUS_OK);
2070 }
2071 skip_wrapped_data:
2072 #endif /* CONFIG_TESTING_OPTIONS */
2073
2074 wpa_hexdump_buf(MSG_DEBUG,
2075 "DPP: Configuration Response attributes", msg);
2076 out:
2077 wpabuf_clear_free(conf);
2078 wpabuf_clear_free(conf2);
2079 wpabuf_clear_free(env_data);
2080 wpabuf_clear_free(clear);
2081 wpabuf_free(pc);
2082
2083 return msg;
2084 fail:
2085 wpabuf_free(msg);
2086 msg = NULL;
2087 goto out;
2088 }
2089
2090
2091 struct wpabuf *
dpp_conf_req_rx(struct dpp_authentication * auth,const u8 * attr_start,size_t attr_len)2092 dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
2093 size_t attr_len)
2094 {
2095 const u8 *wrapped_data, *e_nonce, *config_attr;
2096 u16 wrapped_data_len, e_nonce_len, config_attr_len;
2097 u8 *unwrapped = NULL;
2098 size_t unwrapped_len = 0;
2099 struct wpabuf *resp = NULL;
2100 struct json_token *root = NULL, *token;
2101 enum dpp_netrole netrole;
2102 struct wpabuf *cert_req = NULL;
2103 #ifdef CONFIG_DPP3
2104 const u8 *i_proto;
2105 u16 i_proto_len;
2106 #endif /* CONFIG_DPP3 */
2107
2108 #ifdef CONFIG_TESTING_OPTIONS
2109 if (dpp_test == DPP_TEST_STOP_AT_CONF_REQ) {
2110 wpa_printf(MSG_INFO,
2111 "DPP: TESTING - stop at Config Request");
2112 return NULL;
2113 }
2114 #endif /* CONFIG_TESTING_OPTIONS */
2115
2116 if (dpp_check_attrs(attr_start, attr_len) < 0) {
2117 dpp_auth_fail(auth, "Invalid attribute in config request");
2118 return NULL;
2119 }
2120
2121 wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
2122 &wrapped_data_len);
2123 if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
2124 dpp_auth_fail(auth,
2125 "Missing or invalid required Wrapped Data attribute");
2126 return NULL;
2127 }
2128
2129 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
2130 wrapped_data, wrapped_data_len);
2131 unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
2132 unwrapped = os_malloc(unwrapped_len);
2133 if (!unwrapped)
2134 return NULL;
2135 if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
2136 wrapped_data, wrapped_data_len,
2137 0, NULL, NULL, unwrapped) < 0) {
2138 dpp_auth_fail(auth, "AES-SIV decryption failed");
2139 goto fail;
2140 }
2141 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
2142 unwrapped, unwrapped_len);
2143
2144 if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
2145 dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
2146 goto fail;
2147 }
2148
2149 e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
2150 DPP_ATTR_ENROLLEE_NONCE,
2151 &e_nonce_len);
2152 if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
2153 dpp_auth_fail(auth,
2154 "Missing or invalid Enrollee Nonce attribute");
2155 goto fail;
2156 }
2157 wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
2158 os_memcpy(auth->e_nonce, e_nonce, e_nonce_len);
2159
2160 #ifdef CONFIG_DPP3
2161 i_proto = dpp_get_attr(unwrapped, unwrapped_len,
2162 DPP_ATTR_I_PROTOCOL_KEY, &i_proto_len);
2163 if (i_proto && !auth->waiting_new_key) {
2164 dpp_auth_fail(auth,
2165 "Enrollee included a new protocol key even though one was not expected");
2166 goto fail;
2167 }
2168 if (i_proto) {
2169 struct crypto_ec_key *pe;
2170 u8 auth_i[DPP_MAX_HASH_LEN];
2171 const u8 *rx_auth_i;
2172 u16 rx_auth_i_len;
2173
2174 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Protocol Key (new Pe)",
2175 i_proto, i_proto_len);
2176
2177 pe = dpp_set_pubkey_point(auth->own_protocol_key,
2178 i_proto, i_proto_len);
2179 if (!pe) {
2180 dpp_auth_fail(auth,
2181 "Invalid Initiator Protocol Key (Pe)");
2182 goto fail;
2183 }
2184 dpp_debug_print_key("New Peer Protocol Key (Pe)", pe);
2185 crypto_ec_key_deinit(auth->peer_protocol_key);
2186 auth->peer_protocol_key = pe;
2187 auth->new_key_received = true;
2188 auth->waiting_new_key = false;
2189
2190 if (dpp_derive_auth_i(auth, auth_i) < 0)
2191 goto fail;
2192
2193 rx_auth_i = dpp_get_attr(unwrapped, unwrapped_len,
2194 DPP_ATTR_I_AUTH_TAG, &rx_auth_i_len);
2195 if (!rx_auth_i) {
2196 dpp_auth_fail(auth,
2197 "Missing Initiator Authentication Tag");
2198 goto fail;
2199 }
2200 if (rx_auth_i_len != auth->curve->hash_len ||
2201 os_memcmp(rx_auth_i, auth_i, auth->curve->hash_len) != 0) {
2202 dpp_auth_fail(auth,
2203 "Mismatch in Initiator Authenticating Tag");
2204 wpa_hexdump(MSG_DEBUG, "DPP: Received Auth-I",
2205 rx_auth_i, rx_auth_i_len);
2206 wpa_hexdump(MSG_DEBUG, "DPP: Derived Auth-I'",
2207 auth_i, auth->curve->hash_len);
2208 goto fail;
2209 }
2210 }
2211 #endif /* CONFIG_DPP3 */
2212
2213 config_attr = dpp_get_attr(unwrapped, unwrapped_len,
2214 DPP_ATTR_CONFIG_ATTR_OBJ,
2215 &config_attr_len);
2216 if (!config_attr) {
2217 dpp_auth_fail(auth,
2218 "Missing or invalid Config Attributes attribute");
2219 goto fail;
2220 }
2221 wpa_hexdump_ascii(MSG_DEBUG, "DPP: Config Attributes",
2222 config_attr, config_attr_len);
2223
2224 root = json_parse((const char *) config_attr, config_attr_len);
2225 if (!root) {
2226 dpp_auth_fail(auth, "Could not parse Config Attributes");
2227 goto fail;
2228 }
2229
2230 token = json_get_member(root, "name");
2231 if (!token || token->type != JSON_STRING) {
2232 dpp_auth_fail(auth, "No Config Attributes - name");
2233 goto fail;
2234 }
2235 wpa_printf(MSG_DEBUG, "DPP: Enrollee name = '%s'", token->string);
2236 os_free(auth->e_name);
2237 auth->e_name = os_strdup(token->string);
2238
2239 token = json_get_member(root, "wi-fi_tech");
2240 if (!token || token->type != JSON_STRING) {
2241 dpp_auth_fail(auth, "No Config Attributes - wi-fi_tech");
2242 goto fail;
2243 }
2244 wpa_printf(MSG_DEBUG, "DPP: wi-fi_tech = '%s'", token->string);
2245 if (os_strcmp(token->string, "infra") != 0) {
2246 wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech '%s'",
2247 token->string);
2248 dpp_auth_fail(auth, "Unsupported wi-fi_tech");
2249 goto fail;
2250 }
2251
2252 token = json_get_member(root, "netRole");
2253 if (!token || token->type != JSON_STRING) {
2254 dpp_auth_fail(auth, "No Config Attributes - netRole");
2255 goto fail;
2256 }
2257 wpa_printf(MSG_DEBUG, "DPP: netRole = '%s'", token->string);
2258 if (os_strcmp(token->string, "sta") == 0) {
2259 netrole = DPP_NETROLE_STA;
2260 } else if (os_strcmp(token->string, "ap") == 0) {
2261 netrole = DPP_NETROLE_AP;
2262 } else if (os_strcmp(token->string, "configurator") == 0) {
2263 netrole = DPP_NETROLE_CONFIGURATOR;
2264 } else {
2265 wpa_printf(MSG_DEBUG, "DPP: Unsupported netRole '%s'",
2266 token->string);
2267 dpp_auth_fail(auth, "Unsupported netRole");
2268 goto fail;
2269 }
2270 auth->e_netrole = netrole;
2271
2272 token = json_get_member(root, "mudurl");
2273 if (token && token->type == JSON_STRING) {
2274 wpa_printf(MSG_DEBUG, "DPP: mudurl = '%s'", token->string);
2275 wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_MUD_URL "%s",
2276 token->string);
2277 os_free(auth->e_mud_url);
2278 auth->e_mud_url = os_strdup(token->string);
2279 }
2280
2281 token = json_get_member(root, "bandSupport");
2282 auth->band_list_size = 0;
2283 if (token && token->type == JSON_ARRAY) {
2284 int *opclass = NULL;
2285 char txt[200], *pos, *end;
2286 int i, res;
2287
2288 memset(auth->band_list, 0, sizeof(auth->band_list));
2289 wpa_printf(MSG_DEBUG, "DPP: bandSupport");
2290 token = token->child;
2291 while (token) {
2292 if (token->type != JSON_NUMBER) {
2293 wpa_printf(MSG_DEBUG,
2294 "DPP: Invalid bandSupport array member type");
2295 } else {
2296 if (auth->band_list_size < DPP_MAX_CHANNELS) {
2297 auth->band_list[auth->band_list_size++] = token->number;
2298 }
2299 wpa_printf(MSG_DEBUG,
2300 "DPP: Supported global operating class: %d",
2301 token->number);
2302 int_array_add_unique(&opclass, token->number);
2303 }
2304 token = token->sibling;
2305 }
2306
2307 txt[0] = '\0';
2308 pos = txt;
2309 end = txt + sizeof(txt);
2310 for (i = 0; opclass && opclass[i]; i++) {
2311 res = os_snprintf(pos, end - pos, "%s%d",
2312 pos == txt ? "" : ",", opclass[i]);
2313 if (os_snprintf_error(end - pos, res)) {
2314 *pos = '\0';
2315 break;
2316 }
2317 pos += res;
2318 }
2319 os_free(auth->e_band_support);
2320 auth->e_band_support = opclass;
2321 wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_BAND_SUPPORT "%s",
2322 txt);
2323 }
2324
2325 #ifdef CONFIG_DPP2
2326 cert_req = json_get_member_base64(root, "pkcs10");
2327 if (cert_req) {
2328 char *txt;
2329 int id;
2330
2331 wpa_hexdump_buf(MSG_DEBUG, "DPP: CertificateRequest", cert_req);
2332 if (dpp_validate_csr(auth, cert_req) < 0) {
2333 wpa_printf(MSG_DEBUG, "DPP: CSR is not valid");
2334 auth->force_conf_resp_status = DPP_STATUS_CSR_BAD;
2335 goto cont;
2336 }
2337
2338 id = dpp_get_peer_bi_id(auth);
2339 if (id < 0)
2340 goto fail;
2341
2342 wpa_printf(MSG_DEBUG, "DPP: CSR is valid - forward to CA/RA");
2343 txt = base64_encode_no_lf(wpabuf_head(cert_req),
2344 wpabuf_len(cert_req), NULL);
2345 if (!txt)
2346 goto fail;
2347
2348 wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_CSR "peer=%d csr=%s",
2349 id, txt);
2350 os_free(txt);
2351 auth->waiting_csr = false;
2352 auth->waiting_cert = true;
2353 goto fail;
2354 }
2355 cont:
2356 #endif /* CONFIG_DPP2 */
2357
2358 resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, netrole,
2359 cert_req);
2360
2361 fail:
2362 wpabuf_free(cert_req);
2363 json_free(root);
2364 os_free(unwrapped);
2365 return resp;
2366 }
2367
2368
dpp_parse_cred_legacy(struct dpp_config_obj * conf,struct json_token * cred)2369 static int dpp_parse_cred_legacy(struct dpp_config_obj *conf,
2370 struct json_token *cred)
2371 {
2372 struct json_token *pass, *psk_hex;
2373
2374 wpa_printf(MSG_DEBUG, "DPP: Legacy akm=psk credential");
2375
2376 pass = json_get_member(cred, "pass");
2377 psk_hex = json_get_member(cred, "psk_hex");
2378
2379 if (pass && pass->type == JSON_STRING) {
2380 size_t len = os_strlen(pass->string);
2381
2382 wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Legacy passphrase",
2383 pass->string, len);
2384 if (len < 8 || len > 63)
2385 return -1;
2386 os_strlcpy(conf->passphrase, pass->string,
2387 sizeof(conf->passphrase));
2388 } else if (psk_hex && psk_hex->type == JSON_STRING) {
2389 if (dpp_akm_sae(conf->akm) && !dpp_akm_psk(conf->akm)) {
2390 wpa_printf(MSG_DEBUG,
2391 "DPP: Unexpected psk_hex with akm=sae");
2392 return -1;
2393 }
2394 if (os_strlen(psk_hex->string) != PMK_LEN * 2 ||
2395 hexstr2bin(psk_hex->string, conf->psk, PMK_LEN) < 0) {
2396 wpa_printf(MSG_DEBUG, "DPP: Invalid psk_hex encoding");
2397 return -1;
2398 }
2399 wpa_hexdump_key(MSG_DEBUG, "DPP: Legacy PSK",
2400 conf->psk, PMK_LEN);
2401 conf->psk_set = 1;
2402 } else {
