From patchwork Mon Aug 5 09:33:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Shivani Baranwal X-Patchwork-Id: 1968981 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=P6ygLTj/; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=infradead.org header.i=@infradead.org header.a=rsa-sha256 header.s=desiato.20200630 header.b=gAEkjg9N; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=quicinc.com header.i=@quicinc.com header.a=rsa-sha256 header.s=qcppdkim1 header.b=AJeClLg/; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WcrtT5SLlz1yYD for ; Mon, 5 Aug 2024 19:36:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2XxXdKt2MV1JTG13sRZWhjuBSblHBMOP9fMj5LRChu0=; b=P6ygLTj/4Zvt8+ YtljHC6QtfO7urr3CeIaaUI7klp5TQGDUPVxX8/YaxvmrVZydVJj1nRcqTSdhy1BmN7lm+tL4Omj5 Mom5a/UkXYFju4ENshV1PH4ozgUrshkqZaLWTe4CjXk3/TZjWMw7r/LbaQk8vtQ5/NQYOKrYWYcCg ykyp6B8V1RV8Fg98T+F/NaGkAvqSiojTaMsaVlY+ElFS87qM+ipELYVMyIJ5SDIjOEjWm0xXmJ3Gy Tb+qsWGixMtQ6N3WRlH71EFov1mueON65W/t4SrXa6CYWzukUJUDKFewRZTM6lJ/pxit6PEjMeHYB 4skrY7dvBJna7TxTvP5A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sau8h-0000000FKQj-3R90; Mon, 05 Aug 2024 09:36:27 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sau7D-0000000FJ6T-19Uw for hostap@bombadil.infradead.org; Mon, 05 Aug 2024 09:34:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Type:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:CC:To:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=Bal0tkqUbP6iHFgbrABYkDRLnV92hL4e67Orca6MH2Q=; b=gAEkjg9NINMn1qvyGJ8ELV9RIo lBwIWgzNy1AerWTVc2UK/4RAZmD2bxAyj4XCypn2I8A7pDjRWMmzVKD3/Eoc/ku0wRSQ6u+QztCbi Aq5XN5csrf3AnTRwxQhfHtXXVrdqFE07lQ7cGLPH3KJiEdCqR/psDkvyqqCwLqjpmlcwAWnPkRXmk bLuKHi4bf9oH2RXb2ZWya41ZdtBueYQGdBUX17LZMo+TmtD1IwMMHvvtZOJL2wiA4TnJB/MdAgHb8 y9d0bxDSuYZQni4cAdhb/W3HAXHxKg1Cam3Ugt7HmX4HyzDWJUUXqJs7jNfJ7Mj7x6pX8Vd+a4BO4 8FuewQoQ==; Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by desiato.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sau77-00000006DiW-0thd for hostap@lists.infradead.org; Mon, 05 Aug 2024 09:34:52 +0000 Received: from pps.filterd (m0279870.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4752VWXW021365 for ; Mon, 5 Aug 2024 09:34:47 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=qcppdkim1; bh=Bal0tkqUbP6iHFgbrABYkDRL nV92hL4e67Orca6MH2Q=; b=AJeClLg/jV+WQUGWdXWeyRREfi2h2BOb7rACaq5S H25gDHshFfL2ZzSWMIi9Vje+U6ccCHgd/GmC4wjpaAiYjUjAcZkMogPKz0kwWbG0 vJd6o7qDQihpnPuevTgVENbm3J2RPHzFHVr7YUOHjQdQW2BDffYeswPy0dpOrgJb +E5Femeht7wAOXmq2ctTNdSqwpm+2ci8Xb2MTDswv90WRJcLptXs6PTh/KxC1LkR gKfpwkuKC+MzHBvP7U1U9sejMC1A+IHBf+GHMJ+zvxVBKLha57y9e9vTY/XizCMH 9QvkbKnAdM9O+qci1UxkY9hq6QS1dsYK6BgeL8ZLP4pKzA== Received: from nalasppmta02.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 40scmtuf6j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 05 Aug 2024 09:34:47 +0000 (GMT) Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA02.qualcomm.com (8.17.1.19/8.17.1.19) with ESMTPS id 4759YkkQ009144 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 5 Aug 2024 09:34:46 GMT Received: from hu-shivbara-hyd.qualcomm.com (10.80.80.8) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.9; Mon, 5 Aug 2024 02:34:44 -0700 From: Shivani Baranwal To: CC: Subject: [PATCH v3 23/25] P2P: Add support to store indentity key in conf file Date: Mon, 5 Aug 2024 15:03:21 +0530 Message-ID: <1722850403-8852-24-git-send-email-quic_shivbara@quicinc.