3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 13:02:44 +01:00

dpp-util: allow for mutual authentication in i/r_auth

When using mutual authentication an additional value needs to
be hashed when deriving i/r_auth values. A NULL value indicates
no mutual authentication (zero length iovec is passed to hash).
This commit is contained in:
James Prestwood 2023-10-12 13:01:36 -07:00 committed by Denis Kenzior
parent 0c9df85f5e
commit 808f8eea34
3 changed files with 23 additions and 9 deletions

View File

@ -551,12 +551,14 @@ static bool dpp_hkdf(enum l_checksum_type sha, const void *salt,
bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce,
size_t nonce_len, struct l_ecc_point *i_proto,
struct l_ecc_point *r_proto,
struct l_ecc_point *i_boot,
struct l_ecc_point *r_boot,
void *r_auth)
{
uint64_t pix[L_ECC_MAX_DIGITS];
uint64_t prx[L_ECC_MAX_DIGITS];
uint64_t brx[L_ECC_MAX_DIGITS];
uint64_t bix[L_ECC_MAX_DIGITS];
size_t keys_len;
uint8_t zero = 0;
enum l_checksum_type type;
@ -565,24 +567,30 @@ bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce,
l_ecc_point_get_x(r_proto, prx, sizeof(prx));
l_ecc_point_get_x(r_boot, brx, sizeof(brx));
if (i_boot)
l_ecc_point_get_x(i_boot, bix, sizeof(bix));
type = dpp_sha_from_key_len(keys_len);
/*
* R-auth = H(I-nonce | R-nonce | PI.x | PR.x | [ BI.x | ] BR.x | 0)
*/
return dpp_hash(type, r_auth, 6, i_nonce, nonce_len, r_nonce, nonce_len,
pix, keys_len, prx, keys_len, brx, keys_len,
return dpp_hash(type, r_auth, 7, i_nonce, nonce_len, r_nonce, nonce_len,
pix, keys_len, prx, keys_len,
bix, i_boot ? keys_len : 0, brx, keys_len,
&zero, (size_t) 1);
}
bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce,
size_t nonce_len, struct l_ecc_point *r_proto,
struct l_ecc_point *i_proto,
struct l_ecc_point *r_boot, void *i_auth)
struct l_ecc_point *r_boot,
struct l_ecc_point *i_boot, void *i_auth)
{
uint64_t prx[L_ECC_MAX_DIGITS];
uint64_t pix[L_ECC_MAX_DIGITS];
uint64_t brx[L_ECC_MAX_DIGITS];
uint64_t bix[L_ECC_MAX_DIGITS];
size_t keys_len;
uint8_t one = 1;
enum l_checksum_type type;
@ -591,13 +599,17 @@ bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce,
l_ecc_point_get_x(i_proto, pix, sizeof(pix));
l_ecc_point_get_x(r_boot, brx, sizeof(brx));
if (i_boot)
l_ecc_point_get_x(i_boot, bix, sizeof(bix));
type = dpp_sha_from_key_len(keys_len);
/*
* I-auth = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [ BI.x | ] 1)
*/
return dpp_hash(type, i_auth, 6, r_nonce, nonce_len, i_nonce, nonce_len,
return dpp_hash(type, i_auth, 7, r_nonce, nonce_len, i_nonce, nonce_len,
prx, keys_len, pix, keys_len, brx, keys_len,
bix, i_boot ? keys_len : 0,
&one, (size_t) 1);
}

View File

@ -160,12 +160,14 @@ bool dpp_hash(enum l_checksum_type type, uint8_t *out, unsigned int num, ...);
bool dpp_derive_r_auth(const void *i_nonce, const void *r_nonce,
size_t nonce_len, struct l_ecc_point *i_proto,
struct l_ecc_point *r_proto,
struct l_ecc_point *i_boot,
struct l_ecc_point *r_boot,
void *r_auth);
bool dpp_derive_i_auth(const void *r_nonce, const void *i_nonce,
size_t nonce_len, struct l_ecc_point *r_proto,
struct l_ecc_point *i_proto,
struct l_ecc_point *r_boot, void *i_auth);
struct l_ecc_point *r_boot,
struct l_ecc_point *i_boot, void *i_auth);
struct l_ecc_scalar *dpp_derive_k1(const struct l_ecc_point *i_proto_public,
const struct l_ecc_scalar *boot_private,
void *k1);

View File

@ -1336,7 +1336,7 @@ static void authenticate_confirm(struct dpp_sm *dpp, const uint8_t *from,
dpp_derive_i_auth(dpp->r_nonce, dpp->i_nonce, dpp->nonce_len,
dpp->own_proto_public, dpp->peer_proto_public,
dpp->boot_public, i_auth_check);
dpp->boot_public, NULL, i_auth_check);
if (memcmp(i_auth, i_auth_check, i_auth_len)) {
l_error("I-Auth did not verify");
@ -1812,7 +1812,7 @@ static void authenticate_request(struct dpp_sm *dpp, const uint8_t *from,
if (!dpp_derive_r_auth(dpp->i_nonce, dpp->r_nonce, dpp->nonce_len,
dpp->peer_proto_public, dpp->own_proto_public,
dpp->boot_public, dpp->auth_tag))
NULL, dpp->boot_public, dpp->auth_tag))
goto auth_request_failed;
memcpy(dpp->peer_addr, from, 6);
@ -2016,7 +2016,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from,
}
if (!dpp_derive_r_auth(i_nonce, r_nonce, dpp->nonce_len,
dpp->own_proto_public, r_proto_key,
dpp->own_proto_public, r_proto_key, NULL,
dpp->peer_boot_public, r_auth_derived)) {
l_debug("Failed to derive r_auth");
return;
@ -2029,7 +2029,7 @@ static void authenticate_response(struct dpp_sm *dpp, const uint8_t *from,
if (!dpp_derive_i_auth(r_nonce, i_nonce, dpp->nonce_len,
r_proto_key, dpp->own_proto_public,
dpp->peer_boot_public, dpp->auth_tag)) {
dpp->peer_boot_public, NULL, dpp->auth_tag)) {
l_debug("Could not derive I-Auth");
return;
}