2403 wpa_printf(MSG_DEBUG, "DPP: No pass or psk_hex strings found");
2404 return -1;
2405 }
2406
2407 if (dpp_akm_sae(conf->akm) && !conf->passphrase[0]) {
2408 wpa_printf(MSG_DEBUG, "DPP: No pass for sae found");
2409 return -1;
2410 }
2411
2412 return 0;
2413 }
2414
2415
dpp_parse_jwk(struct json_token * jwk,const struct dpp_curve_params ** key_curve)2416 struct crypto_ec_key * dpp_parse_jwk(struct json_token *jwk,
2417 const struct dpp_curve_params **key_curve)
2418 {
2419 struct json_token *token;
2420 const struct dpp_curve_params *curve;
2421 struct wpabuf *x = NULL, *y = NULL;
2422 struct crypto_ec_key *key = NULL;
2423
2424 token = json_get_member(jwk, "kty");
2425 if (!token || token->type != JSON_STRING) {
2426 wpa_printf(MSG_DEBUG, "DPP: No kty in JWK");
2427 goto fail;
2428 }
2429 if (os_strcmp(token->string, "EC") != 0) {
2430 wpa_printf(MSG_DEBUG, "DPP: Unexpected JWK kty '%s'",
2431 token->string);
2432 goto fail;
2433 }
2434
2435 token = json_get_member(jwk, "crv");
2436 if (!token || token->type != JSON_STRING) {
2437 wpa_printf(MSG_DEBUG, "DPP: No crv in JWK");
2438 goto fail;
2439 }
2440 curve = dpp_get_curve_jwk_crv(token->string);
2441 if (!curve) {
2442 wpa_printf(MSG_DEBUG, "DPP: Unsupported JWK crv '%s'",
2443 token->string);
2444 goto fail;
2445 }
2446
2447 x = json_get_member_base64url(jwk, "x");
2448 if (!x) {
2449 wpa_printf(MSG_DEBUG, "DPP: No x in JWK");
2450 goto fail;
2451 }
2452 wpa_hexdump_buf(MSG_DEBUG, "DPP: JWK x", x);
2453 if (wpabuf_len(x) != curve->prime_len) {
2454 wpa_printf(MSG_DEBUG,
2455 "DPP: Unexpected JWK x length %u (expected %u for curve %s)",
2456 (unsigned int) wpabuf_len(x),
2457 (unsigned int) curve->prime_len, curve->name);
2458 goto fail;
2459 }
2460
2461 y = json_get_member_base64url(jwk, "y");
2462 if (!y) {
2463 wpa_printf(MSG_DEBUG, "DPP: No y in JWK");
2464 goto fail;
2465 }
2466 wpa_hexdump_buf(MSG_DEBUG, "DPP: JWK y", y);
2467 if (wpabuf_len(y) != curve->prime_len) {
2468 wpa_printf(MSG_DEBUG,
2469 "DPP: Unexpected JWK y length %u (expected %u for curve %s)",
2470 (unsigned int) wpabuf_len(y),
2471 (unsigned int) curve->prime_len, curve->name);
2472 goto fail;
2473 }
2474
2475 key = crypto_ec_key_set_pub(curve->ike_group, wpabuf_head(x),
2476 wpabuf_head(y), wpabuf_len(x));
2477 if (!key)
2478 goto fail;
2479
2480 *key_curve = curve;
2481
2482 fail:
2483 wpabuf_free(x);
2484 wpabuf_free(y);
2485
2486 return key;
2487 }
2488
2489
dpp_key_expired(const char * timestamp,os_time_t * expiry)2490 int dpp_key_expired(const char *timestamp, os_time_t *expiry)
2491 {
2492 struct os_time now;
2493 unsigned int year, month, day, hour, min, sec;
2494 os_time_t utime;
2495 const char *pos;
2496
2497 /* ISO 8601 date and time:
2498 * <date>T<time>
2499 * YYYY-MM-DDTHH:MM:SSZ
2500 * YYYY-MM-DDTHH:MM:SS+03:00
2501 */
2502 if (os_strlen(timestamp) < 19) {
2503 wpa_printf(MSG_DEBUG,
2504 "DPP: Too short timestamp - assume expired key");
2505 return 1;
2506 }
2507 if (sscanf(timestamp, "%04u-%02u-%02uT%02u:%02u:%02u",
2508 &year, &month, &day, &hour, &min, &sec) != 6) {
2509 wpa_printf(MSG_DEBUG,
2510 "DPP: Failed to parse expiration day - assume expired key");
2511 return 1;
2512 }
2513
2514 if (os_mktime(year, month, day, hour, min, sec, &utime) < 0) {
2515 wpa_printf(MSG_DEBUG,
2516 "DPP: Invalid date/time information - assume expired key");
2517 return 1;
2518 }
2519
2520 pos = timestamp + 19;
2521 if (*pos == 'Z' || *pos == '\0') {
2522 /* In UTC - no need to adjust */
2523 } else if (*pos == '-' || *pos == '+') {
2524 int items;
2525
2526 /* Adjust local time to UTC */
2527 items = sscanf(pos + 1, "%02u:%02u", &hour, &min);
2528 if (items < 1) {
2529 wpa_printf(MSG_DEBUG,
2530 "DPP: Invalid time zone designator (%s) - assume expired key",
2531 pos);
2532 return 1;
2533 }
2534 if (*pos == '-')
2535 utime += 3600 * hour;
2536 if (*pos == '+')
2537 utime -= 3600 * hour;
2538 if (items > 1) {
2539 if (*pos == '-')
2540 utime += 60 * min;
2541 if (*pos == '+')
2542 utime -= 60 * min;
2543 }
2544 } else {
2545 wpa_printf(MSG_DEBUG,
2546 "DPP: Invalid time zone designator (%s) - assume expired key",
2547 pos);
2548 return 1;
2549 }
2550 if (expiry)
2551 *expiry = utime;
2552
2553 if (os_get_time(&now) < 0) {
2554 wpa_printf(MSG_DEBUG,
2555 "DPP: Cannot get current time - assume expired key");
2556 return 1;
2557 }
2558
2559 if (now.sec > utime) {
2560 wpa_printf(MSG_DEBUG, "DPP: Key has expired (%lu < %lu)",
2561 utime, now.sec);
2562 return 1;
2563 }
2564
2565 return 0;
2566 }
2567
2568
dpp_parse_connector(struct dpp_authentication * auth,struct dpp_config_obj * conf,const unsigned char * payload,u16 payload_len)2569 static int dpp_parse_connector(struct dpp_authentication *auth,
2570 struct dpp_config_obj *conf,
2571 const unsigned char *payload,
2572 u16 payload_len)
2573 {
2574 struct json_token *root, *groups, *netkey, *token;
2575 int ret = -1;
2576 struct crypto_ec_key *key = NULL;
2577 const struct dpp_curve_params *curve;
2578 unsigned int rules = 0;
2579
2580 root = json_parse((const char *) payload, payload_len);
2581 if (!root) {
2582 wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed");
2583 goto fail;
2584 }
2585
2586 groups = json_get_member(root, "groups");
2587 if (!groups || groups->type != JSON_ARRAY) {
2588 wpa_printf(MSG_DEBUG, "DPP: No groups array found");
2589 goto skip_groups;
2590 }
2591 for (token = groups->child; token; token = token->sibling) {
2592 struct json_token *id, *role;
2593
2594 id = json_get_member(token, "groupId");
2595 if (!id || id->type != JSON_STRING) {
2596 wpa_printf(MSG_DEBUG, "DPP: Missing groupId string");
2597 goto fail;
2598 }
2599
2600 role = json_get_member(token, "netRole");
2601 if (!role || role->type != JSON_STRING) {
2602 wpa_printf(MSG_DEBUG, "DPP: Missing netRole string");
2603 goto fail;
2604 }
2605 wpa_printf(MSG_DEBUG,
2606 "DPP: connector group: groupId='%s' netRole='%s'",
2607 id->string, role->string);
2608 rules++;
2609 }
2610 skip_groups:
2611
2612 if (!rules) {
2613 wpa_printf(MSG_DEBUG,
2614 "DPP: Connector includes no groups");
2615 goto fail;
2616 }
2617
2618 token = json_get_member(root, "expiry");
2619 if (!token || token->type != JSON_STRING) {
2620 wpa_printf(MSG_DEBUG,
2621 "DPP: No expiry string found - connector does not expire");
2622 } else {
2623 wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
2624 if (dpp_key_expired(token->string,
2625 &auth->net_access_key_expiry)) {
2626 wpa_printf(MSG_DEBUG,
2627 "DPP: Connector (netAccessKey) has expired");
2628 goto fail;
2629 }
2630 }
2631
2632 netkey = json_get_member(root, "netAccessKey");
2633 if (!netkey || netkey->type != JSON_OBJECT) {
2634 wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found");
2635 goto fail;
2636 }
2637
2638 key = dpp_parse_jwk(netkey, &curve);
2639 if (!key)
2640 goto fail;
2641 dpp_debug_print_key("DPP: Received netAccessKey", key);
2642
2643 if (crypto_ec_key_cmp(key, auth->own_protocol_key)) {
2644 wpa_printf(MSG_DEBUG,
2645 "DPP: netAccessKey in connector does not match own protocol key");
2646 #ifdef CONFIG_TESTING_OPTIONS
2647 if (auth->ignore_netaccesskey_mismatch) {
2648 wpa_printf(MSG_DEBUG,
2649 "DPP: TESTING - skip netAccessKey mismatch");
2650 } else {
2651 goto fail;
2652 }
2653 #else /* CONFIG_TESTING_OPTIONS */
2654 goto fail;
2655 #endif /* CONFIG_TESTING_OPTIONS */
2656 }
2657
2658 ret = 0;
2659 fail:
2660 crypto_ec_key_deinit(key);
2661 json_free(root);
2662 return ret;
2663 }
2664
2665
dpp_copy_csign(struct dpp_config_obj * conf,struct crypto_ec_key * csign)2666 static void dpp_copy_csign(struct dpp_config_obj *conf,
2667 struct crypto_ec_key *csign)
2668 {
2669 struct wpabuf *c_sign_key;
2670
2671 c_sign_key = crypto_ec_key_get_subject_public_key(csign);
2672 if (!c_sign_key)
2673 return;
2674
2675 wpabuf_free(conf->c_sign_key);
2676 conf->c_sign_key = c_sign_key;
2677 }
2678
2679
dpp_copy_ppkey(struct dpp_config_obj * conf,struct crypto_ec_key * ppkey)2680 static void dpp_copy_ppkey(struct dpp_config_obj *conf,
2681 struct crypto_ec_key *ppkey)
2682 {
2683 struct wpabuf *pp_key;
2684
2685 pp_key = crypto_ec_key_get_subject_public_key(ppkey);
2686 if (!pp_key)
2687 return;
2688
2689 wpabuf_free(conf->pp_key);
2690 conf->pp_key = pp_key;
2691 }
2692
2693
dpp_copy_netaccesskey(struct dpp_authentication * auth,struct dpp_config_obj * conf)2694 static void dpp_copy_netaccesskey(struct dpp_authentication *auth,
2695 struct dpp_config_obj *conf)
2696 {
2697 struct wpabuf *net_access_key;
2698 struct crypto_ec_key *own_key;
2699
2700 own_key = auth->own_protocol_key;
2701 #ifdef CONFIG_DPP2
2702 if (auth->reconfig_connector_key == DPP_CONFIG_REUSEKEY &&
2703 auth->reconfig_old_protocol_key)
2704 own_key = auth->reconfig_old_protocol_key;
2705 #endif /* CONFIG_DPP2 */
2706
2707 net_access_key = crypto_ec_key_get_ecprivate_key(own_key, true);
2708 if (!net_access_key)
2709 return;
2710
2711 wpabuf_free(auth->net_access_key);
2712 auth->net_access_key = net_access_key;
2713 }
2714
2715
dpp_parse_cred_dpp(struct dpp_authentication * auth,struct dpp_config_obj * conf,struct json_token * cred)2716 static int dpp_parse_cred_dpp(struct dpp_authentication *auth,
2717 struct dpp_config_obj *conf,
2718 struct json_token *cred)
2719 {
2720 struct dpp_signed_connector_info info;
2721 struct json_token *token, *csign, *ppkey;
2722 int ret = -1;
2723 struct crypto_ec_key *csign_pub = NULL, *pp_pub = NULL;
2724 const struct dpp_curve_params *key_curve = NULL, *pp_curve = NULL;
2725 const char *signed_connector;
2726
2727 os_memset(&info, 0, sizeof(info));
2728
2729 if (dpp_akm_psk(conf->akm) || dpp_akm_sae(conf->akm)) {
2730 wpa_printf(MSG_DEBUG,
2731 "DPP: Legacy credential included in Connector credential");
2732 if (dpp_parse_cred_legacy(conf, cred) < 0)
2733 return -1;
2734 }
2735
2736 wpa_printf(MSG_DEBUG, "DPP: Connector credential");
2737
2738 csign = json_get_member(cred, "csign");
2739 if (!csign || csign->type != JSON_OBJECT) {
2740 wpa_printf(MSG_DEBUG, "DPP: No csign JWK in JSON");
2741 goto fail;
2742 }
2743
2744 csign_pub = dpp_parse_jwk(csign, &key_curve);
2745 if (!csign_pub) {
2746 wpa_printf(MSG_DEBUG, "DPP: Failed to parse csign JWK");
2747 goto fail;
2748 }
2749 dpp_debug_print_key("DPP: Received C-sign-key", csign_pub);
2750
2751 ppkey = json_get_member(cred, "ppKey");
2752 if (ppkey && ppkey->type == JSON_OBJECT) {
2753 pp_pub = dpp_parse_jwk(ppkey, &pp_curve);
2754 if (!pp_pub) {
2755 wpa_printf(MSG_DEBUG, "DPP: Failed to parse ppKey JWK");
2756 goto fail;
2757 }
2758 dpp_debug_print_key("DPP: Received ppKey", pp_pub);
