aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2019-09-07 15:33:02 (GMT)
committerJouni Malinen <j@w1.fi>2019-10-14 16:38:41 (GMT)
commit86f6084862cd218d04b5213e7ac9df2e66ec138e (patch)
tree6ee137bbfee47a074437f44057a3dbfd4e478e0a
parent316156739c17624aa6c304111f7bc94ca54281dc (diff)
downloadhostap-86f6084862cd218d04b5213e7ac9df2e66ec138e.zip
hostap-86f6084862cd218d04b5213e7ac9df2e66ec138e.tar.gz
hostap-86f6084862cd218d04b5213e7ac9df2e66ec138e.tar.bz2
SAE: Tell sae_parse_commit() whether H2E is used
This will be needed to help parsing the received SAE commit. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-rw-r--r--src/ap/ieee802_11.c3
-rw-r--r--src/common/common_module_tests.c2
-rw-r--r--src/common/sae.c3
-rw-r--r--src/common/sae.h3
-rw-r--r--wpa_supplicant/sme.c3
5 files changed, 9 insertions, 5 deletions
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 0152cf5..b1d5208 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1139,7 +1139,8 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
resp = sae_parse_commit(sta->sae, mgmt->u.auth.variable,
((const u8 *) mgmt) + len -
mgmt->u.auth.variable, &token,
- &token_len, groups);
+ &token_len, groups, status_code ==
+ WLAN_STATUS_SAE_HASH_TO_ELEMENT);
if (resp == SAE_SILENTLY_DISCARD) {
wpa_printf(MSG_DEBUG,
"SAE: Drop commit message from " MACSTR " due to reflection attack",
diff --git a/src/common/common_module_tests.c b/src/common/common_module_tests.c
index 30c5247..0263709 100644
--- a/src/common/common_module_tests.c
+++ b/src/common/common_module_tests.c
@@ -377,7 +377,7 @@ static int sae_tests(void)
}
if (sae_parse_commit(&sae, peer_commit, sizeof(peer_commit), NULL, NULL,
- NULL) != 0 ||
+ NULL, 0) != 0 ||
sae_process_commit(&sae) < 0)
goto fail;
diff --git a/src/common/sae.c b/src/common/sae.c
index 3960914..30a5e18 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1099,7 +1099,8 @@ static int sae_parse_password_identifier(struct sae_data *sae,
u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
- const u8 **token, size_t *token_len, int *allowed_groups)
+ const u8 **token, size_t *token_len, int *allowed_groups,
+ int h2e)
{
const u8 *pos = data, *end = data + len;
u16 res;
diff --git a/src/common/sae.h b/src/common/sae.h
index 10f9302..ef7cf91 100644
--- a/src/common/sae.h
+++ b/src/common/sae.h
@@ -72,7 +72,8 @@ int sae_process_commit(struct sae_data *sae);
void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
const struct wpabuf *token, const char *identifier);
u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
- const u8 **token, size_t *token_len, int *allowed_groups);
+ const u8 **token, size_t *token_len, int *allowed_groups,
+ int h2e);
void sae_write_confirm(struct sae_data *sae, struct wpabuf *buf);
int sae_check_confirm(struct sae_data *sae, const u8 *data, size_t len);
u16 sae_group_allowed(struct sae_data *sae, int *allowed_groups, u16 group);
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index ad533a1..0e42542 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1150,7 +1150,8 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
if (groups && groups[0] <= 0)
groups = NULL;
res = sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL,
- groups);
+ groups, status_code ==
+ WLAN_STATUS_SAE_HASH_TO_ELEMENT);
if (res == SAE_SILENTLY_DISCARD) {
wpa_printf(MSG_DEBUG,
"SAE: Drop commit message due to reflection attack");