SAE: Notify WRONG Key when Confirm mismatch

[Jouni Malinen]

On Tue, Sep 01, 2020 at 04:53:02PM +0800, Ouden.Biz Lin wrote:
> I have a question about the WRONG Key.
> In WPA2-PSK case, that has the WRONG Key message to notify user.
> But, In WPA3-SAE, no message to notify user.
> 
> I check the flow,
> When I use the wrong key to connect AP.
> AP will get the Confirm mismatch and send the Confirm with status (1) to STA.

That may be implementation specific behavior. Status code 1 does not
indicate that the password is wrong. It should also be noted that the AP
may end up sending its Confirm message before the STA.

> So, I added some checks to send the "WRONG Key" as below.
> Can somebody help to review and comment on it ?

> diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
> @@ -1222,6 +1222,10 @@ void sme_external_auth_mgmt_rx(struct
> wpa_supplicant *wpa_s,
>   header->u.auth.variable,
>   len - auth_length, 1, header->sa);
>   if (res < 0) {
> + if ((le_to_host16(header->u.auth.auth_transaction) == 2)
> + && (le_to_host16(header->u.auth.status_code) == 1)) {
> + wpas_auth_failed(wpa_s, "WRONG_KEY");
> + }

This is not a robust way of determining that the password was wrong
since that is only one possible trigger for status code 1 (unspecified
failure). Furthermore, this would not trigger for all cases where the
password is wrong. SAE authentication does not provide any specific
indication for incorrect password.

-- 
Jouni Malinen                                            PGP id EFC895FA