2759 if (key_curve != pp_curve) {
2760 wpa_printf(MSG_DEBUG,
2761 "DPP: C-sign-key and ppKey do not use the same curve");
2762 goto fail;
2763 }
2764 }
2765
2766 token = json_get_member(cred, "signedConnector");
2767 if (!token || token->type != JSON_STRING) {
2768 wpa_printf(MSG_DEBUG, "DPP: No signedConnector string found");
2769 goto fail;
2770 }
2771 wpa_hexdump_ascii(MSG_DEBUG, "DPP: signedConnector",
2772 token->string, os_strlen(token->string));
2773 signed_connector = token->string;
2774
2775 if (os_strchr(signed_connector, '"') ||
2776 os_strchr(signed_connector, '\n')) {
2777 wpa_printf(MSG_DEBUG,
2778 "DPP: Unexpected character in signedConnector");
2779 goto fail;
2780 }
2781
2782 if (dpp_process_signed_connector(&info, csign_pub,
2783 signed_connector) != DPP_STATUS_OK)
2784 goto fail;
2785
2786 if (dpp_parse_connector(auth, conf,
2787 info.payload, info.payload_len) < 0) {
2788 wpa_printf(MSG_DEBUG, "DPP: Failed to parse connector");
2789 goto fail;
2790 }
2791
2792 os_free(conf->connector);
2793 conf->connector = os_strdup(signed_connector);
2794
2795 dpp_copy_csign(conf, csign_pub);
2796 if (pp_pub)
2797 dpp_copy_ppkey(conf, pp_pub);
2798 if (dpp_akm_dpp(conf->akm) || auth->peer_version >= 2)
2799 dpp_copy_netaccesskey(auth, conf);
2800
2801 ret = 0;
2802 fail:
2803 crypto_ec_key_deinit(csign_pub);
2804 crypto_ec_key_deinit(pp_pub);
2805 os_free(info.payload);
2806 return ret;
2807 }
2808
2809
2810 #ifdef CONFIG_DPP2
dpp_parse_cred_dot1x(struct dpp_authentication * auth,struct dpp_config_obj * conf,struct json_token * cred)2811 static int dpp_parse_cred_dot1x(struct dpp_authentication *auth,
2812 struct dpp_config_obj *conf,
2813 struct json_token *cred)
2814 {
2815 struct json_token *ent, *name;
2816
2817 ent = json_get_member(cred, "entCreds");
2818 if (!ent || ent->type != JSON_OBJECT) {
2819 dpp_auth_fail(auth, "No entCreds in JSON");
2820 return -1;
2821 }
2822
2823 conf->certbag = json_get_member_base64(ent, "certBag");
2824 if (!conf->certbag) {
2825 dpp_auth_fail(auth, "No certBag in JSON");
2826 return -1;
2827 }
2828 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Received certBag", conf->certbag);
2829 conf->certs = crypto_pkcs7_get_certificates(conf->certbag);
2830 if (!conf->certs) {
2831 dpp_auth_fail(auth, "No certificates in certBag");
2832 return -1;
2833 }
2834
2835 conf->cacert = json_get_member_base64(ent, "caCert");
2836 if (conf->cacert)
2837 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Received caCert",
2838 conf->cacert);
2839
2840 name = json_get_member(ent, "trustedEapServerName");
2841 if (name &&
2842 (name->type != JSON_STRING ||
2843 has_ctrl_char((const u8 *) name->string,
2844 os_strlen(name->string)))) {
2845 dpp_auth_fail(auth,
2846 "Invalid trustedEapServerName type in JSON");
2847 return -1;
2848 }
2849 if (name && name->string) {
2850 wpa_printf(MSG_DEBUG, "DPP: Received trustedEapServerName: %s",
2851 name->string);
2852 conf->server_name = os_strdup(name->string);
2853 if (!conf->server_name)
2854 return -1;
2855 }
2856
2857 return 0;
2858 }
2859 #endif /* CONFIG_DPP2 */
2860
2861
dpp_akm_str(enum dpp_akm akm)2862 const char * dpp_akm_str(enum dpp_akm akm)
2863 {
2864 switch (akm) {
2865 case DPP_AKM_DPP:
2866 return "dpp";
2867 case DPP_AKM_PSK:
2868 return "psk";
2869 case DPP_AKM_SAE:
2870 return "sae";
2871 case DPP_AKM_PSK_SAE:
2872 return "psk+sae";
2873 case DPP_AKM_SAE_DPP:
2874 return "dpp+sae";
2875 case DPP_AKM_PSK_SAE_DPP:
2876 return "dpp+psk+sae";
2877 case DPP_AKM_DOT1X:
2878 return "dot1x";
2879 default:
2880 return "??";
2881 }
2882 }
2883
2884
dpp_akm_selector_str(enum dpp_akm akm)2885 const char * dpp_akm_selector_str(enum dpp_akm akm)
2886 {
2887 switch (akm) {
2888 case DPP_AKM_DPP:
2889 return "506F9A02";
2890 case DPP_AKM_PSK:
2891 return "000FAC02+000FAC06";
2892 case DPP_AKM_SAE:
2893 return "000FAC08";
2894 case DPP_AKM_PSK_SAE:
2895 return "000FAC02+000FAC06+000FAC08";
2896 case DPP_AKM_SAE_DPP:
2897 return "506F9A02+000FAC08";
2898 case DPP_AKM_PSK_SAE_DPP:
2899 return "506F9A02+000FAC08+000FAC02+000FAC06";
2900 case DPP_AKM_DOT1X:
2901 return "000FAC01+000FAC05";
2902 default:
2903 return "??";
2904 }
2905 }
2906
2907
dpp_akm_from_str(const char * akm)2908 static enum dpp_akm dpp_akm_from_str(const char *akm)
2909 {
2910 const char *pos;
2911 int dpp = 0, psk = 0, sae = 0, dot1x = 0;
2912
2913 if (os_strcmp(akm, "psk") == 0)
2914 return DPP_AKM_PSK;
2915 if (os_strcmp(akm, "sae") == 0)
2916 return DPP_AKM_SAE;
2917 if (os_strcmp(akm, "psk+sae") == 0)
2918 return DPP_AKM_PSK_SAE;
2919 if (os_strcmp(akm, "dpp") == 0)
2920 return DPP_AKM_DPP;
2921 if (os_strcmp(akm, "dpp+sae") == 0)
2922 return DPP_AKM_SAE_DPP;
2923 if (os_strcmp(akm, "dpp+psk+sae") == 0)
2924 return DPP_AKM_PSK_SAE_DPP;
2925 if (os_strcmp(akm, "dot1x") == 0)
2926 return DPP_AKM_DOT1X;
2927
2928 pos = akm;
2929 while (*pos) {
2930 if (os_strlen(pos) < 8)
2931 break;
2932 if (os_strncasecmp(pos, "506F9A02", 8) == 0)
2933 dpp = 1;
2934 else if (os_strncasecmp(pos, "000FAC02", 8) == 0)
2935 psk = 1;
2936 else if (os_strncasecmp(pos, "000FAC06", 8) == 0)
2937 psk = 1;
2938 else if (os_strncasecmp(pos, "000FAC08", 8) == 0)
2939 sae = 1;
2940 else if (os_strncasecmp(pos, "000FAC01", 8) == 0)
2941 dot1x = 1;
2942 else if (os_strncasecmp(pos, "000FAC05", 8) == 0)
2943 dot1x = 1;
2944 pos += 8;
2945 if (*pos != '+')
2946 break;
2947 pos++;
2948 }
2949
2950 if (dpp && psk && sae)
2951 return DPP_AKM_PSK_SAE_DPP;
2952 if (dpp && sae)
2953 return DPP_AKM_SAE_DPP;
2954 if (dpp)
2955 return DPP_AKM_DPP;
2956 if (psk && sae)
2957 return DPP_AKM_PSK_SAE;
2958 if (sae)
2959 return DPP_AKM_SAE;
2960 if (psk)
2961 return DPP_AKM_PSK;
2962 if (dot1x)
2963 return DPP_AKM_DOT1X;
2964
2965 return DPP_AKM_UNKNOWN;
2966 }
2967
2968
dpp_parse_conf_obj(struct dpp_authentication * auth,const u8 * conf_obj,u16 conf_obj_len)2969 static int dpp_parse_conf_obj(struct dpp_authentication *auth,
2970 const u8 *conf_obj, u16 conf_obj_len)
2971 {
2972 int ret = -1;
2973 struct json_token *root, *token, *discovery, *cred;
2974 struct dpp_config_obj *conf;
2975 struct wpabuf *ssid64 = NULL;
2976 int legacy;
2977
2978 root = json_parse((const char *) conf_obj, conf_obj_len);
2979 if (!root)
2980 return -1;
2981 if (root->type != JSON_OBJECT) {
2982 dpp_auth_fail(auth, "JSON root is not an object");
2983 goto fail;
2984 }
2985
2986 token = json_get_member(root, "wi-fi_tech");
2987 if (!token || token->type != JSON_STRING) {
2988 dpp_auth_fail(auth, "No wi-fi_tech string value found");
2989 goto fail;
2990 }
2991 if (os_strcmp(token->string, "infra") != 0) {
2992 wpa_printf(MSG_DEBUG, "DPP: Unsupported wi-fi_tech value: '%s'",
2993 token->string);
2994 dpp_auth_fail(auth, "Unsupported wi-fi_tech value");
2995 goto fail;
2996 }
2997
2998 discovery = json_get_member(root, "discovery");
2999 if (!discovery || discovery->type != JSON_OBJECT) {
3000 dpp_auth_fail(auth, "No discovery object in JSON");
3001 goto fail;
3002 }
3003
3004 ssid64 = json_get_member_base64url(discovery, "ssid64");
3005 if (ssid64) {
3006 wpa_hexdump_ascii(MSG_DEBUG, "DPP: discovery::ssid64",
3007 wpabuf_head(ssid64), wpabuf_len(ssid64));
3008 if (wpabuf_len(ssid64) > SSID_MAX_LEN) {
3009 dpp_auth_fail(auth, "Too long discovery::ssid64 value");
3010 goto fail;
3011 }
3012 } else {
3013 token = json_get_member(discovery, "ssid");
3014 if (!token || token->type != JSON_STRING) {
3015 dpp_auth_fail(auth,
3016 "No discovery::ssid string value found");
3017 goto fail;
3018 }
3019 wpa_hexdump_ascii(MSG_DEBUG, "DPP: discovery::ssid",
3020 token->string, os_strlen(token->string));
3021 if (os_strlen(token->string) > SSID_MAX_LEN) {
3022 dpp_auth_fail(auth,
3023 "Too long discovery::ssid string value");
3024 goto fail;
3025 }
3026 }
3027
3028 if (auth->num_conf_obj == DPP_MAX_CONF_OBJ) {
3029 wpa_printf(MSG_DEBUG,
3030 "DPP: No room for this many Config Objects - ignore this one");
3031 ret = 0;
3032 goto fail;
3033 }
3034 conf = &auth->conf_obj[auth->num_conf_obj++];
3035
3036 if (ssid64) {
3037 conf->ssid_len = wpabuf_len(ssid64);
3038 os_memcpy(conf->ssid, wpabuf_head(ssid64), conf->ssid_len);
3039 } else {
3040 conf->ssid_len = os_strlen(token->string);
3041 os_memcpy(conf->ssid, token->string, conf->ssid_len);
3042 }
3043
3044 token = json_get_member(discovery, "ssid_charset");
3045 if (token && token->type == JSON_NUMBER) {
3046 conf->ssid_charset = token->number;
3047 wpa_printf(MSG_DEBUG, "DPP: ssid_charset=%d",
3048 conf->ssid_charset);
3049 }
3050
3051 cred = json_get_member(root, "cred");
3052 if (!cred || cred->type != JSON_OBJECT) {
3053 dpp_auth_fail(auth, "No cred object in JSON");
3054 goto fail;
3055 }
3056
3057 token = json_get_member(cred, "akm");
3058 if (!token || token->type != JSON_STRING) {
3059 dpp_auth_fail(auth, "No cred::akm string value found");
3060 goto fail;
3061 }
3062 conf->akm = dpp_akm_from_str(token->string);
3063
3064 legacy = dpp_akm_legacy(conf->akm);
3065 if (legacy && auth->peer_version >= 2) {
3066 struct json_token *csign, *s_conn;
3067
3068 csign = json_get_member(cred, "csign");
3069 s_conn = json_get_member(cred, "signedConnector");
3070 if (csign && csign->type == JSON_OBJECT &&
3071 s_conn && s_conn->type == JSON_STRING)
3072 legacy = 0;
3073 }
3074 if (legacy) {
3075 if (dpp_parse_cred_legacy(conf, cred) < 0)
3076 goto fail;
3077 } else if (dpp_akm_dpp(conf->akm) ||
3078 (auth->peer_version >= 2 && dpp_akm_legacy(conf->akm))) {
3079 if (dpp_parse_cred_dpp(auth, conf, cred) < 0)
3080 goto fail;
3081 #ifdef CONFIG_DPP2
3082 } else if (conf->akm == DPP_AKM_DOT1X) {
3083 if (dpp_parse_cred_dot1x(auth, conf, cred) < 0 ||
3084 dpp_parse_cred_dpp(auth, conf, cred) < 0)
3085 goto fail;
3086 #endif /* CONFIG_DPP2 */
3087 } else {
3088 wpa_printf(MSG_DEBUG, "DPP: Unsupported akm: %s",
3089 token->string);
3090 dpp_auth_fail(auth, "Unsupported akm");
3091 goto fail;
3092 }
3093
3094 wpa_printf(MSG_DEBUG, "DPP: JSON parsing completed successfully");
3095 ret = 0;
3096 fail:
3097 wpabuf_free(ssid64);
3098 json_free(root);
3099 return ret;
3100 }
3101
3102
3103 #ifdef CONFIG_DPP2
dpp_get_csr_attrs(const u8 * attrs,size_t attrs_len,size_t * len)3104 static u8 * dpp_get_csr_attrs(const u8 *attrs, size_t attrs_len, size_t *len)
3105 {
3106 const u8 *b64;
3107 u16 b64_len;
3108
3109 b64 = dpp_get_attr(attrs, attrs_len, DPP_ATTR_CSR_ATTR_REQ, &b64_len);
3110 if (!b64)
3111 return NULL;
3112 return base64_decode((const char *) b64, b64_len, len);
3113 }
3114 #endif /* CONFIG_DPP2 */
