[PATCH v2 09/20] PASN: Add common authentication frame build/validation functions

Jouni Malinen j at w1.fi
Tue Jan 19 09:38:49 EST 2021 

On Wed, Dec 16, 2020 at 01:00:22PM +0200, Ilan Peer wrote:
> Add helper functions to construct a PASN authentication frame and
> validate its content, which are common to both wpa_supplicant and
> hostapd.

> diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
> +void wpa_pasn_add_parameter_ie(struct wpabuf *buf, u16 pasn_group,
> +			       u8 wrapped_data_format,
> +			       struct wpabuf *pubkey,
> +			       struct wpabuf *comeback, u16 after)

> +	if (comeback) {
> +		wpa_printf(MSG_DEBUG, "PASN: Adding comeback data");
> +
> +		/*
> +		 * 2 octets for the 'after' field + 1 octet for the length +
> +		 * actual cookie data
> +		 */
> +		params->len += 3 + wpabuf_len(comeback);
> +		params->control |= WPA_PASN_CTRL_COMEBACK_INFO_PRESENT;
> +
> +		wpabuf_put_le16(buf, after);

The Comeback After subfield is not included in frames sent by the non-AP
STA, so I'll extend this to accept after == -1 as a special case to
cover that.

> +	if (pubkey) {
> +		wpa_printf(MSG_DEBUG, "PASN: Adding public key");
> +
> +		/*
> +		 * 2 octets for the finite cyclic group + 2 octets public key
> +		 * length + the actual key
> +		 */
> +		params->len += 2 + 2 + wpabuf_len(pubkey);
> +		params->control |= WPA_PASN_CTRL_GROUP_AND_KEY_PRESENT;
> +
> +		wpabuf_put_le16(buf, pasn_group);
> +		wpabuf_put_le16(buf, wpabuf_len(pubkey));
> +		wpabuf_put_buf(buf, pubkey);

The Ephemeral Public Key Length field has size of one octet in
P802.11az/D2.6, so I'll update this to match.

> +int wpa_pasn_parse_parameter_ie(const u8 *data, u8 len,
> +				struct wpa_pasn_params_data *pasn_params)

> +	if (params->control & WPA_PASN_CTRL_COMEBACK_INFO_PRESENT) {
> +		if (len < 3 || len < *(pos + 2) + 3) {
> +			wpa_printf(MSG_DEBUG,
> +				   "PASN: Invalid parameters IE: comeback len");
> +			return -1;
> +		}
> +
> +		pasn_params->after = WPA_GET_LE16(pos);

Similar change here in parsing..

> +	if (params->control & WPA_PASN_CTRL_GROUP_AND_KEY_PRESENT) {
> +		if (len < 4 || len < WPA_GET_LE16(pos + 2) + 4) {

> +		pasn_params->group = WPA_GET_LE16(pos);
> +		pasn_params->pubkey_len = WPA_GET_LE16(pos + 2);

And here..

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list