fix(esp_wifi): Recompute keys in OWE if AP does not include PMKID in assoc response

This commit is contained in:
Shyamal Khachane 2024-07-16 11:09:44 +05:30 committed by BOT
parent dcb34c5ffa
commit 4e3951a587

View File

@ -2868,7 +2868,8 @@ int owe_process_assoc_resp(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_i
struct wpa_sm *sm;
sm = get_wpa_sm();
wpabuf_free(sm->owe_ie); //free the dh ie constructed in owe_build_assoc_req
/* Deallocate the dh ie buffer constructed in owe_build_assoc_req */
wpabuf_free(sm->owe_ie);
sm->owe_ie = NULL;
struct wpa_ie_data *parsed_rsn_data;
@ -2882,19 +2883,33 @@ int owe_process_assoc_resp(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_i
goto fail;
}
if (dh_ie && MIN_DH_LEN(dh_len)) {
wpa_printf(MSG_ERROR, "OWE: Invalid Diffie Hellman IE");
goto fail;
}
if (!dh_ie && parsed_rsn_data->num_pmkid == 0) {
wpa_printf(MSG_ERROR, "OWE: Assoc response should either have pmkid or DH IE");
goto fail;
}
if (!sm->cur_pmksa) { /* No PMK caching */
/* Check for PMK caching */
if (sm->cur_pmksa && parsed_rsn_data && parsed_rsn_data->num_pmkid == 1 && parsed_rsn_data->pmkid) {
if (os_memcmp(parsed_rsn_data->pmkid, sm->cur_pmksa->pmkid, OWE_PMKID_LEN) == 0) {
wpa_printf(MSG_DEBUG, "OWE: Using PMK caching");
wpa_sm_set_pmk_from_pmksa(sm);
goto done;
} else {
/* If PMKID mismatches, derive keys again */
wpa_printf(MSG_DEBUG, "OWE : Invalid PMKID in response");
}
}
if (dh_ie == NULL) {
wpa_printf(MSG_ERROR, "OWE: No Diffie Hellman IE in association response");
goto fail;
}
if (dh_ie && MIN_DH_LEN(dh_len)) {
wpa_printf(MSG_ERROR, "OWE: Invalid Diffie Hellman IE");
goto fail;
}
/* If STA or AP does not have PMKID, or PMKID mismatches, proceed with normal association */
dh_len += 2;
dh_ie += 3;
@ -2921,7 +2936,6 @@ int owe_process_assoc_resp(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_i
pub = crypto_ecdh_get_pubkey(sm->owe_ecdh, 0);
if (!pub) {
wpa_printf(MSG_ERROR, "No own public key");
wpabuf_free(sh_secret);
goto fail;
}
@ -2939,9 +2953,15 @@ int owe_process_assoc_resp(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_i
hash_len = SHA256_MAC_LEN;
pub = wpabuf_zeropad(pub, prime_len);
if (!pub) {
goto fail;
}
/* prk = HKDF-extract(C | A | group, z) */
hkey = wpabuf_alloc(wpabuf_len(pub) + dh_len - 2 + 2);
if (!hkey) {
goto fail;
}
wpabuf_put_buf(hkey, pub); /* C */
wpabuf_free(pub);
@ -2957,7 +2977,7 @@ int owe_process_assoc_resp(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_i
hash_len = SHA256_MAC_LEN;
wpabuf_free(hkey);
wpabuf_free(sh_secret);
wpabuf_clear_free(sh_secret);
wpa_hexdump_key(MSG_DEBUG, "OWE: prk", prk, hash_len);
@ -2977,26 +2997,15 @@ int owe_process_assoc_resp(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_i
pmksa_cache_add(sm->pmksa, sm->pmk, sm->pmk_len, pmkid, NULL, 0,
sm->bssid, sm->own_addr, sm->network_ctx, sm->key_mgmt);
goto done;
} else { /* PMK caching */
if (parsed_rsn_data && sm->cur_pmksa) {
if (parsed_rsn_data->num_pmkid == 1 && parsed_rsn_data->pmkid) {
if (os_memcmp(parsed_rsn_data->pmkid, sm->cur_pmksa->pmkid, OWE_PMKID_LEN) == 0) {
wpa_printf(MSG_DEBUG, "OWE: Using PMK caching");
wpa_sm_set_pmk_from_pmksa(sm);
goto done;
} else {
wpa_printf(MSG_DEBUG, "OWE : Invalid PMKID in response");
goto fail;
}
}
}
}
done:
os_free(parsed_rsn_data);
return 0;
fail:
os_free(parsed_rsn_data);
wpabuf_free(pub);
wpabuf_free(hkey);
wpabuf_clear_free(sh_secret);
return -1;
}
#endif // CONFIG_OWE_STA