3115
3116
dpp_conf_resp_rx(struct dpp_authentication * auth,const struct wpabuf * resp)3117 int dpp_conf_resp_rx(struct dpp_authentication *auth,
3118 const struct wpabuf *resp)
3119 {
3120 const u8 *wrapped_data, *e_nonce, *status, *conf_obj;
3121 u16 wrapped_data_len, e_nonce_len, status_len, conf_obj_len;
3122 const u8 *env_data;
3123 u16 env_data_len;
3124 const u8 *addr[1];
3125 size_t len[1];
3126 u8 *unwrapped = NULL;
3127 size_t unwrapped_len = 0;
3128 int ret = -1;
3129
3130 auth->conf_resp_status = 255;
3131
3132 if (dpp_check_attrs(wpabuf_head(resp), wpabuf_len(resp)) < 0) {
3133 dpp_auth_fail(auth, "Invalid attribute in config response");
3134 return -1;
3135 }
3136
3137 wrapped_data = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp),
3138 DPP_ATTR_WRAPPED_DATA,
3139 &wrapped_data_len);
3140 if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
3141 dpp_auth_fail(auth,
3142 "Missing or invalid required Wrapped Data attribute");
3143 return -1;
3144 }
3145
3146 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
3147 wrapped_data, wrapped_data_len);
3148 unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
3149 unwrapped = os_malloc(unwrapped_len);
3150 if (!unwrapped)
3151 return -1;
3152
3153 addr[0] = wpabuf_head(resp);
3154 len[0] = wrapped_data - 4 - (const u8 *) wpabuf_head(resp);
3155 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD", addr[0], len[0]);
3156
3157 if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
3158 wrapped_data, wrapped_data_len,
3159 1, addr, len, unwrapped) < 0) {
3160 dpp_auth_fail(auth, "AES-SIV decryption failed");
3161 goto fail;
3162 }
3163 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
3164 unwrapped, unwrapped_len);
3165
3166 if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
3167 dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
3168 goto fail;
3169 }
3170
3171 e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
3172 DPP_ATTR_ENROLLEE_NONCE,
3173 &e_nonce_len);
3174 if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
3175 dpp_auth_fail(auth,
3176 "Missing or invalid Enrollee Nonce attribute");
3177 goto fail;
3178 }
3179 wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
3180 if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
3181 dpp_auth_fail(auth, "Enrollee Nonce mismatch");
3182 goto fail;
3183 }
3184
3185 status = dpp_get_attr(wpabuf_head(resp), wpabuf_len(resp),
3186 DPP_ATTR_STATUS, &status_len);
3187 if (!status || status_len < 1) {
3188 dpp_auth_fail(auth,
3189 "Missing or invalid required DPP Status attribute");
3190 goto fail;
3191 }
3192 auth->conf_resp_status = status[0];
3193 wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]);
3194 #ifdef CONFIG_DPP2
3195 if (status[0] == DPP_STATUS_CSR_NEEDED) {
3196 u8 *csrattrs;
3197 size_t csrattrs_len;
3198
3199 wpa_printf(MSG_DEBUG, "DPP: Configurator requested CSR");
3200
3201 csrattrs = dpp_get_csr_attrs(unwrapped, unwrapped_len,
3202 &csrattrs_len);
3203 if (!csrattrs) {
3204 dpp_auth_fail(auth,
3205 "Missing or invalid CSR Attributes Request attribute");
3206 goto fail;
3207 }
3208 wpa_hexdump(MSG_DEBUG, "DPP: CsrAttrs", csrattrs, csrattrs_len);
3209 os_free(auth->csrattrs);
3210 auth->csrattrs = csrattrs;
3211 auth->csrattrs_len = csrattrs_len;
3212 ret = -2;
3213 goto fail;
3214 }
3215 #endif /* CONFIG_DPP2 */
3216 #ifdef CONFIG_DPP3
3217 if (status[0] == DPP_STATUS_NEW_KEY_NEEDED) {
3218 const u8 *fcgroup, *r_proto;
3219 u16 fcgroup_len, r_proto_len;
3220 u16 group;
3221 const struct dpp_curve_params *curve;
3222 struct crypto_ec_key *new_pe;
3223 struct crypto_ec_key *pc;
3224
3225 fcgroup = dpp_get_attr(unwrapped, unwrapped_len,
3226 DPP_ATTR_FINITE_CYCLIC_GROUP,
3227 &fcgroup_len);
3228 if (!fcgroup || fcgroup_len != 2) {
3229 dpp_auth_fail(auth,
3230 "Missing or invalid required Finite Cyclic Group attribute");
3231 goto fail;
3232 }
3233 group = WPA_GET_LE16(fcgroup);
3234
3235 wpa_printf(MSG_DEBUG,
3236 "DPP: Configurator requested a new protocol key from group %u",
3237 group);
3238 curve = dpp_get_curve_ike_group(group);
3239 if (!curve) {
3240 dpp_auth_fail(auth,
3241 "Unsupported group for new protocol key");
3242 goto fail;
3243 }
3244
3245 new_pe = dpp_gen_keypair(curve);
3246 if (!new_pe) {
3247 dpp_auth_fail(auth,
3248 "Failed to generate a new protocol key");
3249 goto fail;
3250 }
3251
3252 crypto_ec_key_deinit(auth->own_protocol_key);
3253 auth->own_protocol_key = new_pe;
3254 auth->new_curve = curve;
3255
3256 r_proto = dpp_get_attr(unwrapped, unwrapped_len,
3257 DPP_ATTR_R_PROTOCOL_KEY,
3258 &r_proto_len);
3259 if (!r_proto) {
3260 dpp_auth_fail(auth,
3261 "Missing required Responder Protocol Key attribute (Pc)");
3262 goto fail;
3263 }
3264 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Protocol Key (new Pc)",
3265 r_proto, r_proto_len);
3266
3267 pc = dpp_set_pubkey_point(new_pe, r_proto, r_proto_len);
3268 if (!pc) {
3269 dpp_auth_fail(auth, "Invalid Responder Protocol Key (Pc)");
3270 goto fail;
3271 }
3272 dpp_debug_print_key("New Peer Protocol Key (Pc)", pc);
3273
3274 crypto_ec_key_deinit(auth->peer_protocol_key);
3275 auth->peer_protocol_key = pc;
3276
3277 auth->waiting_new_key = true;
3278 ret = -3;
3279 goto fail;
3280 }
3281 #endif /* CONFIG_DPP3 */
3282 if (status[0] != DPP_STATUS_OK) {
3283 dpp_auth_fail(auth, "Configurator rejected configuration");
3284 goto fail;
3285 }
3286
3287 env_data = dpp_get_attr(unwrapped, unwrapped_len,
3288 DPP_ATTR_ENVELOPED_DATA, &env_data_len);
3289 #ifdef CONFIG_DPP2
3290 if (env_data &&
3291 dpp_conf_resp_env_data(auth, env_data, env_data_len) < 0)
3292 goto fail;
3293 #endif /* CONFIG_DPP2 */
3294
3295 conf_obj = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_CONFIG_OBJ,
3296 &conf_obj_len);
3297 if (!conf_obj && !env_data) {
3298 dpp_auth_fail(auth,
3299 "Missing required Configuration Object attribute");
3300 goto fail;
3301 }
3302 while (conf_obj) {
3303 wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON",
3304 conf_obj, conf_obj_len);
3305 if (dpp_parse_conf_obj(auth, conf_obj, conf_obj_len) < 0)
3306 goto fail;
3307 conf_obj = dpp_get_attr_next(conf_obj, unwrapped, unwrapped_len,
3308 DPP_ATTR_CONFIG_OBJ,
3309 &conf_obj_len);
3310 }
3311
3312 #ifdef CONFIG_DPP2
3313 status = dpp_get_attr(unwrapped, unwrapped_len,
3314 DPP_ATTR_SEND_CONN_STATUS, &status_len);
3315 if (status) {
3316 wpa_printf(MSG_DEBUG,
3317 "DPP: Configurator requested connection status result");
3318 auth->conn_status_requested = 1;
3319 }
3320 #endif /* CONFIG_DPP2 */
3321
3322 ret = 0;
3323
3324 fail:
3325 os_free(unwrapped);
3326 return ret;
3327 }
3328
3329
3330 #ifdef CONFIG_DPP2
3331
dpp_conf_result_rx(struct dpp_authentication * auth,const u8 * hdr,const u8 * attr_start,size_t attr_len)3332 enum dpp_status_error dpp_conf_result_rx(struct dpp_authentication *auth,
3333 const u8 *hdr,
3334 const u8 *attr_start, size_t attr_len)
3335 {
3336 const u8 *wrapped_data, *status, *e_nonce;
3337 u16 wrapped_data_len, status_len, e_nonce_len;
3338 const u8 *addr[2];
3339 size_t len[2];
3340 u8 *unwrapped = NULL;
3341 size_t unwrapped_len = 0;
3342 enum dpp_status_error ret = 256;
3343
3344 wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
3345 &wrapped_data_len);
3346 if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
3347 dpp_auth_fail(auth,
3348 "Missing or invalid required Wrapped Data attribute");
3349 goto fail;
3350 }
3351 wpa_hexdump(MSG_DEBUG, "DPP: Wrapped data",
3352 wrapped_data, wrapped_data_len);
3353
3354 attr_len = wrapped_data - 4 - attr_start;
3355
3356 addr[0] = hdr;
3357 len[0] = DPP_HDR_LEN;
3358 addr[1] = attr_start;
3359 len[1] = attr_len;
3360 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3361 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3362 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
3363 wrapped_data, wrapped_data_len);
3364 unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
3365 unwrapped = os_malloc(unwrapped_len);
3366 if (!unwrapped)
3367 goto fail;
3368 if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
3369 wrapped_data, wrapped_data_len,
3370 2, addr, len, unwrapped) < 0) {
3371 dpp_auth_fail(auth, "AES-SIV decryption failed");
3372 goto fail;
3373 }
3374 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
3375 unwrapped, unwrapped_len);
3376
3377 if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
3378 dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
3379 goto fail;
3380 }
3381
3382 e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
3383 DPP_ATTR_ENROLLEE_NONCE,
3384 &e_nonce_len);
3385 if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
3386 dpp_auth_fail(auth,
3387 "Missing or invalid Enrollee Nonce attribute");
3388 goto fail;
3389 }
3390 wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
3391 if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
3392 dpp_auth_fail(auth, "Enrollee Nonce mismatch");
3393 wpa_hexdump(MSG_DEBUG, "DPP: Expected Enrollee Nonce",
3394 auth->e_nonce, e_nonce_len);
3395 goto fail;
3396 }
3397
3398 status = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_STATUS,
3399 &status_len);
3400 if (!status || status_len < 1) {
3401 dpp_auth_fail(auth,
3402 "Missing or invalid required DPP Status attribute");
3403 goto fail;
3404 }
3405 wpa_printf(MSG_DEBUG, "DPP: Status %u", status[0]);
3406 ret = status[0];
3407
3408 fail:
3409 bin_clear_free(unwrapped, unwrapped_len);
3410 return ret;
3411 }
3412
3413
dpp_build_conf_result(struct dpp_authentication * auth,enum dpp_status_error status)3414 struct wpabuf * dpp_build_conf_result(struct dpp_authentication *auth,
3415 enum dpp_status_error status)
3416 {
3417 struct wpabuf *msg, *clear;
3418 size_t nonce_len, clear_len, attr_len;
3419 const u8 *addr[2];
3420 size_t len[2];
3421 u8 *wrapped;
3422
3423 nonce_len = auth->curve->nonce_len;
3424 clear_len = 5 + 4 + nonce_len;
3425 attr_len = 4 + clear_len + AES_BLOCK_SIZE;
3426 clear = wpabuf_alloc(clear_len);
3427 msg = dpp_alloc_msg(DPP_PA_CONFIGURATION_RESULT, attr_len);
3428 if (!clear || !msg)
3429 goto fail;
3430
3431 /* DPP Status */
3432 dpp_build_attr_status(clear, status);
3433
3434 /* E-nonce */
3435 wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
3436 wpabuf_put_le16(clear, nonce_len);
3437 wpabuf_put_data(clear, auth->e_nonce, nonce_len);
3438
3439 /* OUI, OUI type, Crypto Suite, DPP frame type */
3440 addr[0] = wpabuf_head_u8(msg) + 2;
3441 len[0] = 3 + 1 + 1 + 1;
3442 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3443
3444 /* Attributes before Wrapped Data (none) */