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1722850403-8852-1-git-send-email-quic_shivbara@quicinc.com> References: <1722850403-8852-1-git-send-email-quic_shivbara@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: qYbuGzyuQueEHlQec-tXyuB_wNO_oada X-Proofpoint-GUID: qYbuGzyuQueEHlQec-tXyuB_wNO_oada X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-08-04_14,2024-08-02_01,2024-05-17_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 bulkscore=0 clxscore=1015 malwarescore=0 impostorscore=0 adultscore=0 phishscore=0 lowpriorityscore=0 priorityscore=1501 suspectscore=0 spamscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2407110000 definitions=main-2408050067 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240805_103449_695159_5884E3CA X-CRM114-Status: GOOD ( 21.58 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "desiato.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: When persistent is enabled, store identity key in conf file which is needed for pairing verification to invoke the persistent group. Signed-off-by: Shivani Baranwal --- wpa_supplicant/ctrl_iface.c | 3 + wpa_supplicant/p2p_supplicant.c | 161 +++++++++++++++++++++++++++++++++++++++- wpa_supplicant/p2p_supp [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org When persistent is enabled, store identity key in conf file which is needed for pairing verification to invoke the persistent group. Signed-off-by: Shivani Baranwal --- wpa_supplicant/ctrl_iface.c | 3 + wpa_supplicant/p2p_supplicant.c | 161 +++++++++++++++++++++++++++++++++++++++- wpa_supplicant/p2p_supplicant.h | 7 ++ 3 files changed, 169 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index d00cfda..5a5b9e4 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -12984,6 +12984,9 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strcmp(buf, "P2P_LO_STOP") == 0) { if (wpas_p2p_lo_stop(wpa_s)) reply_len = -1; + } else if (os_strcmp(buf, "P2P_REMOVE_IDENTITY") == 0) { + if (wpas_p2p_remove_all_identity(wpa_s)) + reply_len = -1; #endif /* CONFIG_P2P */ #ifdef CONFIG_WIFI_DISPLAY } else if (os_strncmp(buf, "WFD_SUBELEM_SET ", 16) == 0) { diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 903aa42..249390b 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -167,6 +167,8 @@ wpas_p2p_consider_moving_gos(struct wpa_supplicant *wpa_s, static void wpas_p2p_reconsider_moving_go(void *eloop_ctx, void *timeout_ctx); static int wpas_p2p_disallowed_freq(struct wpa_global *global, unsigned int freq); +static void wpas_p2p_store_go_identity(struct wpa_supplicant *wpa_s, + const u8 *go_dev_addr, const u8 *bssid); #ifdef CONFIG_PASN static int wpas_p2p_initiate_pasn_auth(struct wpa_supplicant *wpa_s, const u8 *peer_addr, int freq); @@ -1133,6 +1135,7 @@ static int wpas_p2p_persistent_group(struct wpa_supplicant *wpa_s, struct wpabuf *p2p; u8 group_capab; const u8 *addr; + int persistent; if (wpa_s->go_params) bssid = wpa_s->go_params->peer_interface_addr; @@ -1189,7 +1192,12 @@ static int wpas_p2p_persistent_group(struct wpa_supplicant *wpa_s, "go_dev_addr=" MACSTR, MAC2STR(bssid), group_capab, MAC2STR(go_dev_addr)); - return !!