[PATCH] DPP: Convert AKM to PSK/SAE for legacy DPP1 client

Sat Feb 13 17:54:14 EST 2021

> That is unfortunate taken into account DPP AKM support in DPP (v1) is
> mandatory while support for DPP to provision SAE credential is not.

It is unfortunate. As a service provider this puts us in the difficult
position of having to
choose between adhering to the spec and supporting a flawed but
widespread implementation.

> What kind of a use case is this targeting? PSK+SAE+DPP enabled in
> Configurator for all Enrollees regardless of the Enrollee capabilities?

This is just targeting DPP1 Initiator-Enrollees. DPP1 does not support enrolling
additional configurators.

> At minimum, this should use DPP_AKM_PSK_SAE which was defined
> in DPP v1.

This is good feedback. I agree that DPP_AKM_PSK_SAE is a better option than
splitting into two cases. And Android supports SAE.

On Sat, Feb 13, 2021 at 2:30 PM Jouni Malinen <j at w1.fi> wrote:
>
> On Wed, Feb 10, 2021 at 05:04:38PM -0700, Wystan Schmidt wrote:
> > Currently, hostapd will convert a DPP2 Config object
> > to a DPP-only config for a legacy DPP1 client.
> >
> > However, Android 10+ phones, the only potential DPP1
> > clients (AFAIK), do not support the DPP-AKM and will fail
> > when given a DPP-AKM object.
>
> That is unfortunate taken into account DPP AKM support in DPP (v1) is
> mandatory while support for DPP to provision SAE credential is not.
>
> What kind of a use case is this targeting? PSK+SAE+DPP enabled in
> Configurator for all Enrollees regardless of the Enrollee capabilities?
>
> > diff --git a/src/common/dpp.c b/src/common/dpp.c
> > @@ -1450,9 +1450,15 @@ dpp_build_conf_obj_dpp(struct dpp_authentication *auth,
> >
> >         akm = conf->akm;
> >         if (dpp_akm_ver2(akm) && auth->peer_version < 2) {
> > -               wpa_printf(MSG_DEBUG,
> > -                          "DPP: Convert DPP+legacy credential to
> > DPP-only for peer that does not support version 2");
> > -               akm = DPP_AKM_DPP;
> > +               if (akm == DPP_AKM_PSK_SAE_DPP) {
> > +            wpa_printf(MSG_DEBUG,
> > +                   "DPP: Convert DPP+legacy credential to legacy
> > WPA2-PSK for peer that does not support version 2");
> > +            akm = DPP_AKM_PSK;
>
> PSK is the least secure option of those three included AKMs. This looks
> a really bad way of handling this case.. DPP_AKM_DPP is used here to
> pick the strongest option (and one that is actually mandatory to
> support). At minimum, this should use DPP_AKM_PSK_SAE which was defined
> in DPP v1.
>
> > +        } else if (akm == DPP_AKM_SAE_DPP) {
> > +            wpa_printf(MSG_DEBUG,
> > +                   "DPP: Convert DPP+legacy credential to WPA3 for
> > peer that does not support version 2");
> > +            akm = DPP_AKM_SAE;
> > +        }
>
> DPP AKM support is mandatory while SAE AKM support is optional. This
> does not really look like a good default behavior from the protocol view
> point.
>
> --
> Jouni Malinen                                            PGP id EFC895FA