3445 addr[1] = wpabuf_put(msg, 0);
3446 len[1] = 0;
3447 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3448
3449 /* Wrapped Data */
3450 wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
3451 wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3452 wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3453
3454 wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
3455 if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
3456 wpabuf_head(clear), wpabuf_len(clear),
3457 2, addr, len, wrapped) < 0)
3458 goto fail;
3459
3460 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Result attributes", msg);
3461 wpabuf_free(clear);
3462 return msg;
3463 fail:
3464 wpabuf_free(clear);
3465 wpabuf_free(msg);
3466 return NULL;
3467 }
3468
3469
valid_channel_list(const char * val)3470 static int valid_channel_list(const char *val)
3471 {
3472 while (*val) {
3473 if (!((*val >= '0' && *val <= '9') ||
3474 *val == '/' || *val == ','))
3475 return 0;
3476 val++;
3477 }
3478
3479 return 1;
3480 }
3481
3482
dpp_conn_status_result_rx(struct dpp_authentication * auth,const u8 * hdr,const u8 * attr_start,size_t attr_len,u8 * ssid,size_t * ssid_len,char ** channel_list)3483 enum dpp_status_error dpp_conn_status_result_rx(struct dpp_authentication *auth,
3484 const u8 *hdr,
3485 const u8 *attr_start,
3486 size_t attr_len,
3487 u8 *ssid, size_t *ssid_len,
3488 char **channel_list)
3489 {
3490 const u8 *wrapped_data, *status, *e_nonce;
3491 u16 wrapped_data_len, status_len, e_nonce_len;
3492 const u8 *addr[2];
3493 size_t len[2];
3494 u8 *unwrapped = NULL;
3495 size_t unwrapped_len = 0;
3496 enum dpp_status_error ret = 256;
3497 struct json_token *root = NULL, *token;
3498 struct wpabuf *ssid64;
3499
3500 *ssid_len = 0;
3501 *channel_list = NULL;
3502
3503 wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
3504 &wrapped_data_len);
3505 if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
3506 dpp_auth_fail(auth,
3507 "Missing or invalid required Wrapped Data attribute");
3508 goto fail;
3509 }
3510 wpa_hexdump(MSG_DEBUG, "DPP: Wrapped data",
3511 wrapped_data, wrapped_data_len);
3512
3513 attr_len = wrapped_data - 4 - attr_start;
3514
3515 addr[0] = hdr;
3516 len[0] = DPP_HDR_LEN;
3517 addr[1] = attr_start;
3518 len[1] = attr_len;
3519 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3520 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3521 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV ciphertext",
3522 wrapped_data, wrapped_data_len);
3523 unwrapped_len = wrapped_data_len - AES_BLOCK_SIZE;
3524 unwrapped = os_malloc(unwrapped_len);
3525 if (!unwrapped)
3526 goto fail;
3527 if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,
3528 wrapped_data, wrapped_data_len,
3529 2, addr, len, unwrapped) < 0) {
3530 dpp_auth_fail(auth, "AES-SIV decryption failed");
3531 goto fail;
3532 }
3533 wpa_hexdump(MSG_DEBUG, "DPP: AES-SIV cleartext",
3534 unwrapped, unwrapped_len);
3535
3536 if (dpp_check_attrs(unwrapped, unwrapped_len) < 0) {
3537 dpp_auth_fail(auth, "Invalid attribute in unwrapped data");
3538 goto fail;
3539 }
3540
3541 e_nonce = dpp_get_attr(unwrapped, unwrapped_len,
3542 DPP_ATTR_ENROLLEE_NONCE,
3543 &e_nonce_len);
3544 if (!e_nonce || e_nonce_len != auth->curve->nonce_len) {
3545 dpp_auth_fail(auth,
3546 "Missing or invalid Enrollee Nonce attribute");
3547 goto fail;
3548 }
3549 wpa_hexdump(MSG_DEBUG, "DPP: Enrollee Nonce", e_nonce, e_nonce_len);
3550 if (os_memcmp(e_nonce, auth->e_nonce, e_nonce_len) != 0) {
3551 dpp_auth_fail(auth, "Enrollee Nonce mismatch");
3552 wpa_hexdump(MSG_DEBUG, "DPP: Expected Enrollee Nonce",
3553 auth->e_nonce, e_nonce_len);
3554 goto fail;
3555 }
3556
3557 status = dpp_get_attr(unwrapped, unwrapped_len, DPP_ATTR_CONN_STATUS,
3558 &status_len);
3559 if (!status) {
3560 dpp_auth_fail(auth,
3561 "Missing required DPP Connection Status attribute");
3562 goto fail;
3563 }
3564 wpa_hexdump_ascii(MSG_DEBUG, "DPP: connStatus JSON",
3565 status, status_len);
3566
3567 root = json_parse((const char *) status, status_len);
3568 if (!root) {
3569 dpp_auth_fail(auth, "Could not parse connStatus");
3570 goto fail;
3571 }
3572
3573 ssid64 = json_get_member_base64url(root, "ssid64");
3574 if (ssid64 && wpabuf_len(ssid64) <= SSID_MAX_LEN) {
3575 *ssid_len = wpabuf_len(ssid64);
3576 os_memcpy(ssid, wpabuf_head(ssid64), *ssid_len);
3577 }
3578 wpabuf_free(ssid64);
3579
3580 token = json_get_member(root, "channelList");
3581 if (token && token->type == JSON_STRING &&
3582 valid_channel_list(token->string))
3583 *channel_list = os_strdup(token->string);
3584
3585 token = json_get_member(root, "result");
3586 if (!token || token->type != JSON_NUMBER) {
3587 dpp_auth_fail(auth, "No connStatus - result");
3588 goto fail;
3589 }
3590 wpa_printf(MSG_DEBUG, "DPP: result %d", token->number);
3591 ret = token->number;
3592
3593 fail:
3594 json_free(root);
3595 bin_clear_free(unwrapped, unwrapped_len);
3596 return ret;
3597 }
3598
3599
dpp_build_conn_status(enum dpp_status_error result,const u8 * ssid,size_t ssid_len,const char * channel_list)3600 struct wpabuf * dpp_build_conn_status(enum dpp_status_error result,
3601 const u8 *ssid, size_t ssid_len,
3602 const char *channel_list)
3603 {
3604 struct wpabuf *json;
3605
3606 json = wpabuf_alloc(1000);
3607 if (!json)
3608 return NULL;
3609 json_start_object(json, NULL);
3610 json_add_int(json, "result", result);
3611 if (ssid) {
3612 json_value_sep(json);
3613 if (json_add_base64url(json, "ssid64", ssid, ssid_len) < 0) {
3614 wpabuf_free(json);
3615 return NULL;
3616 }
3617 }
3618 if (channel_list) {
3619 json_value_sep(json);
3620 json_add_string(json, "channelList", channel_list);
3621 }
3622 json_end_object(json);
3623 wpa_hexdump_ascii(MSG_DEBUG, "DPP: connStatus JSON",
3624 wpabuf_head(json), wpabuf_len(json));
3625
3626 return json;
3627 }
3628
3629
dpp_build_conn_status_result(struct dpp_authentication * auth,enum dpp_status_error result,const u8 * ssid,size_t ssid_len,const char * channel_list)3630 struct wpabuf * dpp_build_conn_status_result(struct dpp_authentication *auth,
3631 enum dpp_status_error result,
3632 const u8 *ssid, size_t ssid_len,
3633 const char *channel_list)
3634 {
3635 struct wpabuf *msg = NULL, *clear = NULL, *json;
3636 size_t nonce_len, clear_len, attr_len;
3637 const u8 *addr[2];
3638 size_t len[2];
3639 u8 *wrapped;
3640
3641 json = dpp_build_conn_status(result, ssid, ssid_len, channel_list);
3642 if (!json)
3643 return NULL;
3644
3645 nonce_len = auth->curve->nonce_len;
3646 clear_len = 5 + 4 + nonce_len + 4 + wpabuf_len(json);
3647 attr_len = 4 + clear_len + AES_BLOCK_SIZE;
3648 clear = wpabuf_alloc(clear_len);
3649 msg = dpp_alloc_msg(DPP_PA_CONNECTION_STATUS_RESULT, attr_len);
3650 if (!clear || !msg)
3651 goto fail;
3652
3653 /* E-nonce */
3654 wpabuf_put_le16(clear, DPP_ATTR_ENROLLEE_NONCE);
3655 wpabuf_put_le16(clear, nonce_len);
3656 wpabuf_put_data(clear, auth->e_nonce, nonce_len);
3657
3658 /* DPP Connection Status */
3659 wpabuf_put_le16(clear, DPP_ATTR_CONN_STATUS);
3660 wpabuf_put_le16(clear, wpabuf_len(json));
3661 wpabuf_put_buf(clear, json);
3662
3663 /* OUI, OUI type, Crypto Suite, DPP frame type */
3664 addr[0] = wpabuf_head_u8(msg) + 2;
3665 len[0] = 3 + 1 + 1 + 1;
3666 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[0]", addr[0], len[0]);
3667
3668 /* Attributes before Wrapped Data (none) */
3669 addr[1] = wpabuf_put(msg, 0);
3670 len[1] = 0;
3671 wpa_hexdump(MSG_DEBUG, "DDP: AES-SIV AD[1]", addr[1], len[1]);
3672
3673 /* Wrapped Data */
3674 wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
3675 wpabuf_put_le16(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3676 wrapped = wpabuf_put(msg, wpabuf_len(clear) + AES_BLOCK_SIZE);
3677
3678 wpa_hexdump_buf(MSG_DEBUG, "DPP: AES-SIV cleartext", clear);
3679 if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
3680 wpabuf_head(clear), wpabuf_len(clear),
3681 2, addr, len, wrapped) < 0)
3682 goto fail;
3683
3684 wpa_hexdump_buf(MSG_DEBUG, "DPP: Connection Status Result attributes",
3685 msg);
3686 wpabuf_free(json);
3687 wpabuf_free(clear);
3688 return msg;
3689 fail:
3690 wpabuf_free(json);
3691 wpabuf_free(clear);
3692 wpabuf_free(msg);
3693 return NULL;
3694 }
3695
3696 #endif /* CONFIG_DPP2 */
3697
3698
dpp_configurator_free(struct dpp_configurator * conf)3699 void dpp_configurator_free(struct dpp_configurator *conf)
3700 {
3701 if (!conf)
3702 return;
3703 crypto_ec_key_deinit(conf->csign);
3704 os_free(conf->kid);
3705 os_free(conf->connector);
3706 crypto_ec_key_deinit(conf->connector_key);
3707 crypto_ec_key_deinit(conf->pp_key);
3708 os_free(conf);
3709 }
3710
3711
dpp_configurator_get_key(const struct dpp_configurator * conf,char * buf,size_t buflen)3712 int dpp_configurator_get_key(const struct dpp_configurator *conf, char *buf,
3713 size_t buflen)
3714 {
3715 struct wpabuf *key;
3716 int ret = -1;
3717
3718 if (!conf->csign)
3719 return -1;
3720
3721 key = crypto_ec_key_get_ecprivate_key(conf->csign, true);
3722 if (!key)
3723 return -1;
3724
3725 ret = wpa_snprintf_hex(buf, buflen, wpabuf_head(key), wpabuf_len(key));
3726
3727 wpabuf_clear_free(key);
3728 return ret;
3729 }
3730
3731
dpp_configurator_gen_kid(struct dpp_configurator * conf)3732 static int dpp_configurator_gen_kid(struct dpp_configurator *conf)
3733 {
3734 struct wpabuf *csign_pub = NULL;
3735 const u8 *addr[1];
3736 size_t len[1];
3737 int res;
3738
3739 csign_pub = crypto_ec_key_get_pubkey_point(conf->csign, 1);
3740 if (!csign_pub) {
3741 wpa_printf(MSG_INFO, "DPP: Failed to extract C-sign-key");
3742 return -1;
3743 }
3744
3745 /* kid = SHA256(ANSI X9.63 uncompressed C-sign-key) */
3746 addr[0] = wpabuf_head(csign_pub);
3747 len[0] = wpabuf_len(csign_pub);
3748 res = sha256_vector(1, addr, len, conf->kid_hash);
3749 wpabuf_free(csign_pub);
3750 if (res < 0) {
3751 wpa_printf(MSG_DEBUG,
3752 "DPP: Failed to derive kid for C-sign-key");
3753 return -1;
3754 }
3755
3756 conf->kid = base64_url_encode(conf->kid_hash, sizeof(conf->kid_hash),
3757 NULL);
3758 return conf->kid ? 0 : -1;
3759 }
3760
3761
3762 static struct dpp_configurator *
dpp_keygen_configurator(const char * curve,const u8 * privkey,size_t privkey_len,const u8 * pp_key,size_t pp_key_len)3763 dpp_keygen_configurator(const char *curve, const u8 *privkey,
3764 size_t privkey_len, const u8 *pp_key, size_t pp_key_len)
3765 {
3766 struct dpp_configurator *conf;
3767
3768 conf = os_zalloc(sizeof(*conf));
3769 if (!conf)
3770 return NULL;
3771
3772 conf->curve = dpp_get_curve_name(curve);