(group_capab & P2P_GROUP_CAPAB_PERSISTENT_GROUP); + persistent = !!(group_capab & P2P_GROUP_CAPAB_PERSISTENT_GROUP); + + if (persistent) + wpas_p2p_store_go_identity(wpa_s, go_dev_addr, bssid); + + return persistent; } @@ -3494,7 +3502,7 @@ static u8 wpas_invitation_process(void *ctx, const u8 *sa, const u8 *bssid, for (s = wpa_s->conf->ssid; s; s = s->next) { if (s->disabled == 2 && - ether_addr_equal(s->bssid, go_dev_addr) && + //ether_addr_equal(s->bssid, go_dev_addr) && s->ssid_len == ssid_len && os_memcmp(ssid, s->ssid, ssid_len) == 0) break; @@ -8568,6 +8576,107 @@ int wpas_p2p_invite_group(struct wpa_supplicant *wpa_s, const char *ifname, go_dev_addr, persistent, pref_freq, -1, 0); } +int wpas_p2p_remove_all_identity(struct wpa_supplicant *wpa_s) +{ + struct wpa_dev_ik *ik; + + for (ik = wpa_s->conf->identity; ik; ik = ik->next) + wpa_config_remove_identity(wpa_s->conf, ik->id); + + if (wpa_s->conf->update_config && + wpa_config_write(wpa_s->confname, wpa_s->conf)) { + wpa_printf(MSG_DEBUG, "P2P: Failed to update configuration"); + return -1; + } + return 0; +} + +static void wpas_p2p_store_identity(struct wpa_supplicant *wpa_s, u8 cipher, + u8 *dik_data, u16 dik_len, u8 *pmk, + u16 pmk_len, u8 *pmkid) +{ + u8 dik[64]; + struct wpa_dev_ik *ik; + + for (ik = wpa_s->conf->identity; ik; ik = ik->next) { + if (dik_len == ik->dik_len) { + hexstr2bin(ik->dik_data, dik, dik_len); + if (os_memcmp(dik_data, dik, dik_len) == 0) { + wpa_printf(MSG_DEBUG, + "P2P: Remove previous entry of peer"); + wpa_config_remove_identity(wpa_s->conf, ik->id); + break; + } + } + } + + wpa_printf(MSG_DEBUG, "P2P: Create a new Device Identity entry"); + ik = wpa_config_add_identity(wpa_s->conf); + if (ik == NULL) + return; + + ik->dik_data = os_zalloc(dik_len * 2 + 1); + if (!ik->dik_data) + return; + ik->pmk = os_zalloc(pmk_len * 2 + 1); + if (!ik->pmk) + return; + ik->pmkid = os_zalloc(PMKID_LEN * 2 + 1); + if (!ik->pmkid) + return; + + wpa_snprintf_hex(ik->dik_data, dik_len * 2 + 1, dik_data, + dik_len); + ik->dik_len = dik_len; + ik->dik_cipher = cipher; + + wpa_snprintf_hex(ik->pmk, pmk_len * 2 + 1, pmk, pmk_len); + ik->pmk_len = pmk_len; + + wpa_snprintf_hex(ik->pmkid, PMKID_LEN * 2 + 1, pmkid, PMKID_LEN); + + if (wpa_s->conf->update_config && + wpa_config_write(wpa_s->confname, wpa_s->conf)) + wpa_printf(MSG_DEBUG, "P2P: Failed to update configuration"); +} + + +static void wpas_p2p_store_go_identity(struct wpa_supplicant *wpa_s, + const u8 *go_dev_addr, const u8 *bssid) +{ + int ret; + u8 cipher; + u16 dik_len, pmk_len; + u8 *dik_data, *pmk, *pmkid; + u8 iface_addr[ETH_ALEN]; + struct wpa_supplicant *p2p_wpa_s = wpa_s->global->p2p_init_wpa_s; + + if (!wpa_s->p2p2) + return; + + ret = p2p_get_dev_identity_key(p2p_wpa_s->global->p2p, go_dev_addr, + &dik_data, &dik_len, &cipher); + if (ret) + return; + + ret = p2p_get_interface_addr(p2p_wpa_s->global->p2p, go_dev_addr, + iface_addr); + if (ret) { + wpa_printf(MSG_DEBUG, "P2P: Fetch PMK from go bssid" + "(bssid " MACSTR ")", MAC2STR(bssid)); + memcpy(iface_addr, bssid, ETH_ALEN); + } + ret = wpa_sm_pmksa_get_pmk(wpa_s->wpa, iface_addr, &pmk, &pmk_len, + &pmkid); + if (ret) + return; + + wpa_printf(MSG_DEBUG, "P2P: Storing Device identity of " + "client (Interface Addr " MACSTR ")", MAC2STR(iface_addr)); + wpas_p2p_store_identity(p2p_wpa_s, cipher, dik_data, dik_len, pmk, + pmk_len, pmkid); +} + void wpas_p2p_completed(struct wpa_supplicant *wpa_s) { @@ -9393,6 +9502,52 @@ struct wpa_ssid * wpas_p2p_get_persistent(struct wpa_supplicant *wpa_s, } +static void wpas_p2p_store_client_identity(struct wpa_supplicant *wpa_s, + const u8 *addr) +{ + int ret; + u8 cipher; + u16 dik_len, pmk_len; + u8 *dik_data, *pmk, *pmkid; + u8 iface_addr[ETH_ALEN]; + struct hostapd_data *hapd; + struct wpa_supplicant *p2p_wpa_s = wpa_s->global->p2p_init_wpa_s; + + if (!wpa_s->p2p2) + return; + + hapd = wpa_s->ap_iface->bss[0]; + if (!hapd) + return; + + ret = p2p_get_dev_identity_key(p2p_wpa_s->global->p2p, addr, + &dik_data, &dik_len, &cipher); + if (ret) + return; + + wpa_printf(MSG_DEBUG, "P2P: Fetch PMK from client" + "(Device Addr " MACSTR ")", MAC2STR(addr)); + ret = wpa_auth_pmksa_get_pmk(hapd->wpa_auth, addr, &pmk, &pmk_len, + &pmkid); + if (ret) { + wpa_printf(MSG_DEBUG, "P2P: Fetch PMK from client" + "(Iface Addr " MACSTR ")", MAC2STR(iface_addr)); + ret = p2p_get_interface_addr(p2p_wpa_s->global->p2p, addr, + iface_addr); + if (ret) + return; + ret = wpa_auth_pmksa_get_pmk(hapd->wpa_auth, iface_addr, &pmk, + &pmk_len, &pmkid); + if (ret) + return; + } + + wpa_printf(MSG_DEBUG, "P2P: Storing Device identity of " + "client (Device Addr " MACSTR ")", MAC2STR(addr)); + wpas_p2p_store_identity(p2p_wpa_s, cipher, dik_data, dik_len, pmk, + pmk_len, pmkid); +} + void wpas_p2p_notify_ap_sta_authorized(struct wpa_supplicant *wpa_s, const u8 *addr) { @@ -9434,6 +9589,8 @@ void wpas_p2p_notify_ap_sta_authorized(struct wpa_supplicant *wpa_s, wpa_s->global->p2p_go_wait_client.sec = 0; if (addr == NULL) return; + + wpas_p2p_store_client_identity(wpa_s, addr); wpas_p2p_add_persistent_group_client(wpa_s, addr); } diff --git a/wpa_supplicant/p2p_supplicant.h b/wpa_supplicant/p2p_supplicant.h index 1e5f77a..c9e9c78 100644 --- a/wpa_supplicant/p2p_supplicant.h +++ b/wpa_supplicant/p2p_supplicant.h @@ -233,6 +233,7 @@ struct wpabuf * wpas_p2p_usd_elems(struct wpa_supplicant *wpa_s); int wpas_p2p_pasn_auth_rx(struct wpa_supplicant *wpa_s, const struct ieee80211_mgmt *mgmt, size_t len, int freq); +int wpas_p2p_remove_all_identity(struct wpa_supplicant *wpa_s); #else /* CONFIG_P2P */ static inline int @@ -370,6 +371,12 @@ wpas_p2p_pasn_auth_rx(struct wpa_supplicant *wpa_s, return 0; } +static inline int +wpas_p2p_remove_all_identity(struct wpa_supplicant *wpa_s) +{ + return 0; +} + #endif /* CONFIG_P2P */ #endif /* P2P_SUPPLICANT_H */