3773 if (!conf->curve) {
3774 wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", curve);
3775 os_free(conf);
3776 return NULL;
3777 }
3778
3779 if (privkey)
3780 conf->csign = dpp_set_keypair(&conf->curve, privkey,
3781 privkey_len);
3782 else
3783 conf->csign = dpp_gen_keypair(conf->curve);
3784 if (pp_key)
3785 conf->pp_key = dpp_set_keypair(&conf->curve, pp_key,
3786 pp_key_len);
3787 else
3788 conf->pp_key = dpp_gen_keypair(conf->curve);
3789 if (!conf->csign || !conf->pp_key)
3790 goto fail;
3791 conf->own = 1;
3792
3793 if (dpp_configurator_gen_kid(conf) < 0)
3794 goto fail;
3795 return conf;
3796 fail:
3797 dpp_configurator_free(conf);
3798 return NULL;
3799 }
3800
3801
dpp_configurator_own_config(struct dpp_authentication * auth,const char * curve,int ap)3802 int dpp_configurator_own_config(struct dpp_authentication *auth,
3803 const char *curve, int ap)
3804 {
3805 struct wpabuf *conf_obj;
3806 int ret = -1;
3807
3808 if (!auth->conf) {
3809 wpa_printf(MSG_DEBUG, "DPP: No configurator specified");
3810 return -1;
3811 }
3812
3813 auth->curve = dpp_get_curve_name(curve);
3814 if (!auth->curve) {
3815 wpa_printf(MSG_INFO, "DPP: Unsupported curve: %s", curve);
3816 return -1;
3817 }
3818
3819 wpa_printf(MSG_DEBUG,
3820 "DPP: Building own configuration/connector with curve %s",
3821 auth->curve->name);
3822
3823 auth->own_protocol_key = dpp_gen_keypair(auth->curve);
3824 if (!auth->own_protocol_key)
3825 return -1;
3826 dpp_copy_netaccesskey(auth, &auth->conf_obj[0]);
3827 auth->peer_protocol_key = auth->own_protocol_key;
3828 dpp_copy_csign(&auth->conf_obj[0], auth->conf->csign);
3829
3830 conf_obj = dpp_build_conf_obj(auth, ap, 0, NULL);
3831 if (!conf_obj) {
3832 wpabuf_free(auth->conf_obj[0].c_sign_key);
3833 auth->conf_obj[0].c_sign_key = NULL;
3834 goto fail;
3835 }
3836 ret = dpp_parse_conf_obj(auth, wpabuf_head(conf_obj),
3837 wpabuf_len(conf_obj));
3838 fail:
3839 wpabuf_free(conf_obj);
3840 auth->peer_protocol_key = NULL;
3841 return ret;
3842 }
3843
3844
dpp_compatible_netrole(const char * role1,const char * role2)3845 static int dpp_compatible_netrole(const char *role1, const char *role2)
3846 {
3847 return (os_strcmp(role1, "sta") == 0 && os_strcmp(role2, "ap") == 0) ||
3848 (os_strcmp(role1, "ap") == 0 && os_strcmp(role2, "sta") == 0);
3849 }
3850
3851
dpp_connector_compatible_group(struct json_token * root,const char * group_id,const char * net_role,bool reconfig)3852 static int dpp_connector_compatible_group(struct json_token *root,
3853 const char *group_id,
3854 const char *net_role,
3855 bool reconfig)
3856 {
3857 struct json_token *groups, *token;
3858
3859 groups = json_get_member(root, "groups");
3860 if (!groups || groups->type != JSON_ARRAY)
3861 return 0;
3862
3863 for (token = groups->child; token; token = token->sibling) {
3864 struct json_token *id, *role;
3865
3866 id = json_get_member(token, "groupId");
3867 if (!id || id->type != JSON_STRING)
3868 continue;
3869
3870 role = json_get_member(token, "netRole");
3871 if (!role || role->type != JSON_STRING)
3872 continue;
3873
3874 if (os_strcmp(id->string, "*") != 0 &&
3875 os_strcmp(group_id, "*") != 0 &&
3876 os_strcmp(id->string, group_id) != 0)
3877 continue;
3878
3879 if (reconfig && os_strcmp(net_role, "configurator") == 0)
3880 return 1;
3881 if (!reconfig && dpp_compatible_netrole(role->string, net_role))
3882 return 1;
3883 }
3884
3885 return 0;
3886 }
3887
3888
dpp_connector_match_groups(struct json_token * own_root,struct json_token * peer_root,bool reconfig)3889 int dpp_connector_match_groups(struct json_token *own_root,
3890 struct json_token *peer_root, bool reconfig)
3891 {
3892 struct json_token *groups, *token;
3893
3894 groups = json_get_member(peer_root, "groups");
3895 if (!groups || groups->type != JSON_ARRAY) {
3896 wpa_printf(MSG_DEBUG, "DPP: No peer groups array found");
3897 return 0;
3898 }
3899
3900 for (token = groups->child; token; token = token->sibling) {
3901 struct json_token *id, *role;
3902
3903 id = json_get_member(token, "groupId");
3904 if (!id || id->type != JSON_STRING) {
3905 wpa_printf(MSG_DEBUG,
3906 "DPP: Missing peer groupId string");
3907 continue;
3908 }
3909
3910 role = json_get_member(token, "netRole");
3911 if (!role || role->type != JSON_STRING) {
3912 wpa_printf(MSG_DEBUG,
3913 "DPP: Missing peer groups::netRole string");
3914 continue;
3915 }
3916 wpa_printf(MSG_DEBUG,
3917 "DPP: peer connector group: groupId='%s' netRole='%s'",
3918 id->string, role->string);
3919 if (dpp_connector_compatible_group(own_root, id->string,
3920 role->string, reconfig)) {
3921 wpa_printf(MSG_DEBUG,
3922 "DPP: Compatible group/netRole in own connector");
3923 return 1;
3924 }
3925 }
3926
3927 return 0;
3928 }
3929
3930
dpp_parse_own_connector(const char * own_connector)3931 struct json_token * dpp_parse_own_connector(const char *own_connector)
3932 {
3933 unsigned char *own_conn;
3934 size_t own_conn_len;
3935 const char *pos, *end;
3936 struct json_token *own_root;
3937
3938 pos = os_strchr(own_connector, '.');
3939 if (!pos) {
3940 wpa_printf(MSG_DEBUG, "DPP: Own connector is missing the first dot (.)");
3941 return NULL;
3942 }
3943 pos++;
3944 end = os_strchr(pos, '.');
3945 if (!end) {
3946 wpa_printf(MSG_DEBUG, "DPP: Own connector is missing the second dot (.)");
3947 return NULL;
3948 }
3949 own_conn = base64_url_decode(pos, end - pos, &own_conn_len);
3950 if (!own_conn) {
3951 wpa_printf(MSG_DEBUG,
3952 "DPP: Failed to base64url decode own signedConnector JWS Payload");
3953 return NULL;
3954 }
3955
3956 own_root = json_parse((const char *) own_conn, own_conn_len);
3957 os_free(own_conn);
3958 if (!own_root)
3959 wpa_printf(MSG_DEBUG, "DPP: Failed to parse local connector");
3960
3961 return own_root;
3962 }
3963
3964
3965 enum dpp_status_error
dpp_peer_intro(struct dpp_introduction * intro,const char * own_connector,const u8 * net_access_key,size_t net_access_key_len,const u8 * csign_key,size_t csign_key_len,const u8 * peer_connector,size_t peer_connector_len,os_time_t * expiry)3966 dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
3967 const u8 *net_access_key, size_t net_access_key_len,
3968 const u8 *csign_key, size_t csign_key_len,
3969 const u8 *peer_connector, size_t peer_connector_len,
3970 os_time_t *expiry)
3971 {
3972 struct json_token *root = NULL, *netkey, *token;
3973 struct json_token *own_root = NULL;
3974 enum dpp_status_error ret = 255, res;
3975 struct crypto_ec_key *own_key = NULL, *peer_key = NULL;
3976 struct wpabuf *own_key_pub = NULL;
3977 const struct dpp_curve_params *curve, *own_curve;
3978 struct dpp_signed_connector_info info;
3979 size_t Nx_len;
3980 u8 Nx[DPP_MAX_SHARED_SECRET_LEN];
3981
3982 os_memset(intro, 0, sizeof(*intro));
3983 os_memset(&info, 0, sizeof(info));
3984 if (expiry)
3985 *expiry = 0;
3986
3987 own_key = dpp_set_keypair(&own_curve, net_access_key,
3988 net_access_key_len);
3989 if (!own_key) {
3990 wpa_printf(MSG_ERROR, "DPP: Failed to parse own netAccessKey");
3991 goto fail;
3992 }
3993
3994 own_root = dpp_parse_own_connector(own_connector);
3995 if (!own_root)
3996 goto fail;
3997
3998 res = dpp_check_signed_connector(&info, csign_key, csign_key_len,
3999 peer_connector, peer_connector_len);
4000 if (res != DPP_STATUS_OK) {
4001 ret = res;
4002 goto fail;
4003 }
4004
4005 root = json_parse((const char *) info.payload, info.payload_len);
4006 if (!root) {
4007 wpa_printf(MSG_DEBUG, "DPP: JSON parsing of connector failed");
4008 ret = DPP_STATUS_INVALID_CONNECTOR;
4009 goto fail;
4010 }
4011
4012 if (!dpp_connector_match_groups(own_root, root, false)) {
4013 wpa_printf(MSG_DEBUG,
4014 "DPP: Peer connector does not include compatible group netrole with own connector");
4015 ret = DPP_STATUS_NO_MATCH;
4016 goto fail;
4017 }
4018
4019 token = json_get_member(root, "expiry");
4020 if (!token || token->type != JSON_STRING) {
4021 wpa_printf(MSG_DEBUG,
4022 "DPP: No expiry string found - connector does not expire");
4023 } else {
4024 wpa_printf(MSG_DEBUG, "DPP: expiry = %s", token->string);
4025 if (dpp_key_expired(token->string, expiry)) {
4026 wpa_printf(MSG_DEBUG,
4027 "DPP: Connector (netAccessKey) has expired");
4028 ret = DPP_STATUS_INVALID_CONNECTOR;
4029 goto fail;
4030 }
4031 }
4032
4033 #ifdef CONFIG_DPP3
4034 token = json_get_member(root, "version");
4035 if (token && token->type == JSON_NUMBER) {
4036 wpa_printf(MSG_DEBUG, "DPP: version = %d", token->number);
4037 intro->peer_version = token->number;
4038 }
4039 #endif /* CONFIG_DPP3 */
4040
4041 netkey = json_get_member(root, "netAccessKey");
4042 if (!netkey || netkey->type != JSON_OBJECT) {
4043 wpa_printf(MSG_DEBUG, "DPP: No netAccessKey object found");
4044 ret = DPP_STATUS_INVALID_CONNECTOR;
4045 goto fail;
4046 }
4047
4048 peer_key = dpp_parse_jwk(netkey, &curve);
4049 if (!peer_key) {
4050 ret = DPP_STATUS_INVALID_CONNECTOR;
4051 goto fail;
4052 }
4053 dpp_debug_print_key("DPP: Received netAccessKey", peer_key);
4054
4055 if (own_curve != curve) {
4056 wpa_printf(MSG_DEBUG,
4057 "DPP: Mismatching netAccessKey curves (%s != %s)",
4058 own_curve->name, curve->name);
4059 ret = DPP_STATUS_INVALID_CONNECTOR;
4060 goto fail;
4061 }
4062
4063 /* ECDH: N = nk * PK */
4064 if (dpp_ecdh(own_key, peer_key, Nx, &Nx_len) < 0)
4065 goto fail;
4066
4067 wpa_hexdump_key(MSG_DEBUG, "DPP: ECDH shared secret (N.x)",
4068 Nx, Nx_len);
4069
4070 /* PMK = HKDF(<>, "DPP PMK", N.x) */
4071 if (dpp_derive_pmk(Nx, Nx_len, intro->pmk, curve->hash_len) < 0) {
4072 wpa_printf(MSG_ERROR, "DPP: Failed to derive PMK");
4073 goto fail;
4074 }
4075 intro->pmk_len = curve->hash_len;
4076
4077 /* PMKID = Truncate-128(H(min(NK.x, PK.x) | max(NK.x, PK.x))) */
4078 if (dpp_derive_pmkid(curve, own_key, peer_key, intro->pmkid) < 0) {
4079 wpa_printf(MSG_ERROR, "DPP: Failed to derive PMKID");
4080 goto fail;
4081 }
4082
4083 ret = DPP_STATUS_OK;
4084 fail:
4085 if (ret != DPP_STATUS_OK)
4086 os_memset(intro, 0, sizeof(*intro));
4087 os_memset(Nx, 0, sizeof(Nx));
4088 os_free(info.payload);
4089 crypto_ec_key_deinit(own_key);
4090 wpabuf_free(own_key_pub);
4091 crypto_ec_key_deinit(peer_key);
4092 json_free(root);
4093 json_free(own_root);
4094 return ret;
4095 }
4096
4097
4098 #ifdef CONFIG_DPP3
dpp_get_connector_version(const char * connector)4099 int dpp_get_connector_version(const char *connector)
4100 {
4101 struct json_token *root, *token;
4102 int ver = -1;
4103
4104 root = dpp_parse_own_connector(connector);
4105 if (!root)
4106 return -1;
4107
4108 token = json_get_member(root, "version");
4109 if (token && token->type == JSON_NUMBER)
4110 ver = token->number;
4111
4112 json_free(root);
4113 return ver;
4114 }
4115 #endif /* CONFIG_DPP3 */
4116
4117
dpp_next_id(struct dpp_global * dpp)4118 unsigned int dpp_next_id(struct dpp_global *dpp)
4119 {
4120 struct dpp_bootstrap_info *bi;
4121 unsigned int max_id = 0;
4122
4123 dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
4124 if (bi->id > max_id)
4125 max_id = bi->id;
4126 }
4127 return max_id + 1;
4128 }
4129
4130
dpp_bootstrap_del(struct dpp_global * dpp,unsigned int id)4131 static int dpp_bootstrap_del(struct dpp_global *dpp, unsigned int id)
4132 {
4133 struct dpp_bootstrap_info *bi, *tmp;
4134 int found = 0;
4135
4136 if (!dpp)
4137 return -1;
4138
4139 dl_list_for_each_safe(bi, tmp, &dpp->bootstrap,
4140 struct dpp_bootstrap_info, list) {
4141 if (id && bi->id != id)
4142 continue;
4143 found = 1;
4144 #ifdef CONFIG_DPP2
4145 if (dpp->remove_bi)
4146 dpp->remove_bi(dpp->cb_ctx, bi);
4147 #endif /* CONFIG_DPP2 */
4148 dl_list_del(&bi->list);
4149 dpp_bootstrap_info_free(bi);
4150 }
4151
4152 if (id == 0)
4153 return 0; /* flush succeeds regardless of entries found */
4154 return found ? 0 : -1;
4155 }
4156
4157
dpp_add_qr_code(struct dpp_global * dpp,const char * uri)4158 struct dpp_bootstrap_info * dpp_add_qr_code(struct dpp_global *dpp,
4159 const char *uri)
4160 {
4161 struct dpp_bootstrap_info *bi;
4162
4163 if (!dpp)
4164 return NULL;
4165
4166 bi = dpp_parse_uri(uri);
4167 if (!bi)
4168 return NULL;
4169
4170 bi->type = DPP_BOOTSTRAP_QR_CODE;
4171 bi->id = dpp_next_id(dpp);
4172 dl_list_add(&dpp->bootstrap, &bi->list);
4173 return bi;
4174 }
4175
4176
dpp_add_nfc_uri(struct dpp_global * dpp,const char * uri)4177 struct dpp_bootstrap_info * dpp_add_nfc_uri(struct dpp_global *dpp,
4178 const char *uri)
4179 {
4180 struct dpp_bootstrap_info *bi;
4181
4182 if (!dpp)
4183 return NULL;
4184
4185 bi = dpp_parse_uri(uri);
4186 if (!bi)
4187 return NULL;
4188
4189 bi->type = DPP_BOOTSTRAP_NFC_URI;
4190 bi->id = dpp_next_id(dpp);
4191 dl_list_add(&dpp->bootstrap, &bi->list);
4192 return bi;
4193 }
4194
4195
dpp_parse_supported_curves_list(struct dpp_bootstrap_info * bi,char * txt)4196 static int dpp_parse_supported_curves_list(struct dpp_bootstrap_info *bi,
4197 char *txt)
4198 {
4199 char *token, *context = NULL;
4200 u8 curves = 0;
4201
4202 if (!txt)
4203 return 0;
4204
4205 while ((token = str_token(txt, ":", &context))) {
4206 if (os_strcmp(token, "P-256") == 0) {
4207 curves |= BIT(DPP_BOOTSTRAP_CURVE_P_256);
4208 } else if (os_strcmp(token, "P-384") == 0) {
4209 curves |= BIT(DPP_BOOTSTRAP_CURVE_P_384);
4210 } else if (os_strcmp(token, "P-521") == 0) {
4211 curves |= BIT(DPP_BOOTSTRAP_CURVE_P_521);
4212 } else if (os_strcmp(token, "BP-256") == 0) {
4213 curves |= BIT(DPP_BOOTSTRAP_CURVE_BP_256);
4214 } else if (os_strcmp(token, "BP-384") == 0) {
4215 curves |= BIT(DPP_BOOTSTRAP_CURVE_BP_384);
4216 } else if (os_strcmp(token, "BP-512") == 0) {
4217 curves |= BIT(DPP_BOOTSTRAP_CURVE_BP_512);
4218 } else {
4219 wpa_printf(MSG_DEBUG, "DPP: Unsupported curve '%s'",
4220 token);
4221 return -1;
4222 }
4223 }
4224 bi->supported_curves = curves;
4225
4226 wpa_printf(MSG_DEBUG, "DPP: URI supported curves: 0x%x",
4227 bi->supported_curves);
4228
4229 return 0;
4230 }
4231
4232
dpp_bootstrap_gen(struct dpp_global * dpp,const char * cmd)4233 int dpp_bootstrap_gen(struct dpp_global *dpp, const char *cmd)
4234 {
4235 char *mac = NULL, *info = NULL, *curve = NULL;
4236 char *key = NULL, *supported_curves = NULL;
4237 u8 *privkey = NULL;
4238 size_t privkey_len = 0;
4239 int ret = -1;
4240 struct dpp_bootstrap_info *bi;
4241
4242 if (!dpp)
4243 return -1;
4244
4245 bi = os_zalloc(sizeof(*bi));
4246 if (!bi)
4247 goto fail;
4248
4249 if (os_strstr(cmd, "type=qrcode"))
4250 bi->type = DPP_BOOTSTRAP_QR_CODE;
4251 else if (os_strstr(cmd, "type=pkex"))
4252 bi->type = DPP_BOOTSTRAP_PKEX;
4253 else if (os_strstr(cmd, "type=nfc-uri"))
4254 bi->type = DPP_BOOTSTRAP_NFC_URI;
4255 else
4256 goto fail;
4257
4258 bi->chan = get_param(cmd, " chan=");
4259 mac = get_param(cmd, " mac=");
4260 info = get_param(cmd, " info=");
4261 curve = get_param(cmd, " curve=");
4262 key = get_param(cmd, " key=");
4263 supported_curves = get_param(cmd, " supported_curves=");
4264
4265 if (key) {
4266 privkey_len = os_strlen(key) / 2;
4267 privkey = os_malloc(privkey_len);
4268 if (!privkey ||
4269 hexstr2bin(key, privkey, privkey_len) < 0)
4270 goto fail;
4271 }
4272
4273 if (dpp_keygen(bi, curve, privkey, privkey_len) < 0 ||
4274 dpp_parse_uri_chan_list(bi, bi->chan) < 0 ||
4275 dpp_parse_uri_mac(bi, mac) < 0 ||
4276 dpp_parse_uri_info(bi, info) < 0 ||
4277 dpp_parse_supported_curves_list(bi, supported_curves) < 0 ||
4278 dpp_gen_uri(bi) < 0)
4279 goto fail;
4280
4281 bi->id = dpp_next_id(dpp);
4282 dl_list_add(&dpp->bootstrap, &bi->list);
4283 ret = bi->id;
4284 bi = NULL;
4285 fail:
4286 os_free(curve);
4287 os_free(mac);
4288 os_free(info);
4289 str_clear_free(key);
4290 os_free(supported_curves);
4291 bin_clear_free(privkey, privkey_len);
4292 dpp_bootstrap_info_free(bi);
4293 return ret;
4294 }
4295
4296
4297 struct dpp_bootstrap_info *
dpp_bootstrap_get_id(struct dpp_global * dpp,unsigned int id)4298 dpp_bootstrap_get_id(struct dpp_global *dpp, unsigned int id)
4299 {
4300 struct dpp_bootstrap_info *bi;
4301
4302 if (!dpp)
4303 return NULL;
4304
4305 dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
4306 if (bi->id == id)
4307 return bi;
4308 }
4309 return NULL;
4310 }
4311
4312
dpp_bootstrap_remove(struct dpp_global * dpp,const char * id)4313 int dpp_bootstrap_remove(struct dpp_global *dpp, const char *id)
4314 {
4315 unsigned int id_val;
4316
4317 if (os_strcmp(id, "*") == 0) {
4318 id_val = 0;
4319 } else {
4320 id_val = atoi(id);
4321 if (id_val == 0)
4322 return -1;
4323 }
4324
4325 return dpp_bootstrap_del(dpp, id_val);
4326 }
4327
4328
dpp_bootstrap_get_uri(struct dpp_global * dpp,unsigned int id)4329 const char * dpp_bootstrap_get_uri(struct dpp_global *dpp, unsigned int id)
4330 {
4331 struct dpp_bootstrap_info *bi;
4332
4333 bi = dpp_bootstrap_get_id(dpp, id);
4334 if (!bi)
4335 return NULL;
4336 return bi->uri;
4337 }
4338
4339
dpp_bootstrap_info(struct dpp_global * dpp,int id,char * reply,int reply_size)4340 int dpp_bootstrap_info(struct dpp_global *dpp, int id,
4341 char *reply, int reply_size)
4342 {
4343 struct dpp_bootstrap_info *bi;
4344 char pkhash[2 * SHA256_MAC_LEN + 1];
4345 char supp_curves[100];
4346
4347 bi = dpp_bootstrap_get_id(dpp, id);
4348 if (!bi)
4349 return -1;
4350 wpa_snprintf_hex(pkhash, sizeof(pkhash), bi->pubkey_hash,
4351 SHA256_MAC_LEN);
4352
4353 supp_curves[0] = '\0';
4354 if (bi->supported_curves) {
4355 int ret;
4356 size_t i;
4357 char *pos = supp_curves;
4358 char *end = &supp_curves[sizeof(supp_curves)];
4359 const char *curve[6] = { "P-256", "P-384", "P-521",
4360 "BP-256", "BP-384", "BP-512" };
4361
4362 ret = os_snprintf(pos, end - pos, "supp_curves=");
4363 if (os_snprintf_error(end - pos, ret))
4364 return -1;
4365 pos += ret;
4366
4367 for (i = 0; i < ARRAY_SIZE(curve); i++) {
4368 if (!(bi->supported_curves & BIT(i)))
4369 continue;
4370 ret = os_snprintf(pos, end - pos, "%s:", curve[i]);
4371 if (os_snprintf_error(end - pos, ret))
4372 return -1;
4373 pos += ret;
4374 }
4375
4376 if (pos[-1] == ':')
4377 pos[-1] = '\n';
4378 else
4379 supp_curves[0] = '\0';
4380 }
4381
4382 return os_snprintf(reply, reply_size, "type=%s\n"
4383 "mac_addr=" MACSTR "\n"
4384 "info=%s\n"
4385 "num_freq=%u\n"
4386 "use_freq=%u\n"
4387 "curve=%s\n"
4388 "pkhash=%s\n"
4389 "version=%d\n%s",
4390 dpp_bootstrap_type_txt(bi->type),
4391 MAC2STR(bi->mac_addr),
4392 bi->info ? bi->info : "",
4393 bi->num_freq,
4394 bi->num_freq == 1 ? bi->freq[0] : 0,
4395 bi->curve->name,
4396 pkhash,
4397 bi->version,
4398 supp_curves);
4399 }
4400
4401
dpp_bootstrap_set(struct dpp_global * dpp,int id,const char * params)4402 int dpp_bootstrap_set(struct dpp_global *dpp, int id, const char *params)
4403 {
4404 struct dpp_bootstrap_info *bi;
4405
4406 bi = dpp_bootstrap_get_id(dpp, id);
4407 if (!bi)
4408 return -1;
4409
4410 str_clear_free(bi->configurator_params);
4411
4412 if (params) {
4413 bi->configurator_params = os_strdup(params);
4414 return bi->configurator_params ? 0 : -1;
4415 }
4416
4417 bi->configurator_params = NULL;
4418 return 0;
4419 }
4420
4421
dpp_bootstrap_find_pair(struct dpp_global * dpp,const u8 * i_bootstrap,const u8 * r_bootstrap,struct dpp_bootstrap_info ** own_bi,struct dpp_bootstrap_info ** peer_bi)4422 void dpp_bootstrap_find_pair(struct dpp_global *dpp, const u8 *i_bootstrap,
4423 const u8 *r_bootstrap,
4424 struct dpp_bootstrap_info **own_bi,
4425 struct dpp_bootstrap_info **peer_bi)
4426 {
4427 struct dpp_bootstrap_info *bi;
4428
4429 *own_bi = NULL;
4430 *peer_bi = NULL;
4431 if (!dpp)
4432 return;
4433
4434 dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
4435 if (!*own_bi && bi->own &&
4436 os_memcmp(bi->pubkey_hash, r_bootstrap,
4437 SHA256_MAC_LEN) == 0) {
4438 wpa_printf(MSG_DEBUG,
4439 "DPP: Found matching own bootstrapping information");
4440 *own_bi = bi;
4441 }
4442
4443 if (!*peer_bi && !bi->own &&
4444 os_memcmp(bi->pubkey_hash, i_bootstrap,
4445 SHA256_MAC_LEN) == 0) {
4446 wpa_printf(MSG_DEBUG,
4447 "DPP: Found matching peer bootstrapping information");
4448 *peer_bi = bi;
4449 }
4450
4451 if (*own_bi && *peer_bi)
4452 break;
4453 }
4454 }
4455
4456
4457 #ifdef CONFIG_DPP2
dpp_bootstrap_find_chirp(struct dpp_global * dpp,const u8 * hash)4458 struct dpp_bootstrap_info * dpp_bootstrap_find_chirp(struct dpp_global *dpp,
4459 const u8 *hash)
4460 {
4461 struct dpp_bootstrap_info *bi;
4462
4463 if (!dpp)
4464 return NULL;
4465
4466 dl_list_for_each(bi, &dpp->bootstrap, struct dpp_bootstrap_info, list) {
4467 if (!bi->own && os_memcmp(bi->pubkey_hash_chirp, hash,
4468 SHA256_MAC_LEN) == 0)
4469 return bi;
4470 }
4471
4472 return NULL;
4473 }
4474 #endif /* CONFIG_DPP2 */
4475
4476
dpp_nfc_update_bi_channel(struct dpp_bootstrap_info * own_bi,struct dpp_bootstrap_info * peer_bi)4477 static int dpp_nfc_update_bi_channel(struct dpp_bootstrap_info *own_bi,
4478 struct dpp_bootstrap_info *peer_bi)
4479 {
4480 unsigned int i, freq = 0;
4481 enum hostapd_hw_mode mode;
4482 u8 op_class, channel;
4483 char chan[20];
4484
4485 if (peer_bi->num_freq == 0 && !peer_bi->channels_listed)
4486 return 0; /* no channel preference/constraint */
4487
4488 for (i = 0; i < peer_bi->num_freq; i++) {
4489 if ((own_bi->num_freq == 0 && !own_bi->channels_listed) ||
4490 freq_included(own_bi->freq, own_bi->num_freq,
4491 peer_bi->freq[i])) {
4492 freq = peer_bi->freq[i];
4493 break;
4494 }
4495 }
4496 if (!freq) {
4497 wpa_printf(MSG_DEBUG, "DPP: No common channel found");
4498 return -1;
4499 }
4500
4501 mode = ieee80211_freq_to_channel_ext(freq, 0, 0, &op_class, &channel);
4502 if (mode == NUM_HOSTAPD_MODES) {
4503 wpa_printf(MSG_DEBUG,
4504 "DPP: Could not determine operating class or channel number for %u MHz",
4505 freq);
4506 }
4507
4508 wpa_printf(MSG_DEBUG,
4509 "DPP: Selected %u MHz (op_class %u channel %u) as the negotiation channel based on information from NFC negotiated handover",
4510 freq, op_class, channel);
4511 os_snprintf(chan, sizeof(chan), "%u/%u", op_class, channel);
4512 os_free(own_bi->chan);
4513 own_bi->chan = os_strdup(chan);
4514 own_bi->freq[0] = freq;
4515 own_bi->num_freq = 1;
4516 os_free(peer_bi->chan);
4517 peer_bi->chan = os_strdup(chan);
4518 peer_bi->freq[0] = freq;
4519 peer_bi->num_freq = 1;
4520
4521 return dpp_gen_uri(own_bi);
4522 }
4523
4524
dpp_nfc_update_bi_key(struct dpp_bootstrap_info * own_bi,struct dpp_bootstrap_info * peer_bi)4525 static int dpp_nfc_update_bi_key(struct dpp_bootstrap_info *own_bi,
4526 struct dpp_bootstrap_info *peer_bi)
4527 {
4528 if (peer_bi->curve == own_bi->curve)
4529 return 0;
4530
4531 wpa_printf(MSG_DEBUG,
4532 "DPP: Update own bootstrapping key to match peer curve from NFC handover");
4533
4534 crypto_ec_key_deinit(own_bi->pubkey);
4535 own_bi->pubkey = NULL;
4536
4537 if (dpp_keygen(own_bi, peer_bi->curve->name, NULL, 0) < 0 ||
4538 dpp_gen_uri(own_bi) < 0)
4539 goto fail;
4540
4541 return 0;
4542 fail:
4543 dl_list_del(&own_bi->list);
4544 dpp_bootstrap_info_free(own_bi);
4545 return -1;
4546 }
4547
4548
dpp_nfc_update_bi(struct dpp_bootstrap_info * own_bi,struct dpp_bootstrap_info * peer_bi)4549 int dpp_nfc_update_bi(struct dpp_bootstrap_info *own_bi,
4550 struct dpp_bootstrap_info *peer_bi)
4551 {
4552 if (dpp_nfc_update_bi_channel(own_bi, peer_bi) < 0 ||
4553 dpp_nfc_update_bi_key(own_bi, peer_bi) < 0)
4554 return -1;
4555 return 0;
4556 }
4557
4558
dpp_next_configurator_id(struct dpp_global * dpp)4559 static unsigned int dpp_next_configurator_id(struct dpp_global *dpp)
4560 {
4561 struct dpp_configurator *conf;
4562 unsigned int max_id = 0;
4563
4564 dl_list_for_each(conf, &dpp->configurator, struct dpp_configurator,
4565 list) {
4566 if (conf->id > max_id)
4567 max_id = conf->id;
4568 }
4569 return max_id + 1;
4570 }
4571
4572
dpp_configurator_add(struct dpp_global * dpp,const char * cmd)4573 int dpp_configurator_add(struct dpp_global *dpp, const char *cmd)
4574 {
4575 char *curve;
4576 char *key = NULL, *ppkey = NULL;
4577 u8 *privkey = NULL, *pp_key = NULL;
4578 size_t privkey_len = 0, pp_key_len = 0;
4579 int ret = -1;
4580 struct dpp_configurator *conf = NULL;
4581 const struct dpp_curve_params *net_access_key_curve = NULL;
4582
4583 curve = get_param(cmd, " net_access_key_curve=");
4584 if (curve) {
4585 net_access_key_curve = dpp_get_curve_name(curve);
4586 if (!net_access_key_curve) {
4587 wpa_printf(MSG_DEBUG,
4588 "DPP: Unsupported net_access_key_curve: %s",
4589 curve);
4590 goto fail;
4591 }
4592 os_free(curve);
4593 }
4594
4595 curve = get_param(cmd, " curve=");
4596 key = get_param(cmd, " key=");
4597 ppkey = get_param(cmd, " ppkey=");
4598
4599 if (key) {
4600 privkey_len = os_strlen(key) / 2;
4601 privkey = os_malloc(privkey_len);
4602 if (!privkey ||
4603 hexstr2bin(key, privkey, privkey_len) < 0)
4604 goto fail;
4605 }
4606
4607 if (ppkey) {
4608 pp_key_len = os_strlen(ppkey) / 2;
4609 pp_key = os_malloc(pp_key_len);
4610 if (!pp_key ||
4611 hexstr2bin(ppkey, pp_key, pp_key_len) < 0)
4612 goto fail;
4613 }
4614
4615 conf = dpp_keygen_configurator(curve, privkey, privkey_len,
4616 pp_key, pp_key_len);
4617 if (!conf)
4618 goto fail;
4619
4620 conf->net_access_key_curve = net_access_key_curve;
4621 conf->id = dpp_next_configurator_id(dpp);
4622 dl_list_add(&dpp->configurator, &conf->list);
4623 ret = conf->id;
4624 conf = NULL;
4625 fail:
4626 os_free(curve);
4627 str_clear_free(key);
4628 str_clear_free(ppkey);
4629 bin_clear_free(privkey, privkey_len);
4630 bin_clear_free(pp_key, pp_key_len);
4631 dpp_configurator_free(conf);
4632 return ret;
4633 }
4634
4635
dpp_configurator_set(struct dpp_global * dpp,const char * cmd)4636 int dpp_configurator_set(struct dpp_global *dpp, const char *cmd)
4637 {
4638 unsigned int id;
4639 struct dpp_configurator *conf;
4640 char *curve;
4641
4642 id = atoi(cmd);
4643 conf = dpp_configurator_get_id(dpp, id);
4644 if (!conf)
4645 return -1;
4646
4647 curve = get_param(cmd, " net_access_key_curve=");
4648 if (curve) {
4649 const struct dpp_curve_params *net_access_key_curve;
4650
4651 net_access_key_curve = dpp_get_curve_name(curve);
4652 os_free(curve);
4653 if (!net_access_key_curve)
4654 return -1;
4655 conf->net_access_key_curve = net_access_key_curve;
4656 }
4657
4658 return 0;
4659 }
4660
4661
dpp_configurator_del(struct dpp_global * dpp,unsigned int id)4662 static int dpp_configurator_del(struct dpp_global *dpp, unsigned int id)
4663 {
4664 struct dpp_configurator *conf, *tmp;
4665 int found = 0;
4666
4667 if (!dpp)
4668 return -1;
4669
4670 dl_list_for_each_safe(conf, tmp, &dpp->configurator,
4671 struct dpp_configurator, list) {
4672 if (id && conf->id != id)
4673 continue;
4674 found = 1;
4675 dl_list_del(&conf->list);
4676 dpp_configurator_free(conf);
4677 }
4678
4679 if (id == 0)
4680 return 0; /* flush succeeds regardless of entries found */
4681 return found ? 0 : -1;
4682 }
4683
4684
dpp_configurator_remove(struct dpp_global * dpp,const char * id)4685 int dpp_configurator_remove(struct dpp_global *dpp, const char *id)
4686 {
4687 unsigned int id_val;
4688
4689 if (os_strcmp(id, "*") == 0) {
4690 id_val = 0;
4691 } else {
4692 id_val = atoi(id);
4693 if (id_val == 0)
4694 return -1;
4695 }
4696
4697 return dpp_configurator_del(dpp, id_val);
4698 }
4699
4700
dpp_configurator_get_key_id(struct dpp_global * dpp,unsigned int id,char * buf,size_t buflen)4701 int dpp_configurator_get_key_id(struct dpp_global *dpp, unsigned int id,
4702 char *buf, size_t buflen)
4703 {
4704 struct dpp_configurator *conf;
4705
4706 conf = dpp_configurator_get_id(dpp, id);
4707 if (!conf)
4708 return -1;
4709
4710 return dpp_configurator_get_key(conf, buf, buflen);
4711 }
4712
4713
4714 #ifdef CONFIG_DPP2
4715
dpp_configurator_from_backup(struct dpp_global * dpp,struct dpp_asymmetric_key * key)4716 int dpp_configurator_from_backup(struct dpp_global *dpp,
4717 struct dpp_asymmetric_key *key)
4718 {
4719 struct dpp_configurator *conf;
4720 const struct dpp_curve_params *curve, *curve_pp;
4721
4722 if (!key->csign || !key->pp_key)
4723 return -1;
4724
4725 curve = dpp_get_curve_ike_group(crypto_ec_key_group(key->csign));
4726 if (!curve) {
4727 wpa_printf(MSG_INFO, "DPP: Unsupported group in c-sign-key");
4728 return -1;
4729 }
4730
4731 curve_pp = dpp_get_curve_ike_group(crypto_ec_key_group(key->pp_key));
4732 if (!curve_pp) {
4733 wpa_printf(MSG_INFO, "DPP: Unsupported group in ppKey");
4734 return -1;
4735 }
4736
4737 if (curve != curve_pp) {
4738 wpa_printf(MSG_INFO,
4739 "DPP: Mismatch in c-sign-key and ppKey groups");
4740 return -1;
4741 }
4742
4743 conf = os_zalloc(sizeof(*conf));
4744 if (!conf)
4745 return -1;
4746 conf->curve = curve;
4747 conf->csign = key->csign;
4748 key->csign = NULL;
4749 conf->pp_key = key->pp_key;
4750 key->pp_key = NULL;
4751 conf->own = 1;
4752 if (dpp_configurator_gen_kid(conf) < 0) {
4753 dpp_configurator_free(conf);
4754 return -1;
4755 }
4756
4757 conf->id = dpp_next_configurator_id(dpp);
4758 dl_list_add(&dpp->configurator, &conf->list);
4759 return conf->id;
4760 }
4761
4762
dpp_configurator_find_kid(struct dpp_global * dpp,const u8 * kid)4763 struct dpp_configurator * dpp_configurator_find_kid(struct dpp_global *dpp,
4764 const u8 *kid)
4765 {
4766 struct dpp_configurator *conf;
4767
4768 if (!dpp)
4769 return NULL;
4770
4771 dl_list_for_each(conf, &dpp->configurator,
4772 struct dpp_configurator, list) {
4773 if (os_memcmp(conf->kid_hash, kid, SHA256_MAC_LEN) == 0)
4774 return conf;
4775 }
4776 return NULL;
4777 }
4778
4779 #endif /* CONFIG_DPP2 */
4780
4781
dpp_global_init(struct dpp_global_config * config)4782 struct dpp_global * dpp_global_init(struct dpp_global_config *config)
4783 {
4784 struct dpp_global *dpp;
4785
4786 dpp = os_zalloc(sizeof(*dpp));
4787 if (!dpp)
4788 return NULL;
4789 #ifdef CONFIG_DPP2
4790 dpp->cb_ctx = config->cb_ctx;
4791 dpp->remove_bi = config->remove_bi;
4792 #endif /* CONFIG_DPP2 */
4793
4794 dl_list_init(&dpp->bootstrap);
4795 dl_list_init(&dpp->configurator);
4796 #ifdef CONFIG_DPP2
4797 dl_list_init(&dpp->controllers);
4798 dl_list_init(&dpp->tcp_init);
4799 #endif /* CONFIG_DPP2 */
4800
4801 return dpp;
4802 }
4803
4804
dpp_global_clear(struct dpp_global * dpp)4805 void dpp_global_clear(struct dpp_global *dpp)
4806 {
4807 if (!dpp)
4808 return;
4809
4810 dpp_bootstrap_del(dpp, 0);
4811 dpp_configurator_del(dpp, 0);
4812 #ifdef CONFIG_DPP2
4813 dpp_tcp_init_flush(dpp);
4814 dpp_relay_flush_controllers(dpp);
4815 dpp_controller_stop(dpp);
4816 #endif /* CONFIG_DPP2 */
4817 }
4818
4819
dpp_global_deinit(struct dpp_global * dpp)4820 void dpp_global_deinit(struct dpp_global *dpp)
4821 {
4822 dpp_global_clear(dpp);
4823 os_free(dpp);
4824 }
4825
4826
4827 #ifdef CONFIG_DPP2
4828
dpp_build_presence_announcement(struct dpp_bootstrap_info * bi)4829 struct wpabuf * dpp_build_presence_announcement(struct dpp_bootstrap_info *bi)
4830 {
4831 struct wpabuf *msg;
4832
4833 wpa_printf(MSG_DEBUG, "DPP: Build Presence Announcement frame");
4834
4835 msg = dpp_alloc_msg(DPP_PA_PRESENCE_ANNOUNCEMENT, 4 + SHA256_MAC_LEN);
4836 if (!msg)
4837 return NULL;
4838
4839 /* Responder Bootstrapping Key Hash */
4840 dpp_build_attr_r_bootstrap_key_hash(msg, bi->pubkey_hash_chirp);
4841 wpa_hexdump_buf(MSG_DEBUG,
4842 "DPP: Presence Announcement frame attributes", msg);
4843 return msg;
4844 }
4845
4846
dpp_notify_chirp_received(void * msg_ctx,int id,const u8 * src,unsigned int freq,const u8 * hash)4847 void dpp_notify_chirp_received(void *msg_ctx, int id, const u8 *src,
4848 unsigned int freq, const u8 *hash)
4849 {
4850 char hex[SHA256_MAC_LEN * 2 + 1];
4851
4852 wpa_snprintf_hex(hex, sizeof(hex), hash, SHA256_MAC_LEN);
4853 wpa_msg(msg_ctx, MSG_INFO,
4854 DPP_EVENT_CHIRP_RX "id=%d src=" MACSTR " freq=%u hash=%s",
4855 id, MAC2STR(src), freq, hex);
4856 }
4857
4858 #endif /* CONFIG_DPP2 */
4859